The Berlin data commissioner has posted warnings that when using Skype and Microsoft Teams, others may be able to listen in to the conversation and Microsoft is not happy.
In a May 5th letter to the commissioner, leaked to German publication T-Online, Microsoft demanded that commissioners “remove and take back incorrect statements as quickly as technically possible,” warning that their reputation and business is being significantly damaged.
The commissioner’s “Checklist for Conducting Video Conferences During Contact Restrictions”, specifically warn Microsoft Teams, Skype and Zoom do not meet the commissioner’s data protection conditions, saying they violate GDPR and may even be questionable under criminal law. The commissioner noted that Microsoft Teams and Skype are prominent examples of the risks described.
Microsoft denied that “videoconferences run the risk of being listened to and recorded by unauthorized persons, even on behalf of third parties” as the commissioner claimed.
Microsoft wants these warnings removed, as it is preventing public organizations such as schools from implementing products such as Microsoft 365 in schools, and says they were not consulted before these warnings were put in place.
Microsoft did not make any legal threats but has already released a press release denying the issue, saying the risks do not exist, and saying any data which is collected and shared and for telemetry and diagnostic reasons, and are not used for profiling, data analysis, market research or advertising.
Regular readers will, of course, remember the scandal when it was discovered that staff at 3rd party companies in China were listening to Skype conversations to assess the quality of calls, and while Microsoft says they are no longer using these companies, it is clear that the telemetry issue is much less clear cut than Microsoft pretends.