Throwback Friday – Dutch regulators unsatisfied with Microsoft’s Windows 10 privacy improvements

It seems when it comes to Privacy and the EU, whatever Microsoft does may not be enough.

After changes to Windows 10 in the Creators update satisfied the French National Data Protection Commission (CNIL) we thought that was the end of official concerns around Windows 10 data collection in the region, but now, on the eve of the Fall Creators Update, Dutch regulators have once again accused Microsoft of breaking data protection laws due to not giving users enough information about the information Microsoft itself gathers.

The Dutch Data Protection Authority (DPA) complained that Microsoft does not give consumers enough information to allow them to give valid consent for Microsoft to gather their usage data while using Windows 10. This was despite changes in the earlier Creators Update.

They note:

Microsoft does not clearly inform users about the type of data it uses, and for which purpose. Also, people cannot provide valid consent for the processing of their personal data, because of the approach used by Microsoft. The company does not clearly inform users that it continuously collects personal data about the usage of apps and web surfing behaviour through its web browser Edge, when the default settings are used.

They also complained under some circumstances Microsoft may reset their choices back to Microsoft’s own more generous default.

“It turns out that Microsoft’s operating system follows about every step you take on your computer. That results in an intrusive profile of yourself”, said Wilbert Tomesen, vice-chairman of the Dutch DPA. “What does that mean? Do people know about this, do they want this? Microsoft needs to give users a fair opportunity to decide about this themselves”.

Microsoft denied the allegations, but said they would work with the regulators “find appropriate solutions.”

Microsoft is already set to release further privacy improvements with the Windows 10 Fall Creators Update.

With the W10 FCU Microsoft is now displaying Privacy Statement within the setup process allowing consumers to go through it before completing the process. Second, the Learn More page on the privacy settings screen will allow users to go to specific settings for location, speech recognition, diagnostics, tailored experiences, and ads while they choose your privacy settings. With this change, users need not sift through the privacy statement if they only want to read about a specific feature.

Also with the W10 FCU whenever a Windows Store app tries to access location of a user, Windows 10 already displays a prompt to the user to grant or deny permission. With Windows 10 Fall Creators Update, Microsoft is expanding this experience to other device capabilities such as your camera, microphone, contacts, and calendar for apps you install through the Windows Store. This change will keep users informed about which apps use their information.

For enterprise customers, Microsoft is introducing a new setting that limits diagnostic data to the minimum required for Windows Analytics.

Hopefully, these improvements will be enough, as regulators say of Microsoft does not “end all violations” it will face sanctions.

Via Ars Technica

Some links in the article may not be viewable as you are using an AdBlocker. Please add us to your whitelist to enable the website to function properly.