Windows 10: Microsoft violates Dutch data protection law in the way it processes the data of users who use the operating system Windows 10, the country's data protection agency said.
On Friday (today), the Dutch Data Protection Authority (DPA), Autoriteir Persoonsgegevens said Microsoft does not inform users of Windows 10 Home and Windows 10 Pro about the personal data it collects and why it does.
They also stated that the company does not allow users to give their consent to the processing of their personal data. It is not known in what ways the data is used, now and in the future.
The DPA added that Microsoft "does not clearly inform users that it continuously collects personal data related to application usage and web browsing behavior through the Edge browser when default settings are used." settings".
“It turns out that Microsoft's operating system is tracking every step you take on computer your."
"It results in building a profile of yourself," said Wilbert Tomesen, vice president of the regulator.
Just as with a French regulatory inquiry into Windows 10 data collection, much of the problem is that telemetry data. The system data used by Microsoft to detect and fix errors and collect information about its products can also be termed "personal data" when associated with a specific user.
The data includes information about applications installed, how often they are used, and information about user behavior on the web.
The Authority stated that Microsoft offers two levels of telemetry: basic and full. At the base level, limited data are being processed to use the device, but full telemetry makes detailed data processing of apps as well as navigational behaviors through Edge and inkpad.
"The way Microsoft collects data at full telemetry level is unpredictable. Microsoft may use the collected data for various purposes that are described in a very general way. "Through this generality and lack of transparency, Microsoft cannot have a legal background without a consent to the processing of data," he said.
The Dutch DPA warned that after Microsoft promised to end its "violations", if it does not keep its promise, sanctions will be imposed on the company.
In response, Marisa Rogers, who is responsible for the protection of personal data in Windows, said that the company gives priority to compliance with the Dutch data protection law, but that it also has "specific concerns about the accuracy of certain conclusions of the Dutch DPA . ”
