Yet again, Windows has been accused of violating it’s consumers privacy and this time it may have broken the law. The Dutch Privacy Authority (DPA) claims that Microsoft has broken Dutch privacy laws.
The DPA detailed that Microsoft would automatically opt in Windows 10 Home and Pro users to a setting which allowed Windows to collect personal information. An move which is not enough to consent to the privacy violation in the Netherlands, and, therefore, the DPA has claimed that Windows has broken the law. The regulator also states that Windows Creators Update has further ignored consumer privacy by not respect the previous operating systems settings on the matter.
“…people cannot provide valid consent for the processing of their personal data, because of the approach used by Microsoft. The company does not clearly inform users that it continuously collects personal data about the usage of apps and web surfing behaviour through its web browser Edge, when the default settings are used. “
Data on app usage, web surfing behaviour, and parts of handwritten documents via inkpad are recorded by Microsoft according to the DPA. Microsoft uses collected data from opted in users to fix errors, security and to give personalized advertisements on Microsoft Edge and in the Windows Store.
Microsoft has since published a response and seeks to adhere to the Dutch law, however it’s questioned the accuracy of the Dutch regulators concerns. The DPA has stated that they will sanction Microsoft if they do not adhere to Dutch law.
“We have also shared specific concerns with the Dutch DPA about the accuracy of some of its findings and conclusions … A summary of the points in the DPA’s announcement, which we believe do not accurately reflect the data protection compliance of Windows 10 Home and Windows 10 Pro under Dutch law, can be found here.”