Microsoft Privacy Violations
-
Euro data watchdog has 'serious concerns' as to whether EU deals with Microsoft obey GDPR
The way Windows 10 is configured is critical, and the report concludes that if the Timeline is disabled and telemetry set to the lowest level, there are "no high data protection risks resulting from the diagnostic data collection in Windows 10".
The Dutch report on Office 365 is less positive, particularly with regard to Office mobile apps and Office Online, for which "five high data protection risks" are identified. "Until Microsoft takes measures to mitigate these risks, government organisations should refrain from using Office Online and the mobile Office apps included in Office 365 licence," it states. There is also advice that "in order to prevent continued vendor lock-in, government organisations are advised to conduct a pilot with alternative open-source productivity software". That said, if all recommended measures are followed, "there are no more known high data protection risks for data subjects related to the collection of data about the use of Microsoft Office 365 ProPlus", it concludes.
In July 2019, the Dutch government published a "State of Play" memo [PDF] indicating that Microsoft had largely resolved the issues which prevented Office from meeting GDPR requirements. "Microsoft has now made the most urgent changes in accordance with the improvement plan. These were tested by SLM Microsoft Rijk in June 2019 and found to be in order," it says.
This explains why the EDPS now states that the agreement forged between Microsoft and the Dutch government is a model for the rest of the EU. "The EDPS is of the opinion that such solutions should be extended not only to all public and private bodies in the EU, which is our short-term expectation, but also to individuals."
-
EU's Microsoft probe throws up 'serious concerns' over GDPR compliance
"Though the investigation is still ongoing, preliminary results reveal serious concerns over the compliance of the relevant contractual terms with data protection rules and the role of Microsoft as a processor for EU institutions using its products and services," it said.
-
EU data watchdog raises concerns over Microsoft contracts
Microsoft’s (MSFT.O) contracts with European Union institutions do not fully protect data in line with EU law, the European Data Protection Supervisor (EDPS) said in initial findings published on Monday.
[...]
The EU introduced new rules on data protection in 2018, known as GDPR, applicable to all companies operating in the bloc and designed to give individuals more control over their personal data and to create a more level playing field for businesses.
“We are committed to helping our customers comply with GDPR, Regulation 2018/1725 and other applicable laws,” a Microsoft spokesman said.
“We are in discussions with our customers in the EU institutions and will soon announce contractual changes that will address concerns such as those raised by the EDPS.”
The EDPS has worked with the Dutch ministry of justice, which carried out risk assessments last June and found that public authorities in member states face similar issues
The two have since set up a forum designed to set up fair rules for public administrations.
The EDPS said there is “significant scope” for improvement of contracts with powerful software developers and that contractual terms and technical safeguards agreed between the Dutch ministry and Microsoft were a positive step forwards.
- Login or register to post comments
- Printer-friendly version
- 2267 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago