Language Selection

English French German Italian Portuguese Spanish

Microsoft Privacy Violations

Filed under
Microsoft
  • Euro data watchdog has 'serious concerns' as to whether EU deals with Microsoft obey GDPR

    The way Windows 10 is configured is critical, and the report concludes that if the Timeline is disabled and telemetry set to the lowest level, there are "no high data protection risks resulting from the diagnostic data collection in Windows 10".

    The Dutch report on Office 365 is less positive, particularly with regard to Office mobile apps and Office Online, for which "five high data protection risks" are identified. "Until Microsoft takes measures to mitigate these risks, government organisations should refrain from using Office Online and the mobile Office apps included in Office 365 licence," it states. There is also advice that "in order to prevent continued vendor lock-in, government organisations are advised to conduct a pilot with alternative open-source productivity software". That said, if all recommended measures are followed, "there are no more known high data protection risks for data subjects related to the collection of data about the use of Microsoft Office 365 ProPlus", it concludes.

    In July 2019, the Dutch government published a "State of Play" memo [PDF] indicating that Microsoft had largely resolved the issues which prevented Office from meeting GDPR requirements. "Microsoft has now made the most urgent changes in accordance with the improvement plan. These were tested by SLM Microsoft Rijk in June 2019 and found to be in order," it says.

    This explains why the EDPS now states that the agreement forged between Microsoft and the Dutch government is a model for the rest of the EU. "The EDPS is of the opinion that such solutions should be extended not only to all public and private bodies in the EU, which is our short-term expectation, but also to individuals."

  • EU's Microsoft probe throws up 'serious concerns' over GDPR compliance

    "Though the investigation is still ongoing, preliminary results reveal serious concerns over the compliance of the relevant contractual terms with data protection rules and the role of Microsoft as a processor for EU institutions using its products and services," it said.

  • EU data watchdog raises concerns over Microsoft contracts

    Microsoft’s (MSFT.O) contracts with European Union institutions do not fully protect data in line with EU law, the European Data Protection Supervisor (EDPS) said in initial findings published on Monday.

    [...]

    The EU introduced new rules on data protection in 2018, known as GDPR, applicable to all companies operating in the bloc and designed to give individuals more control over their personal data and to create a more level playing field for businesses.

    “We are committed to helping our customers comply with GDPR, Regulation 2018/1725 and other applicable laws,” a Microsoft spokesman said.

    “We are in discussions with our customers in the EU institutions and will soon announce contractual changes that will address concerns such as those raised by the EDPS.”

    The EDPS has worked with the Dutch ministry of justice, which carried out risk assessments last June and found that public authorities in member states face similar issues

    The two have since set up a forum designed to set up fair rules for public administrations.

    The EDPS said there is “significant scope” for improvement of contracts with powerful software developers and that contractual terms and technical safeguards agreed between the Dutch ministry and Microsoft were a positive step forwards.

More in Tux Machines

Proprietary Dangers: Microsoft Entrapment and Open Automation Software

today's howtos

Ubuntu: AWS, Podcast, Robotics and Snapcraft

  • Ubuntu Blog: Introducing the Ubuntu AWS Rolling Kernel

    The linux-aws 4.15 based kernel, which is the default kernel in the Ubuntu 18.04 LTS AMIs, is moving to a rolling kernel model. [...] The Ubuntu rolling kernel model provides the latest upstream bug fixes and performance improvements around task scheduling, I/O scheduling, networking, hypervisor guests and containers to our users. Canonical has been following this model in other cloud environments for some time now, and have found it to be an excellent way to deliver these benefits while continuing to provide LTS level stability.

  • Ubuntu Podcast from the UK LoCo: S12E35 – Feud

    This week we’ve been talking to the BBC about Thinkpads and Ubuntu goes Pro. We round up the news from the Ubuntu community and discuss our picks from the wider tech news. It’s Season 12 Episode 35 of the Ubuntu Podcast! Alan Pope and Martin Wimpress are connected and speaking to your brain.

  • The State of Robotics – November 2019

    November, for robotics, was a good month. We’re seeing new things develop, current projects finish and more cute animals in our future. So who can complain? The news we’re covering here are things that have crossed our path and that we’ve found interesting. If you have suggestions for next months post or your own projects you would like us to highlight, don’t hesitate to get in touch. Send an email and a brief summary to robotics.community@canonical.com and we can start the discussion. As ever we want this to be a highlight reel for cool robot stuff because we like cool robot stuff. Happy December everyone.

  • Simplifying hardware management during Linux development

    Every few months we release a Snapcraft update, with improvements to both Linux development, and snap user experience. Last week, we released Snapcraft 3.9, and this blog post will focus on the remote build feature that is now a fully accessible preview. Let’s dig deeper into why you need to try remote build, and how you can use it today.

Security: Cyber Security Today, Opportunistic Wireless Encryption (OWE) and Latest Patches

  • Cyber Security Today – An email gift card scam, please stop re-using passwords and more open data found on Amazon storage

    Welcome to Cyber Security Today. It’s Friday December 6th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.

  • NetworkManager Adds Support For Enhanced Open / Opportunistic Wireless Encryption

    Opportunistic Wireless Encryption (OWE) provides a means of encrypting wireless data transfers without having any secret/key. Opportunistic Wireless Encryption is advertised as Wi-Fi Certified Enhanced Open. This OWE / "Enhanced Open" standard is now supported by NetworkManager for allowing supported devices connecting to Linux systems to make use of this means of opportunistic encryption. The Wi-Fi CERTIFIED Enhanced Open has been around just since summer of 2018 to better secure open WiFi networks. More details on the standard can be found via Wi-Fi.org.

  • Security updates for Friday

    Security updates have been issued by Debian (libav), Fedora (kernel, libuv, and nodejs), Oracle (firefox), Red Hat (firefox and java-1.7.1-ibm), SUSE (clamav, cloud-init, dnsmasq, dpdk, ffmpeg, munge, opencv, and permissions), and Ubuntu (librabbitmq).