Microsoft Responds To Allegations That Windows 10 Collects 'Excessive Personal Data'

BetaNews's Mark Wilson writes: Yesterday France's National Data Protection Commission (CNIL) slapped a formal order on Microsoft to comply with data protection laws after it found Windows 10 was collecting "excessive data" about users. The company has been given three months to meet the demands or it will face fines. Microsoft has now responded, saying it is happy to work with the CNIL to work towards an acceptable solution. Interestingly, while not denying the allegations set against it, the company does nothing to defend the amount of data collected by Windows 10, and also fails to address the privacy concerns it raises. Microsoft does address concerns about the transfer of data between Europe and the US, saying that while the Safe Harbor agreement is no longer valid, the company still complied with it up until the adoption of Privacy Shield. It's interesting to see that Microsoft, in response to a series of complaints very clearly leveled at Windows 10, manages to mention the operating system only once. There is the promise of a statement about privacy next week, but for now we have Microsoft's response to the CNIL's order.

If what is collected is benign ...

[Alain+Williams]

and nothing that any of us should worry about, then why is there not a way in which the PC's user can view all of the data that is sent to Microsoft? This should include a plain English explanation of everything. After all: why should a PC's owner not see what it sends ?

Disclaimer: I do not have any MS product

Win 10 - Illegal for doctors and libraries?

With MS's failure to address this, I wonder if this confirms that Windows 10 is essentially illegal to use in Doctor offices across the US, as well as Public Libraries? Both institutions have federal laws on records preventing the sharing of information with third parties unless noted by the patient/patron specifically.

As such, the use of Windows 10 for either may well be illegal.

Re:Got that, Microsoft shills?

[WheezyJoe]

When you use a Google product, like Maps for instance, there's something of informed consent going on. You know you're being tracked, it's right there on your smartphone screen. But it gets weird where the OS itself may be doing the snooping, regardless of whether you're using an app or not. Microsoft has this past reputation of baking things deep into the OS (*cough* internet explorer *cough*) in order to gain an advantage over its competitors, and here there's a case to be made that they're leveraging their dominance on the desktop to get with modern times and start making money through targeted ads, STARTing with their lackluster app store (heh heh, see that I did there?)

I have yet to hear a case where this collection of data was detrimental to an individual. And please, don't bring up the bandwidth usage because that's a drop in the bucket compared to what ads run on most websites.

You're right. All we know definitively is that there's a lot of traffic sent by Windows back to Microsoft, but there's little reliable data concerning what it is. We have to take on faith that the data does not include information about the contents of your C drive. But think about it. You can choose not to store anything on Google Drive if you are paranoid about their search routines, but if Windows is gonna index everything from the C drive to the "secure" thumb drive in the USB port, where are you gonna save to?

This is a big deal. Like it or not, people use Windows for work, medical records, attorney docs and shit, and not all of them can pay for a fancy Enterprise license which permits a trained Microsoft nerd some control over what's going on. A statement from Satya to the effect of "we will not spy on your shit, nor will we give up what we do have even if the FBI comes knockin" would be most re-assuring (even if non-binding), but we don't even get that!