Slashdot Mirror
EU Data Supervisor Probes EU Bodies' Software Deals with Microsoft (reuters.com)
EU data protection authorities are investigating whether the European Commission and other EU institutions comply with the bloc's strict data privacy rules in their software deals with Microsoft. From a report: The 28-country European Union adopted the landmark General Data Protection Regulation (GDPR) about a year ago, giving Europeans more control over their online information and privacy enforcers the power to impose hefty fines. The European Data Protection Supervisor (EDPS), which monitors the bloc's 70 institutions on their GDPR compliance, launched its investigation on Monday. The probe will look into the Microsoft products and services used by the institutions and whether the contractual agreements between them and the U.S. software company are GDPR-compliant. "When relying on third parties to provide services, the EU institutions remain accountable for any data processing carried out on their behalf," said Assistant EDPS Wojciech Wiewiorowski
And it is not an Enterprise/Government Edition deployment with telemetry turned off, they definitely are not. Go read the EULA for Windows 10 Home/Professional. It explicity gives Microsoft the right to snoop on both your keystrokes/mouse movement as well as file names/hashes, and even if they determine it is necessary (quite a vague definition here) they can upload files from your computer, as well as mirror them into the cloud.
So yeah Microsoft projects from Windows 8/10 and up are definitely NOT GDPR compliant.
They don't comply with GPDR.
At all.
-- Tigger warning: This post may contain tiggers! --