Windows 10 caught breaking privacy laws by collecting personal data through browser Ede
By Agence France-Presse
Dutch authorities claim Microsoft’s Windows 10 operating system is violating data protection and privacy laws, and warned they may impose fines on the US technology giant.
“Microsoft breaches the Dutch data protection law by processing personal data of people that use the Windows 10 operating system on their computers,” the Dutch Data Protection Authority (DPA) said in a statement late Friday.
The company fails to “clearly inform” users of Windows 10 that it “continuously collects personal data about the usage of apps and web surfing behaviour through its web browser Edge, when the default settings are used,” the DPA said.
“It also does not clearly inform users about the type of data it uses, and for which purpose”, while not providing a valid way “to consent to the processing of their personal data”.
The authority said it had investigated several versions of Windows 10, which has been installed on four million active devices in The Netherlands since it was launched in July 2015.
It found that “through the default setting” Microsoft “systematically charts information about app usage of users.”
So the company could for example gather information about such apps being used as “a Turkish newspaper, or a magazine targeted at gay people, an app that indicates Islamite prayer times,” the authority said in its report.
That would allow Microsoft to target the user with personalised recommendations and adverts.
“Microsoft has indicated that it wants to end all violations. If this is not the case, the Dutch DPA can decide to impose a sanction on Microsoft,” the authority warned.
It also said that the Windows 10 Fall Creators Update, set to be released globally on October 17, “falls short” and does not fully address the issues.
Microsoft said in a statement that it does not believe the Dutch findings “accurately reflect the data protection compliance of Windows 10.”
But the company “will continue to cooperate with the DPA to find appropriate solutions,” Microsoft devices group privacy officer Marisa Rogers said.