European privacy watchdogs concerned about Windows 10's data collection methods

A group of European privacy watchdogs is going to investigate whether Windows 10 properly deals with personal data. In a letter to Microsoft the watchdogs express their concerns about the  protection of private data in the latest Windows version.

ADVERTISEMENT

The letter is signed by Isabelle Falque-Pierrotin, chairwoman of the Article 29 Working Party, a partnership of privacy watchdogs of all countries in the European Union.

The organisations are concerned about the default settings of Windows 10 and, "an apparent lack of control for a user to prevent collection or further processing of data". They are also concerned about the scope of the data that is collected.

In the letter (PDF) the watchdogs state to appreciate that Microsoft recently introduced new privacy tools, including a website where users can gain more control over the way Microsoft collects data. With the upcoming Creators Update also the privacy settings within Windows will be simplified and it will be possible to opt-out of more data collection methods Microsoft utilizes.

ADVERTISEMENT

However, according to the privacy watchdogs it's still unclear how new and existing Windows 10 users will be informed about the data collection. They point out that collection of personal data is only allowed if users are properly informed and give their consent.

Windows 10 users send all kinds of data to Microsoft, which according to the company, are used to improve the services it offers. This includes information about the user's device, crashes and app usage. Private data such as the contents of emails and documents are not sent to the Redmond software giant.

During the installation of Windows 10 the OS  setting 'full data collection' is enabled by default, but users can opt to switch to a 'basic' setting where less data is collected. The privacy watchdogs feel that this is still not sufficient information for users, in the letter they state about this, "the proposed new explanation when, for example, a user switches the level of telemetry data from 'full' to 'basic' that Microsoft will collect 'less data' is insufficient without further explanation. Such information currently is also not available in the current version of the privacy policy."

ADVERTISEMENT

They are also worried that users are not properly informed on why Microsoft collects data, and call for the company to be more specific about that, "the purposes for which Microsoft collects personal data have to be specified, explicit and legitimate, and the data may not be further processed in a way incompatible with those purposes. Microsoft processes data collected through Windows 10 for different purposes, including personalised advertising. Microsoft should clearly explain what kinds of personal data are processed for what purposes."

In a response to the letter, Microsoft has stated to listen carefully to the comments of the Article 29 Working Party and that the company wants to cooperate with the organisation. The changes Microsoft will release in an upcoming update to Windows 10, "reflect our commitment to the protection of user data", according to the company.

No posts to display