The way Microsoft processes Windows 10 telemetry violates the Dutch data processing laws, according to a report by the Dutch Data Protection Authority (DDPA). Users are not properly informed which data Microsoft uses and for what purpose.
Besides that, Windows 10 also doesn't offer an option to sent no data to Microsoft at all. Data collection can only be limited by users. According to the DDPA it's unclear for users which data is collected. This way users don't know that with the default setting their installed apps, the software they use and the sites they visit in Edge are sent to Microsoft.
Microsoft has indicated to the DDPA that it wants to end all violations, so it no longer breaches Dutch law. If the company doesn't, the DDPA can impose a sanction on the software giant.
The DDPA has not mentioned any specific sanction but Dutch media reports this could be a fee which Microsoft has to pay as long as it doesn't adhere Dutch law. Windows 10 is used by 4 million users in the Netherlands, according to the DDPA.
Microsoft has released a PDF with its reaction to the DDPA's report. The company doesn't agree with all conclusions and the document is full of explanations on how Microsoft does offer users a choice, does state on its website which data is collected and why and that a lot of collected data is so technical that it isn't even understandable for the end-user to know why it's important data.
Nevertheless, the company has stated to be willing to fully cooperate with the DDPA to make sure Windows 10 no longer violates any Dutch (privacy) law.
