The Dutch Data Protection Agency (DPA) has raised new privacy concerns regarding how Windows 10 collects user data after a follow-up to an investigation it conducted in 2017.
In its original investigation, the privacy watchdog found Microsoft’s operating system to be in breach of local privacy laws over how it collects telemetry metadata. The company made changes to how Windows 10 operates in April of last year but while reviewing those changes, the Dutch DPA found new reasons for concern.
In a press release announcing its discoveries, the Dutch DPA noted that Microsoft had in fact improved privacy protection for its users though the agency also found new instances of personal data processing which require further investigation, saying:
“A follow-up check on the investigation carried out by the Dutch Data Protection Authority (Dutch DPA) in 2017 has shown that Microsoft has improved privacy protection for Windows users. However, the Dutch DPA also discovered new, potentially unlawful, instances of personal data processing. It has therefore asked its Irish counterpart to carry out a further examination into the privacy of Windows users.”
Windows 10 privacy concerns
While the Dutch DPA began its investigation before GDPR came into effect, the Irish Data Protection Commission (DPC) is now Microsoft’s main EU privacy regulator as its regional HQ is based there. This is why the Dutch agency reached out to the Irish DPC with its latest privacy concerns surrounding how Windows 10 collects data on its users.
The Irish DPC will now be responsible for investigating the matter in addition to the other open cases it has on tech giants that are suspected of GDPR violations. Under GDPR, companies found to be in violation of the regulation could be fined up to four percent of their annual global turnover.
The Dutch DPA advised Windows 10 users to pay close attention to privacy settings when installing and using Microsoft’s latest version of Windows, saying:
“The Dutch DPA advises users to pay close attention to privacy settings when installing and using Windows software. Microsoft is permitted to process personal data if consent has been given in the correct way.”
The Irish DPC’s investigation of these new claims will likely take some time but the question of whether or not Microsoft collects more data than it needs to on its users, will eventually be answered.
- Protect your online privacy with the best VPN services of 2019