Want to share with your friends too?

23 Jul 2016

Microsoft gets a French reprimand against excessive data tracking

The Microsoft-France data privacy row

The French National Data Protection Commission (CNIL) gave a formal notice to Microsoft regarding Windows 10 security and privacy concerns.

In a firm notice, Microsoft Corporation was told to "stop collecting excessive data and tracking browsing by users without their consent."

Microsoft needs to comply within 3 months.

CNIL's main concern is that Microsoft is making mass surveillance easy for the government.

In context

The Microsoft-France data privacy row

Windows 10 under CNIL scanner since its launch

France's data privacy agency CNIL had started investigating Windows 10 soon after the operating system was launched in July 2015 at the behest of "media reports and letters from several French political parties".

Similar notices

CNIL's reprimands to Google and Facebook

In 2015, the CNIL issued similar warnings against US tech companies against excessive browser tracking.

Google was ordered to extend Europe's "right to be forgotten" rule to cover all Google sites.

Earlier this year, it directed Facebook to end tracking the web browsing of non-users, according the company 3 months to comply with its orders.

Love Business news?

Stay updated with the latest happenings.

Notify Me


Points of worry for the CNIL

The CNIL found that Microsoft was monitoring apps being downloaded and the time spent on each one.

Further, Microsoft used cookies to push personalized ads without accurately notifying users or enabling them to opt out.

Moreover, the 4-character PIN system employed to reach Microsoft services was insecure, because there was no upper-limit on the number of attempts.

What Microsoft had to say

23 Jul 2016

What Microsoft had to say

Microsoft vice-president David Heiner told the media that Microsoft "will work closely with the CNIL over the next few months to understand the agency's concerns fully and to work toward solutions that it will find acceptable."

He also said that Microsoft was looking to sign a new EU-U.S. Privacy Shield, a more stringent framework that would replace "safe harbour" agreement.

Safe harbour agreement

The safe harbour agreement was made between the "EC and the US government essentially promised to protect EU citizens' data if transferred by American companies to the US." It is no longer considered valid by Europe.

Ask NewsBytes
User Image

Next Timeline