Users warned of Microsoft data harvesting

News
By published

Dutch investigators discover Microsoft Office and Windows 10 collected telemetry data

Microsoft could soon face sanctions over its data collection methods after Dutch investigators discovered that the way the software giant collects data poses a risk to user privacy.

According to a report commissioned by the Dutch government, both Microsoft Office and Windows 10 use a telemetry data collection mechanism that is in breach of GDPR.

The findings of the report highlighted eight high-risk data protection risks with ProPlus subscriptions of Office 2016 and Office 365 including unlawful storage of sensitive types of data and metadata as well as keeping data beyond the required time period.

The investigators also discovered that the company categorized itself as a data processor when it should have been a joint-controller.

Collecting data without cause

Microsoft methodically collected data about how individuals use Word, Excel and PowerPoint without first informing users. The company also did not give them the option to opt out of having their data collected.

Alarms were raised when the Dutch investigators discovered that there was no documentation on the type of personal data Microsoft processed or why it was collecting the data in the first place. The fact that the company also routinely sent data to the US also raised serious concerns.

Dutch officials were particularly concerned that sensitive government data may have been collected and then sent to US servers that are subject to seizure or query by US law enforcement.

Microsoft and the Dutch government have since reached an agreement which the country's officials outlined in a statement, saying:

"On 26 October 2018 agreement was reached on an improvement plan in which Microsoft undertook to adapt its products for use by the Dutch government in compliance with the GDPR and other applicable legislation. Microsoft has agreed to report regularly on its progress. If progress is deemed insufficient or if the improvements offered are unsatisfactory, SLM Microsoft Rijk will reconsider its position and may ask the Data Protection Authority to carry out a prior consultation and to impose enforcement measures."

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
hacker.jpeg
Key trusted Microsoft platform exploited to enable malware, experts warn
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Oracle
Oracle denies data breach after hacker claims to hold six million records
Latest in News
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Cassian Andor looking nervously over his shoulder in Andor season 2
New Andor season 2 trailer has got Star Wars fans asking the same question – and it includes an ominous call back to Rogue One's official teaser
Ncuti Gatwa as The Fifteenth Doctor in Doctor Who
Disney+ drops new trailer for Doctor Who season 2 that promises an epic adventure across time and space
23andMe
23andMe is bankrupt and about to sell your DNA, here's how to stop that from happening
A phone showing a ChatGPT app error message
ChatGPT was down for many – here's what happened
AirPods Max with USB-C in every color
Apple's AirPods Max with USB-C will get lossless audio in April, but you'll need to go wired
More about security
Lock on Laptop Screen

Medusa ransomware is able to disable anti-malware tools, so be on your guard
hacker.jpeg

Key trusted Microsoft platform exploited to enable malware, experts warn
Microsoft

"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
See more latest
Most Popular
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Ncuti Gatwa as The Fifteenth Doctor in Doctor Who
Disney+ drops new trailer for Doctor Who season 2 that promises an epic adventure across time and space
Cassian Andor looking nervously over his shoulder in Andor season 2
New Andor season 2 trailer has got Star Wars fans asking the same question – and it includes an ominous call back to Rogue One's official teaser
23andMe
23andMe is bankrupt and about to sell your DNA, here's how to stop that from happening
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
hacker.jpeg
Key trusted Microsoft platform exploited to enable malware, experts warn
A screenshot from Indiana Jones and the Great Circle showing Indiana Jones
Indiana Jones and the Great Circle finally gets PS5 release date and I can't wait to don the fedora and crack the whip
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Tuesday, March 25 (game #387)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Tuesday, March 25 (game #653)
Quordle on a smartphone held in a hand
Quordle hints and answers for Tuesday, March 25 (game #1156)