The Dutch Data Protection Agency has claimed that Microsoft is gathering data from users of its Windows 10 operating system without their express permission, in a follow-up investigation into changes made as a result of a 2017 complaint.
Microsoft's telemetry system, built into every copy of Windows 10, has long been a subject of controversy: Even ignoring updates which revert users explicit opt-outs, the telemetry system gathers a vast amount of data - detailed, following a complaint to the Dutch Data Protection Agency (DPA) in 2017, in a 31,000-word document covering only the telemetry system's bottom-end Basic level of information gathering. While the company is now investigating means to monetise privacy, it is also facing a second investigation from the Dutch DPA claiming that the company may still be breaching European privacy regulations.
Speaking to newswire agency Reuters, the Dutch DPA confirmed that while Microsoft has abided by changes the regulator had requested last year it is continuing to collect swathes of data from other users - leaving it, the regulator claims, 'still potentially in breach of privacy rules.'
The findings from the Dutch DPA's investigation have been forwarded to the Irish Data Protection Committee, which oversees Microsoft's European headquarters. Microsoft, meanwhile, has confirmed to Techcrunch that it is aware of the investigation. 'The Dutch Data Protection Authority has in the past brought data protection concerns to our attention, which related to the consumer versions of Windows 10, Windows 10 Home and Pro,' the company explains. 'We will work with the Irish Data Protection Commission to learn about any further questions or concerns it may have, and to address any further questions and concerns as quickly as possible.'
The investigation is believed to be limited to Windows 10 Home and Pro; the company's Enterprise variant allows for telemetry to be turned off entirely, a feature not available in lesser releases.
May 15 2020 | 11:00