• Home
  • News
  • Artificial Intelligence
  • Internet of Things
  • Open Source
  • Hardware
  • Software
  • Security
  • Whitepapers
  • Data Strategy Spotlight
  • Newsletters
  • Whitepapers
    • Inqlogo 120x194
      Five things you should look for in choosing a Testing provider

      Choosing a Testing Partner can be complex.  So what do you look for?  This guide offers insight into the qualities you must look for in choosing a Testing provider.  Download now to learn more.

      Download
      Inqlogo 120x194
      Your questions answered: How to protect your data in the cloud

      The number of successful cyberattacks per year per company has increased by 46% over the last four years. But what really needs to be considered when exploring a solution? What questions need to be asked? Download to find out...

      Download
      Find whitepapers
      Search by title or subject area
      View all whitepapers
  • Follow us
    • RSS
    • Twitter
    • LinkedIn
    • Newsletters
    • Facebook
    • Google+
    • YouTube
  • Newsletter
  • Industry Voice
  • Data Strategy Spotlight
The Inquirer
The Inquirer
  • Home
  • News
  • Artificial Intelligence
  • Internet of Things
  • Open Source
  • Hardware
  • Software
  • Security
  • Trending
  • MWC 2019
  • Article 13
  • AMD Radeon VII
  • Galaxy S10
  • Nvidia GTX 1660 Ti 
The Inquirer
  • Security

Microsoft Office data telemetry breaches GDPR, Dutch investigators rule

Report concludes Redmond offers a lack of control and visibility for users

Microsoft Office data telemetry breaches GDPR, Dutch investigators rule
Microsoft needs to take steps to comply with GDPR
  • Chris Merriman
  • Chris Merriman
  • @ChrisTheDJ
  • 15 November 2018
  • Tweet  
  • Facebook  
  • Google plus  
  •  
  •  
  • Send to  
0 Comments

MICROSOFT IS FACING a huge fine this morning after Dutch investigators concluded that the company's data collection in its Office suite breaks European rules.

The report cites issues with the ProPlus subscription for the desktop suite and the web-based version of Office 365, which could mean the mega-corp is in breach of the EU's GDPR legislation which came into force in May.

The report, commissioned by the Dutch government, administered by SLM Rijk and cited by ZDNet, suggests that the telemetry collected during use of the package was not fully documented by Microsoft, nor was there an option to turn it off.

The issue isn't so much the regular telemetry, which even the report acknowledges is just a part of modern software. But Microsoft seems to be collecting subject lines from emails and full sentences that are run through a spelling and grammar checker or the translation tool.

In fact, in total 25,000 'events' are recorded and the data can be seen by up to 30 teams of engineers. Compare this with Windows 10 which collects 1,200 event types, shared with 10 engineering teams.

Yeah, it's still a lot, but compare the two - maaaaaan. 

Microsoft is apparently working with the EU on a solution that meets criteria without leaving a mess. It has also pledged to provide the missing documentation, provide options for levels of collection and create a tool for sysadmins and users that will let them see exactly what dirt Microsoft has.

A lot of the collection items on the list are quite technical and for the tool to be much use, there will also need to be some sort of glossary or a plain English version of the listings.

GDPR has some serious teeth when it comes to the improper use of data with Microsoft potentially on the hook for up to two per cent of the company's annual revenue, a minimum of 10 million Euros. μ

Further reading

  • Software
Opera is going to get rid of all those annoying GDPR cookie popups
  • 06 Nov 2018
  • Security
Apple's Tim Cook is hot for GDPR and wants stricter US data laws
  • 24 Oct 2018
  • Security
Facebook faces GDPR probe as watchdog confirms breach hit three million EU users
  • 17 Oct 2018
  • Hardware
Microsoft reveals Windows 10 connection endpoints to comply with GDPR
  • 26 Jul 2018
  • Tweet  
  • Facebook  
  • Google plus  
  •  
  •  
  • Send to  
  • Topics
  • Security
  • Security
  • Privacy
  • Microsoft
  • EU
  • Windows

INQ Latest

Samsung's first 5G smartphone is a supersized S10 with quad cameras
Samsung's first 5G smartphone is a supersized S10 with quad cameras

But it won't be launching until the summer

  • Phones
  • 20 February 2019
Galaxy S10 price, release date and specs: Samsung launches Galaxy S10, S10+ and S10e
Galaxy S10 price, release date and specs: Samsung launches Galaxy S10, S10+ and S10e

And they'll be available to pre-order from today

  • Phones
  • 20 February 2019
Samsung Galaxy S10e hands-on review
Samsung Galaxy S10e hands-on review

Firm takes on the iPhone XR with its first 'affordable' flagship

  • Phones
  • 20 February 2019
Samsung Galaxy S10+ hands-on review
Samsung Galaxy S10+ hands-on review

Firm looks to be on to another set of winners with its latest flagships

  • Hardware
  • 20 February 2019
Back to Top

Most read

Galaxy S10 price, release date and specs: Samsung launches Galaxy S10, S10+ and S10e
Galaxy S10 price, release date and specs: Samsung launches Galaxy S10, S10+ and S10e
AMD tipped to launch Ryzen 3 desktop CPUs, Navi GPUs in July
AMD tipped to launch Ryzen 3 desktop CPUs, Navi GPUs in July
iPhone 11 release date, specs and price: 2019 iPhones might offer reverse wireless charging
iPhone 11 release date, specs and price: 2019 iPhones might offer reverse wireless charging
Google Chrome 72 hit by a pair of weirdly ironic bugs
Google Chrome 72 hit by a pair of weirdly ironic bugs
Password managers are storing plain-text master passwords in PC memory
Password managers are storing plain-text master passwords in PC memory
  • Contact
  • Marketing solutions
  • Enterprise IT Events
  • About Incisive Media
  • Terms & conditions
  • Privacy policy
  • RSS
  • Twitter
  • LinkedIn
  • Newsletters
  • Facebook
  • Google+
  • YouTube

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017