Windows 10 'telemetry' snoops on your data without users having any choice to say no. Surely a massive no-no under the European General Data Protection Law. This required that either the data grab is either essential or else consent has been gained. And
Microsoft never asks for consent, it just grabs it anyway.
Now the Dutch Data Protection Office (DPO) is asking how Microsoft complies with GDPR. It has referred Windows 10 to the data protection authority in Ireland, where Microsoft is headquartered
The case stems from the Dutch data-protection agency's (DPA's) findings in pre-GDPR 2017. At that time, the agency found that Microsoft didn't tell Windows 10 Home and Pro users which personal data it collects and how it uses the data,
and didn't give consumers a way to give specific consent.
As part of the Windows 10 April 2018 Update, Microsoft last year released new privacy tools to help explain to users why and when it was collecting telemetry data. And by April 2018, the
Dutch DPA assessed that the privacy of Windows 10 users was greatly improved due to its probe, having addressed the concerns raised over earlier versions of Windows 10.
However, the Dutch DPA on Tuesday said while the changes Microsoft made last
year to Windows 10 telemetry collection did comply with the agreement, the company might still be in breach of EU privacy rules. The earlier investigation brought to light that Microsoft is remotely collecting other data from users. As a result,
Microsoft is still potentially in breach of privacy rules.
Ireland's DPA has confirmed it had received the Netherlands' request.