Before laptops, music players and smart phones, Microsoft was strictly a software company, making a name for itself by building the operating system of choice for IBM’s personal computer. As the decades passed and the market evolved, Microsoft has released new patches, updates and even new operating systems. But lately, each major new iteration has been accompanied by a wave of bad press and unfavorable reviews. While some of that is surely the public’s reluctance to embrace change, Microsoft has often stumbled with offerings that were perhaps not yet fully ripe.
In unveiling its latest offering, Windows 10, Microsoft has discovered a new potential pothole in its quest to mine user data and gather information on browsing habits. As user information becomes more and more valuable for everything from product development to market research, France’s privacy watchdog, the CNIL, has determined that Microsoft has finally overstepped its bounds.
The National Data Protection Commission sent Microsoft a formal warning in June that was only recently made public, giving the software giant three months to stop collecting “excessive” user data and to ensure compliance with the French Data Protection Act.
The CNIL and similar groups from other nations have expressed concerns over the operating system since its consumer launch almost one year ago. Features billed as being in the owner’s best interest, like Wi-Fi password sharing and the inability to opt out of update patches, have registered on the spectrum of concern. Even more so, parents can request weekly updates on their children’s computer use, and much of the user data is set to collect and share by default with Microsoft’s servers, without first requesting permission from the user.
While concerns have existed for months, the French body conducted an exhaustive series of its own tests to gain a better understanding of what data was at risk and how it was being shared. The results of the seven tests yielded “many failures,” chief among them an overall lack of security, excessive data collection and lack of user consent.
Microsoft has until the end of September to return to good standing with their data habits or risk fines starting at 1.5 million euros. While the dollar amount, in the grand scheme of things, isn’t especially high, the more damaging move was to make the notice public, to help ensure that users understood the gravity of the situation.
Microsoft has had little to say about the accusations to date, other than that it’s willing to work with French authorities to remedy the situation. Hardly the first to receive such a notice, Google has previously come under fire for “right to be forgotten” requests pertaining to search results, and Facebook has been criticized for tracking the activity of non-users back in February. Both companies received a similar three-month warning and worked with the CNIL to ensure that all regulations were being adhered to.
Veltec Networks is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at (408) 849-4441 or send us an email at info@veltecnetworks.com for more information.