EU challenges Windows 10 data gathering

European Union data-protection representatives have reissued concerns over Microsoft's Windows 10. Having proposed changes last month intended to address issues over user data protection relating to Windows 10 settings, Microsoft remains under scrutiny by the Article 29 Working Party, it says: "As the scope of the personal data necessary for the functionalities of the operating system has not been adequately clarified, open questions remain about the proportionality of the personal data that are being processed by Windows 10 for different purposes. In light of the above, which are separate to the results of ongoing inquiries at a national level, even considering the proposed changes to Windows 10, the Working Party remains concerned about the level of protection of users’ personal data."

Further: "The purposes for which Microsoft collects personal data have to be specified, explicit and legitimate, and the data may not be further processed in a way incompatible with those purposes. Microsoft processes data collected through Windows 10 for different purposes, including personalised advertising. Microsoft should clearly explain what kinds of personal data are processed for what purposes. Without such information, consent cannot be informed, and therefore, not valid. As the scope of the personal data necessary for the functionalities of the operating system has not been adequately clarified, open questions remain about the proportionality of the personal data that are being processed by Windows 10 for different purposes."

Data-protection authorities in the UK, Germany, France, Spain, Netherlands, Hungary and Slovenia have commenced reviews of the situation.