Windows 10 Privacy, it seems like a never ending story that just won't get away. France's National Data Protection Commission (CNIL) served Microsoft with a formal notice on July 20, 2016 asking the company to comply with the French Data Protection Act within three months.
The claim? Microsoft's Windows 10 operating system is used for "collecting excessive data and tracking browsing by users without their consent". Additionally, the commission wants Microsoft to "ensure the security and confidentiality of user data".
The working group found the following issues during its investigation:
CNIL gives Microsoft a three month period to work on the issues identified by the commission. Failure to comply might lead to sanctions against Microsoft.
Some findings of the commission are puzzling or require explanation. The commission states that users may set up a four-digit PIN for easier access to Windows, and while technically correct, users may select a PIN with more digits as well.
While Microsoft could highlight the fact that selecting a shorter PIN code makes it easier for attackers to get in using brute force, I cannot really see the company at fault here.
The advertising ID is enabled by default, but only if users don't select the custom installation options when presented to them. One could argue that this should be opt-in and not opt-out, or that Microsoft should display the options on first launch to give users a chance to modify them, but is is quite common on the Internet and in software that things like these are opt-out.
Now You: What's your take on the commission's findings?Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.