Cnil finds Microsoft in breach of French data protection law

News IT France 21 JUL 2016
Cnil finds Microsoft in breach of French data protection law
French data privacy agency Cnil has found Microsoft's Windows 10 OS in breach of French data protection law and has given the company three months to remedy its numerous failings. Following an investigation initiated earlier this year, Cnil has exposed a number of breaches relating to Windows 10 policies. 

These include the excessive collection of user data, the lack of security in one of the OS authentication systems, the presence of an advertising ID activated by default, the absence of information regarding the option to block cookies, and the practice of transferring personal data outside the EU on a 'safe harbour' basis. If Microsoft fails to comply with Cnil's requests within the given timescale, it can face sanctions under the French Data Protection Act.

Categories:

ITMobile

Companies:

Microsoft

Countries:

France

Tags:

Regulations, IT - applications, Wholesale

Related Articles

FRANCE 5 DEC 2017

French data protection agency issues formal notice to connected toys company

Data protection agency Cnil has issued a formal notice to Hong Kong-based company Genenis Industries Limited over its failure to comply with French data protection law. The agency found that two of the company's connected toys, the robot 'I-QUE' and the doll 'My Friend Cayla', breached the right to privacy because of a lack of security in Bluetooth communication, enabling automatic pairing without manual PIN entry.

EUROPE 21 FEB 2017

EU regulators questions Windows 10 data protection

EU privacy regulators have written again to Microsoft about concerns its Windows 10 operating system does not respect data protection regulations, Reuters reports. The company was alerted last year already about the concerns of the so-called Article 29 Working Group, which unites the EU's data protection regulators. They say the default settings on Windows 10 don't offer enough protection, and users need more information about how their data is being used. While Microsoft has introduced a new installation s

FRANCE 4 AUG 2016

Two French companies are fined for premium rate number fraud

French anti-fraud and consumer protection agency DGCCRF has announced that one of its investigations led to the conviction of a company owner for fraudulent activities carried out by two of his companies, involving premium rate numbers. The two companies, 123soleil.com and Holding 123 MediaCorp, have been fined EUR 300,000 and EUR 500,000 respectively, while their owner was found guilty and received a suspended sentence of two years in prison and a EUR 250,000 fine.

FRANCE 3 AUG 2016

Cnil extends scope of enforcement for cookie legislation

French data protection agency Cnil has announced that it will extend the monitoring and enforcement of cookie legislation to include all partners and third parties playing a role in the online advertising ecosystem. The agency will publish more details on the wider scope of its controls in the coming months.

FRANCE 19 MEI 2016

Google appeals French data protection decision

Google has lodged an appeal against a EUR 100,000 fine handed down by French data protection commission Cnil, which found that the search engine company failed to take down certain search results in other countries. The internet giant argues that the regulator cannot order it to do anything elsewhere than in France. Cnil sees things differently. It claims that the 'right to be forgotten' has no borders precisely because the internet has no borders.  

GERMANY 1 MRT 2016

German consumer group sues Microsoft over Windows privacy

A consumer group in German region North Rhine-Westphalia has filed a lawsuit against Microsoft for inadequate personal data protection rules in the terms and conditions for Windows 10. The group said that the new version of Windows relies much more on cloud services sending data over the internet, and the default settings on features such as the personal assistant Cortana and Edge browser mean a range of user data is transferred to Microsoft servers. In order to obtain the free upgrade to Windows 10, users

FRANCE 9 FEB 2016

Facebook given 3 months to comply with French privacy act

French data protection authority Cnil has issued formal notice to Facebook to come into line with the country's Data Protection Act within 3 months or face a potential penalty. The Cnil objects to several ways in which the social networking pioneer collects personal data, including information about internet users who do not have a Facebook account. Facebook offers no tools to allow users to prevent the compilation and transfer to third parties of user-provided information, which "violates their fundamental

Just In

19 DEC 16:42

SLT-Mobitel launches 5G network in Sri Lanka

19 DEC 16:19

Dialog Axiata launches 5G network, connects 1.5 million subscribers

19 DEC 15:56

UK govt to ban AI-enabled nudification apps to protect women, girls

19 DEC 15:42

3 UK launches last-minute Christmas sale

Commentary

13:56

Video market set for slower growth ahead

11:38

Netflix buys Warner Bros to deepen content catalogue

11:11

KPN's mixed performance in Q3 raises questions for strategy day

15:26

Stock markets breaking records but what happened to Odido's IPO plans?

Background

01:04

The week in telecom: Wi-Fi bolt-ons take off to boost broadband growth, video market works on consolidation

01:39

The week in telecom: Netflix wins bidding for Warner Bros, Apple poaches new execs, Samsung debuts trifold

13:51

Proximus vs. Telenet: Proximus performs better in Q3 while Telenet uses up cash

14:16

Proximus Domestic still struggling with low margins

Complete profile

Before downloading the whitepaper, we would like to ask you to complete your profile with company and position. After confirming you will receive the white paper.