AMSTERDAM (Reuters) – Microsoft is remotely collecting data from users of Windows Home and Windows Pro, in a potential breach of privacy rules, the Dutch Data Protection Agency (DPA) said on Tuesday.
The DPA said it had found the practices while it was testing privacy protection changes in Windows made last year by Microsoft at the agency’s request.
“Microsoft has complied with the agreements made,” DPA said. “However, the check also brought to light that Microsoft is remotely collecting other data from users. As a result, Microsoft is still potentially in breach of privacy rules.”
The Dutch regulator said it had forwarded its findings to its counterpart in Ireland, where Microsoft has a headquarters.
The Irish Data Protection Committee (DPC) said it had received the information from the Dutch regulators last month.
“The DPC has had preliminary engagement with Microsoft and, with the assistance of the Dutch authority, we will shortly be engaging further with Microsoft to seek substantive responses on the concerns raised”, it said.
Microsoft said it was committed to protecting the privacy of its customers, and had improved privacy features for individuals and small business users of Windows 10 in recent years.
“We welcome the opportunity to improve even more the tools and choices we offer to these users,” the company said.
(Reporting by Bart Meijer; Additional reporting by Foo Yun Chee in Brussels and Conor Humphries in Dublin; Editing by Edmund Blair and Jan Harvey)