Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Microsoft Privacy Windows

France: Windows 10 Collects 'Excessive Personal Data', Issues Microsoft With Formal Warning (betanews.com) 112

France's National Data Protection Commission (CNIL) has ordered Microsoft to "stop collecting excessive data and tracking browsing by users without consent," adding that Microsoft must comply with the French Data Protection Act within next three months. BetaNews reports: In addition to this, the chair of CNIL has notified Microsoft that it needs to take "satisfactory measures to ensure the security and confidentiality of user data." The notice comes after numerous complaints about Windows 10, and a series of investigations by French authorities which revealed a number of failings on Microsoft's part. Microsoft is accused of not only gathering excessive data about users, but also irrelevant data. The CNIL points to Windows 10's telemetry service which gathers information about the apps users have installed and how long each is used for. The complaint is that "these data are not necessary for the operation of the service."
This discussion has been archived. No new comments can be posted.

France: Windows 10 Collects 'Excessive Personal Data', Issues Microsoft With Formal Warning

Comments Filter:
  • by Anonymous Coward on Wednesday July 20, 2016 @03:27PM (#52548975)

    france will become silent and declare ms is a strategic partner in fighting terrorism. Until then, it intrudes privacy.

    Anyway, everybody who wants to protect their data should use linux.

    • Linux is 'only' a kernel. There are also the BSDs and Hurd (which is suprisingly functional, it runs at least one of the available nameserver daemons fine).

      You have to trust the distribution and for that you have to look at what it's made of.

      Just imagine that some distributions were packaging some tentacular piece of software (and buggy, of course, as free-of-bug is next to impossible in any complex system). It would be very convenient and relatively easy to hide something smelly there.

      Thankfully a good d

      • This. Please this. There are too many posts that offer linux as the cure for all ills, the perfect girlfriend who's always in the mood when you are, never gets tired of your body or your jokes, loves sports and video games and kung-fu action flicks, and can eat endless quantities of wings and pizza without adding an ounce to her perfect figure. The Chinese government offers a linux distro [makeuseof.com]. So does North Korea [makeuseof.com]. Gonna consider any of them... safe?

        Linux is only as good/secure as the software that runs on

  • by Anonymous Coward

    It's perfectly fine that Microsoft spies on you because Windows 10 is free! Unlike evil GOOGLE, who reads your email [bbc.com] to find people who do things they don't like!

    • by LichtSpektren ( 4201985 ) on Wednesday July 20, 2016 @03:31PM (#52549011)

      It's perfectly fine that Microsoft spies on you because Windows 10 is free! Unlike evil GOOGLE, who reads your email [bbc.com] to find people who do things they don't like!

      God, I'm tired of refuting this stupid shill argument. Google's services are free. They tell you explicitly what they do with your data. Google does not have a monopoly on email, you're free to use many other providers. Since I'm concerned about my privacy, I only use gmail as a spam box.

      Microsoft, on the other hand, has been evasive and deceptive about collecting peoples' data, completely silent about what they *do* with that information, and they collect all this info by leveraging their de facto monopoly on the desktop OS market (yes, you can use macOS or GNU, but billions of dollars of legacy Win32 programs and contracts are wrapped up on Microsoft's end, and so switching is not so simple for the privacy-concerned).

      • Re: (Score:2, Troll)

        by KingMotley ( 944240 )

        If by completely silent, you mean put it in the EULA, create blog entries, knowledge base articles, and at least half a dozen web pages about it, then I guess so. What would it take to not be completely silent in your eyes?

        • Re: (Score:3, Insightful)

          by Anonymous Coward

          Is someone whose computer suddenly upgraded to Windows 10 going to read the EULA bit-by-bit, especially when eyes glaze over at daunting EULA's so easily that they have given up their first born [slashdot.org] technically? No, their computer isn't working and they need to get in NOW, so they click OK.

          Plus even if it uninstalls, it's never going to be the same again. Windows 10 probably tore out who knows what doing the unwanted upgrade.

          And let's never mind the fact that Windows 10 is being dumped on just about every Int

        • What would it take to not be completely silent in your eyes?

          Content. That's all. Microsoft is very good at privacy statements and and reassuring that the telemetry they are collection will only be used for good ... without actually telling you what any of it actually is or showing it to you. What would it take to not be silent? How about something written by an engineer instead of a lawyer. Or how about writing words that actually say something rather than just appearing as meaningless text on a page.

      • by Arbitary5664 ( 1979712 ) on Wednesday July 20, 2016 @06:17PM (#52550021)
        Also, looks like you might be missing the difference between voluntary ad-supported business models and required ad-supported business models. Most people buying Windows 10 or 'getting it for free' do not realize they're going to be tracked day in and day out -- that's not how normal OSes work. Nor so they expect to have forced patches applied that put advertisements into their start menu. Oh, and telling the OS you want to turn it off doesn't actually turn it off. Those are major issues. Also, yeah, Google shouldn't be reading emails but they are a bit more transparent and they do offer add-ons for browsers to stop google analytics, etc. So still a better options than MS and much more transparent.
    • by Anonymous Coward

      It's perfectly fine that Microsoft spies on you because Windows 10 is free!

      I'm still on XP, looking to upgrade or build a new machine. Where do I get my free 'Win10?

      • You can still download the iso from Microsoft.

        • And how would he activate it? Which serial number should he use?

          • I think we've all been around long enough to know the answer to that one without having to spell it out... Otherwise, if you're doing an upgrade, the previous system's activation will work, until the end of the month, and after that you do what *needs to be done*.

            • It will only work if you have 7 or later. You're not even a competent shill.
              • It appears you need to take a remedial course in reading. I feel so very sorry if your 386 running DOS 3.3 won't upgrade. However, if you can do that, I will be very impressed.

          • by donaldm ( 919619 )

            And how would he activate it? Which serial number should he use?

            No problem. Do you see that sticker on your PC with the name Microsoft on it, you can use that code to activate your fresh Windows 10 installation providing that sticker was for Windows 7, 8 (you did upgrade to 8.1 didn't you?) and 8.1.

            Of course, you do have to agree to the EULA as well as inputting your legitimate activation code and then you will be sent, free of charge a magnificent set of gold plated chains with the promise that Microsoft will discreetly spy on you to provide a better slave (err! use

            • I take it you failed everything to do with reading comprehension in school. We are talking about Windows XP, not 7, not 8.1, but XP.
  • The largest issue here is creating the advertising ID and sending it over seas without user consent. This is pretty easy to comply with though, given it can all be done with a patch/UI modification.
    • by ausekilis ( 1513635 ) on Wednesday July 20, 2016 @04:20PM (#52549303)
      Peoples browsing/application/usage habits are unique enough that any generated random ID will be just as good and can likely uniquely identify an individual with very high accuracy. You've swapped one identifier for another. Privacy through obscurity?

      I doubt swapping a user identifier (first.last, userid, whatever...) for an advertising ID will work. After all, Facebook tracks you [lifehacker.com] by generating a random ID for every visit to a page that has a like button. If you are signed in, that page visit is tracked by them. If you sign in later, that page visit is retroactively added to your history. If you create an account later, that random ID is then merged with your account.

      Similarly, I almost never sign into any google stuff other than the infrequent email that for whatever reason I can't get on Thunderbird or my phone. Yet the ads I see when I do sign into gmail are for those same items I searched for days/weeks ago. Though with a phone, Google tracks your location [cnet.com] too. I seem to remember there being a patent on location-based coupons being sent to user phones some time ago...
      • Facebook got in trouble due to direct tracking, not some uniqueness identification techniques. What is possible in the engineering world and what is illegal in the eyes of the law usually don't agree.

  • by LichtSpektren ( 4201985 ) on Wednesday July 20, 2016 @03:32PM (#52549017)
    Most likely this will result in nothing, but I'm really, really hopeful that more countries will band together with France on this and hit Microsoft with some considerable sanctions, and switch off of Windows.

    At the very least, this is something I can show to aggravating Microsoft fans/shills who are still in complete denial about the Orwellian nature of Windows 10.
    • At the very least, this is something I can show to aggravating Microsoft fans/shills who are still in complete denial about the Orwellian nature of Windows 10.

      I'm not in denial, I just don't care... there is a difference...

      Windows 10 works very well, I'm happy with it over Windows 7, I don't really care that MS is collecting all this data, they can knock themselves out for all I care...

    • by AmiMoJo ( 196126 )

      I dunno, we got Windows N out of the last EU anti-trust investigation. Windows N is great, because it's exactly like normal Windows except without the pointless bloatware media player crap that you instantly replace with VLC anyway.

      Maybe we will eventually get Windows NP, with privacy enhancements that allow you to turn off the spyware.

  • About time too ! (Score:2, Informative)

    by Anonymous Coward

    It's about time Microsoft were forced to remove their spyware. Once again Europe seems the only place where there's even a pretence of respecting an individuals rights.

    Vive La France !

  • Could Microsoft make a special version of Windows 10 to comply with French or even EU regulators?
    • Re:Special Version (Score:5, Informative)

      by tlhIngan ( 30335 ) <slashdot.worf@net> on Wednesday July 20, 2016 @05:30PM (#52549735)

      Could Microsoft make a special version of Windows 10 to comply with French or even EU regulators?

      Of course they can.

      There already are special versions of Windows available - there's the "K" ones, which are specially made for Korea (not sure what it entails), and there's the "N" ones which lack media player (earlier Europe ruling).

      All Microsoft needs to do is modify the N build to exclude data collection or ask for user permission to collect data.

      You can see these builds when you make a Windows 10 image and click Advanced.

    • Could Microsoft make a special version of Windows 10 to comply with French or even EU regulators?

      It would be trivial. All they would have to do is turn off telemetry (etc.) the same as they do on the enterprise version.

  • What happens in Europe will stay in Europe. When Europe ruled that Microsoft bundled their media player and whatnot illegally, Microsoft released Windows N, which was only available in Europe (and MSDN subscribers if you wanna get picky). The rest of the world still got the regular version.

    If France/Europe/whatever is successful with this, I imagine Microsoft will simply do the same thing again.

    • by Anonymous Coward

      And compared to the USA, so called land of the free
      where:-
      - You can't sue Microsoft because you agreed to their EULA which they can change the terms any time they like
      - You have to try really hard to get a PC without Windows Spyware
      - And, you are stuck with Window 10 Spyware informing MS about what you are doing on your PC.

      Sorry, I'm going to raise a glass of French wine to the French. Way to go.

      • Your last two points are false.
        • Re:Windows N (Score:4, Insightful)

          by blackomegax ( 807080 ) on Wednesday July 20, 2016 @04:01PM (#52549207) Journal
          re: point 2. I know dell sells Linux laptops, I know some 3rd party ODM resellers sell linux laptops. But go to a brick and mortar and find me one. Go to dell.com and find them without diving really really deep into their website. Go to lenovo.com or acer.com and find me one at all. They ARE hard to find. MS encourages that practice.
          • No laptops with FreeDOS?, from MSI, etc. on retailer sites.
            That'd be the easiest to find, laptops with linux are very rare since no one wants to be left supporting it.

          • I don't know if this is still the case, but Microsoft would go so far as to give resellers unreasonable incentives, IIRC even paying them in some cases, to only sell Windows machines. Basically Microsoft made everyone offers they couldn't refuse. And boy did they win big with that gamble.

            I remember when the whole IE antitrust thing was going on, I was scratching my head and going, "But... But... What about all this". Oh well.

        • Re:Windows N (Score:5, Informative)

          by ilsaloving ( 1534307 ) on Wednesday July 20, 2016 @04:29PM (#52549353)

          But they arn't.

          Have you looked at the sheer amount of shovelware the average PC comes with? It's breathtaking. And a lot of it can be oddball stuff that you've never heard of before, by manufacturers you may well not have heard of. So you are forced to either reinstall the OS from scratch so you have a known clean system, or you have to vet every odd thing you find in your Programs and Features window, and even then hope that there is nothing else installed. And hopefully that's the end of it, which may not be the case. Lenovo has already been caught shoving insecure crapware into the UEFI bios that windows will automatically install whether you want it or not.

          Unless you purchase the Enterprise version of Windows 10, you cannot disable telemetry. Period. You cannot disable updates. Period. Microsoft also has the power to extract any and all data from your machine, remotely, without needing your consent first. You flat out do not have control of your own computer anymore if you use Windows 10. And incidentally, some US gov't judge has declared that people no longer have an expectation of privacy when using their computers in their own home. You do the math there.

  • by fustakrakich ( 1673220 ) on Wednesday July 20, 2016 @03:55PM (#52549161) Journal

    apps users have installed and how long each is used for... is not irrelevant at all.

    This is why, despite the apparent bloat, all applications should be completely self contained (portable, sandboxed, kinda) in their own folders (statically linked). So when you toss the folder, all traces of the app are gone with it. The old Macs were sort of like that. But with Microsoft, and Linux to an extent, they take a shotgun to your drive and then fill in the holes, splattering the application all over the place. It's kind of incestuous the way everything mixes up together. Apps that you don't even know about, running in the background cause many mysterious crashes. Sending the black box info to Microsoft has become necessary.

    I just run a personalized live system now. Boots factory fresh every time.

    • by swb ( 14022 )

      I've often asked the same question, and at first the answer was usually "disk space" as shared libraries cut the amount of space compiled executables needed since the code was in the libraries.

      Most recently, the answer has been "security updates" since you can just update the library and the application will inherit the security fixes.

      It's all application development stuff beyond my knowledge, but I do miss the days (like on old Macs) where the applications were one giant file and would Just Run without ins

      • Sometimes updating the library will break the app. So I still see no advantage.

        I think now the problem is licensing, distribution rights. But I don't want to get started on another copyright rant.

        • by swb ( 14022 )

          That may be the reason for commercial applications, but even in the free software space shared libraries are completely dominant, so dominant that in some cases it's becoming impossible to statically link even if you control the build process.

          I ran across this mailing list thread from Freebsd-Stable about static linking:

          http://freebsd.1045724.n5.nabb... [nabble.com]

          I'm not enough of a developer to fully comprehend the reasons, but it sounds like dynamic linking is so baked in that it's just not possible to statically li

          • Curses! Foiled by reason and logic, and legacy again! Damn Windows apps probably still need those DOS TSRs to work outside conventional memory too..

            I guess the only way to fake it is put the entire OS in the application folder, though that might be a bit bulky even by today's standards.

    • Mirekusoft Install Monitor [mirekusoft.com] tracks where an application get installed so it can be completely removed. Disclaimer: I developed it because I was tired of applications installing wherever they wanted.
    • by donaldm ( 919619 )

      I just run a personalized live system now. Boots factory fresh every time.

      You mean factory fresh that has a whole pile of adware which most PC's appear to have when purchased brand new.

      But with Microsoft, and Linux to an extent, they take a shotgun to your drive and then fill in the holes, splattering the application all over the place.

      Microsoft Windows yes but I have never seen major Linux distributions do that.

      If you really do need to run Windows 10, you must enjoy those gold plated chains, then it is very simple to get the ISO [microsoft.com]from Microsoft and go through the customized install, it is a real eyeopener. Even if you have just purchased a new PC which came with Windows 10 it is still a good idea to completely install from ISO

      • You mean factory fresh that has a whole pile of adware which most PC's appear to have when purchased brand new.

        :-) You assume much. By "factory" I meant this [slackbook.org]. I don't believe it contains any adware, but maybe I'm not looking hard enough. I do know that most Linux applications do install into more than one directory, and some of the pieces have really weird names. Not that I mind or anything, but I still prefer the simplicity of static links. You know, to reduce that whole dependency thing.

        I haven't tried W

        • by donaldm ( 919619 )

          You assume much. By "factory" I meant this [slackbook.org]. I don't believe it contains any adware, but maybe I'm not looking hard enough.

          At least with a Linux, BSD or Slackware distribution the chance you will get adware is very small. If you don't mind compiling everything from source then Slackware is fine, however, I actually prefer Fedora (currently 24) which I would not recommend for novices at least not on the first day a new distribution is released. Sure I could get sources and I am quite capable of compiling from source but I don't have the time or inclination to do so.

          Unless you are totally paranoid you do have to trust your pref

    • by GuB-42 ( 2483988 )

      So, you want docker containers ;)

      Shared libraries have many advantages :
      - Updates : when the library is updated (bugfix, security, ...) every app using it benefits from it, even if the app itself isn't updated
      - Disk space : no need to have several copies of the same thing.
      - Memory : read-only parts shared libraries are usually loaded only once in memory for all apps using it
      - Performance : an effect of the two previous points, results in faster loading time, better cache efficiency, ...

      The scattering of dat

      • I don't know about the Apple side of things but considering they are mostly closed system, package management is probably cleaner.

        This is what I'm talking about. Most Apple programs to this day can simply be copied, run, and deleted if desired, and it's gone.

  • by Anonymous Coward on Wednesday July 20, 2016 @03:58PM (#52549193)

    Apple Mail: using IMAP to my mail servers, pings 3 different apple servers while processing any new incoming email. NOWHERE in the chain does Apple need to be involved. Use any push service and they all much use Apple's control panel, and they all ping Apple servers right alongside whatever service you're using. Apple's official reason: "Ensure product is up to date and to cross reference any known security issues." That could just be done via a single update, say daily, completely unrelated to my personal accounts.

    They're all doing it and all in some sort of shitty dog race to see who can be the biggest asshole of the lot.

    • by Anonymous Coward

      You don't have to use Apple Mail. There are other email applications for OSX.
      I use Thunderbird.

    • I use Little Snitch, and I only notice "pings" by Apple Mail when it boots up. After that -- nothing. Of course so many emails try and phone home, but I deny those requests. Have you actually looked at what data is going to these servers?

      I don't care about pings -- I care about data. And other than crash reports, I'm not seeing Apple harvesting any. They are less intrusive than many games in my experience.

  • by blind biker ( 1066130 ) on Wednesday July 20, 2016 @04:14PM (#52549267) Journal

    But ok, I do have a comment: how come nobody in the EU is looking into the criminal activities of how Microsoft shoved Windows 10 down people's throats?

    • Because they don't have a legal leg to stand on if Microsoft can prove that all the installs of Windows 10 was due to idiot users not reading a page. Seriously we haven't been able to stop malware through any legal means, how do you propose we're to do with for an OS update?

    • by TroII ( 4484479 )

      The New York State Attorney General is soliciting reports [rocklandtimes.com] from consumers who had any kind of damages. Other state AGs might be sniffing around too. Microsoft's recent $10,000 loss [slashdot.org] is hopefully just the beginning.

      • by donaldm ( 919619 )

        The New York State Attorney General is soliciting reports [rocklandtimes.com] from consumers who had any kind of damages. Other state AGs might be sniffing around too. Microsoft's recent $10,000 loss [slashdot.org] is hopefully just the beginning.

        So Microsoft gets sued for a few billion dollars. The lawyers get the lion's share while the plaintiffs get the scraps and Microsoft get ten's or even hundreds of billions of dollars in advertising revenue. A win-win scenario for everyone.

  • Time to break out the guillotine for Microsoft execs!

    France, if you manage to bring Microsoft to heel, I promise, no more 'surrender' jokes!
  • by BrendaEM ( 871664 ) on Wednesday July 20, 2016 @06:03PM (#52549945) Homepage

    The U.S. Federal Trade Commission all about being on its hands and knees, blowing Microsoft. The concerns, security, and well-being of American. citizens just doesn't matter to them.

  • Smoke screen alert here. What the commission is telling Microsoft is not that they have a problem with their humongous private data collection, but with the fact that M$ won't share that data with the French/Euro government.

Simplicity does not precede complexity, but follows it.

Working...