Microsoft Vows To 'Honor' California's Sweeping Privacy Law Across Entire US

Microsoft said on Monday that it would honor the "core rights" provided to Californians through the state's landmark data privacy law and expand that coverage across the entire United States. The Verge reports: In a Monday blog post, Julie Brill, Microsoft's chief privacy officer, said that the company will extend the main principles of the California Consumer Privacy Act (CCPA) across the U.S. just as it did with Europe's General Data Protection Regulation (GDPR) last year. The law goes into effect in California on January 1st, 2020. CCPA, which was approved in June 2018, is one of the fiercest and most sweeping data privacy regulations in the U.S. It's somewhat similar to GDPR. Under CCPA, companies must disclose to users what personal data of theirs is being collected, whether it is sold and to whom, and allow users to opt out of any sales. Users must also have access to their data and be able to request that a company delete it.

"Under CCPA, companies must be transparent about data collection and use, and provide people with the option to prevent their personal information from being sold," Brill wrote. "Exactly what will be required under CCPA to accomplish these goals is still developing." Brill continued, saying that Microsoft will closely monitor any changes to how the government asks companies to enforce the new transparency and control requirements under CCPA. "CCPA marks an important step toward providing people with more robust control over their data in the United States," Brill wrote. "It also shows that we can make progress to strengthen privacy protections in this country at the state level even when Congress can't or won't act."

State of the world

[samwichse]

I immediately read this as "Microsoft already found a loophole in the law that will allow them to abuse their customers while earning brownie points.

Re:

[paralumina01]

why the fuck are they allowed to use customers to do unpaid labour for them?

Because of ads. Microsoft is diversifying itself to make it less susceptible to swings in markets. They started out making software, moved onto hardware, and are now into advertising. Can't forget about Azure and the Microsoft cloud being everywhere either.

I am certain they will expand into something like movie or TV production soon, maybe they're own streaming service.

Re:

[blahplusplus]

Windows 10 should be illegal. It's pure spyware, through and through. Microsoft have enough money to pay for a QA team, so why the fuck are they allowed to use customers to do unpaid labour for them?

The same reason world of warcraft, everquest, apple/android mobile and steam werene't illegal. The public is too stupid to make rational market decisions and is clueless to the political implications of buying stolen software that is split into two chunks. The fact that RPG gacha games are run on the phone except the minority of info tracking stats, available set flags for microtransaction purchaes means we've entered dystopia territory.

The internet is one giatn world sized computer that software companie

Re:

[Ryzilynt]

I immediately read this as "Microsoft already found a loophole in the law that will allow them to abuse their customers while earning brownie points.

It is far easier and far less expensive and logistically feasibly to comply with one law than it is to comply with a different law in every state.

"Your personal information" isn't what you think

[Strill]

The problem with these policies is that as far as tech companies are concerned, your personal information is not information ABOUT you, it's information PROVIDED BY you. In other words, if some stranger tells these companies what my phone number is, there's nothing I can do to stop that. Only that stranger has the right to revoke that information.

But they will not

[oldgraybeard]

tell us what Windows 10 sends and allow users a way to completely disable all of their telemetry crap.
I cal BS on this Microsoft statement! They are just doing what they ALWAYS do. see how great we are Trust Us!

Just my 2 cents ;)

Re:

[drinkypoo]

The EULA allows them to collect basically any information from your PC including screenshots and keystrokes, so I've always just assumed that they collect everything interesting, and send it all home.

Re:

[AHuxley]

Always give Windows something fun to collect on.
Just like they did with PRISM..

Re:

[Rockoon]

Also, make sure you have a 12 year old install your Windows, making the EULA legally questionable at the very least.

Re:

[Rick Schumann]

Which is the primary reason I quit Microsoft entirely and use Ubuntu.

Re:

[ArchieBunker]

Did you know that Ubuntu collects data and sends it to Amazon?

Re:

[Rick Schumann]

Objectively wrong. Go troll somewhere else.

Re:

[drinkypoo]

Did you know you can trivially remove that by removing the Amazon lens? Or that Ubuntu is dropping Unity and that functionality will be lost in the mists of time?

Re:

[Daltorak]

tell us what Windows 10 sends and allow users a way to completely disable all of their telemetry crap.

Microsoft has already done that -- you just need to know where to look! If you want to know exactly what diagnostic/telemetry data Windows 10 is sending, turn on the Diagnostic Data Viewer: Settings -> Privacy -> Diagnostics & feedback > View diagnostic data. Microsoft has documented most of it on their web site [microsoft.com] as well.

And if you want to turn off all telemetry reporting in Windows, but you aren't using the Education or Enterprise editions (which do allow telemetry to be turned off) then look up a tool called WPD. It's a GUI built on top of the open-source WindowsSpyBlocker [github.com] github repo that documents all the domain names, IP addresses, etc. that have been used with Microsoft telemetry.

Re: But they will not

[zkiwi34]

In other words, you cannot turn Microsoftâ(TM)s data sucking off.

Ironic that msft are now doing no evil

[AddisonEzekiel]

And Google is, unlike FB, in bed with China, doing evil. While their crazed employees turn a blind eye to their companies embrace of a country that's literally gunning down protesters in HK. The shift in just a decade is amazing. (typed on brave browser)

Given the existence of Win10

[zkiwi34]

How could that satisfy any privacy rule that did not state that all your data belongs to Microsoft?

California

[awwshit]

California uber alles

Really..

[fred911]

To honor implies intent, how about if they comply.

  Or, do they believe they're above the law or is it they have enough cash to litigate it and not worry?

MS honors privacy laws?

[Opportunist]

A few more zingers like that and you have a standup routine.

Of course they will

[brunes69]

Much like GDPR protects EU citizens everywhere in the world, CCPA protects Californians everywhere in the world. It doesn't matter where you were geographically situated when you access the site , or where the servers live - if you are a Californian, the site must comply.

As such, implementing CCPA on anything but a company wide basis makes absolutely no sense.

It's the same reason GDPR made these changes take effect globally for most people as well.

Re:

[luther349]

sounds nice on paper but California cant tell another country what to do or even another state.

Good old microsoft

[paper_sextoy]

It was sure fun auditing windows 10. And indeed, telemetry can be removed... for the most part. Once you do that MS will try to reinstall the files on updates and make things a royal pain. It got to the point where I had to extract the updates and manually install cabs with DISM. Even better, every time I changed something in settings, the app itself tries to connect to microsoft servers to let them know. On LTSB, with most datareporting gutted. People using stuff like ShutUp10 are probably missing a huge

Microsoft? Honor?

[OneHundredAndTen]

That's been a paradigm of oxymoronicity for decades now.