14 DAY TRIAL // A report published by Privacy Company for the Dutch Ministry of Justice and Security indicates that Microsoft hasn’t yet addressed all privacy concerns that the software giant agreed to resolve.
Privacy Company says that while some Windows and Office versions are already in compliance with a set of privacy rules outlined by the Dutch government, others, including here Windows 10 Enterprise, Microsoft Office Online, and Office mobile apps, are still collecting data and sending it to the United States.
The report (via The Reg) recommends Dutch authorities to stop using the affected products or to configure them in a way that would reduce the amount of telemetry data that is being logged when using the software.
“Microsoft has not yet implemented these improvements in Office Online and the mobile Office apps, and the measures do not (yet) apply to the mobile Office apps either,” the report reads.
“Microsoft has not yet made available a technical opt-out alternative to prohibit the use of the Controller Connected Experiences in Office Online and the mobile Office apps. Microsoft also has not published any information about the diagnostic data from the mobile Office apps or Office Online, and does not offer administrators a chance to minimize the data flow from these software versions.”
File contents not collected
Microsoft hasn’t yet released a statement on this report, but Privacy Company says that the data collection “takes place without the user’s knowledge.”
However, the organization admits that Microsoft “does not collect much diagnostic data,” and information that is included in the files or emails sent by employees using Microsoft Office products is not included. In other words, the software giant is only interested in telemetry data regarding the use of the productivity suite.
“It is transferred to a company in the United States that is not bound by the privacy safeguards that Microsoft is bound by. The company in question specializes in predictive profiling of individuals for commercial purposes,” the report reads.
Privacy Company recommends a series of safeguards to enhance privacy, including disabling a series of features and services to minimize the amount of data Microsoft can collect.