CNIL orders Microsoft to comply with France’s data protection law
On 20 July, France’s Data Protection Authority, the CNIL, served Microsoft with a formal notice that it must comply with France’s data protection law within three months. The CNIL states that the Windows 10 operating system collects excessive personal data and tracks users without their consent.
The EU Art. 29 Data Protection Working Group (WP29) has established a Contact Group which means that other national Data Protection Authorities are also conducting their own investigations on the same issue. The CNIL, whose President, Isabelle Falque-Pierrotin is also the Chair of the WP29, conducted online checks in April and June this year and put questions to the company.
Windows 10 is used by 10 million people in France. The CNIL has identified the following ways in which it alleges that Windows 10 fails to comply with France’s DP law:…