the report found that the telemetry collection system sent Dutch user data to US servers
The Dutch government is extremely worried because sensitive Dutch government-related information that might have been grabbed part of the telemetry collection system may have also ended up on those US servers.
Office applications also collected actual content from users' applications, such as email subject lines and sentences from documents
Further, the investigation also found that Office telemetry collection is also far more expansive than the one in Windows 10 (..is that possible ? :O)
Investigators said that Microsoft collects up to 25,000 types of Office events, data which is made available to up to 30 engineering teams. In contrast, Windows 10 is known to collect up to 1,200 event types, data that is shared with up to only 10 engineering teams
...wow. shock. numb. stupefied.
Looks like it'll soon be time to go back to the far more secure pen and paper + carrier pigeons lol
https://www.zdnet.com/article/dutch...soft-office-telemetry-collection-breaks-gdpr/
-
The end result of all this is the Dutch data protection authority has concluded that Microsoft has violated GDPR "on many counts" including "lack of transparency and purpose limitation, and the lack of a legal ground for the processing."
in one piece of advice that will have Redmond execs jumping up and down in fury, the researchers recommend that sysadmins "consider conducting a pilot with alternative software"
https://www.theregister.co.uk/2018/11/16/microsoft_gdpr/ -
hmscott likes this.
Microsoft Office telemetry breaks GDPR -Dutch government
Discussion in 'Security and Anti-Virus Software' started by 6730b, Nov 14, 2018.