fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " Microsoft "

Contractors at Microsoft eavesdrop on some Skype calls

Amazon and Google have been in the headlines recently over how the tech giants’ workers eavesdrop on the audio footage picked up by smart assistants. Now Microsoft has explaining to do following reports that its employees listen in on real Skype conversations that have gone through translation software processing.

People contracted to work with Microsoft take dialogues in for review as a means of translation quality control. No mention of this surveillance appears in Skype’s terms and conditions.

Source: Contractors at Microsoft eavesdrop on some Skype calls

New DPIA on Microsoft Office and Windows software: still privacy risks remaining

Three new DPIAs, which Privacy Company has carried out for the central Dutch government, show that Microsoft has mitigated the eight previously identified privacy risks for Office 365 ProPlus through a combination of technical, organisational and contractual measures.

However, the new privacy conditions for the central Dutch government do not yet apply to the data processing via Windows 10 Enterprise or the mobile Office apps. Moreover, certain technical improvements that Microsoft has implemented in Office 365 ProPlus are not (yet) available in Office Online.

Therefore, SLM Rijk advises government institutions to, for the time being, refrain from using Office Online and the mobile Office apps, and to opt for the lowest possible level of data collection in Windows 10.

Full article: New DPIA on Microsoft Office and Windows software: still privacy risks remaining (long blog)

German schools ban Office 365 due to privacy concerns

The German state of Hesse has ruled it’s illegal for its schools to use Office 365 after years of debate over whether the country’s schools and institutions should use Microsoft tools at all.

The Hesse Office for Data Protection and Information Freedom says the standard configuration in Office 365 could potentially make students’ and teachers’ personal data available to US officials. In addition to the information that users provide when they’re working in Office 365, the platform sends telemetry data back to the US.

Source: German Schools Ban Office 365, Cite Privacy Concerns

You’re responsible for getting permission from subjects if you want to use Windows Photos’ facial recog feature

Microsoft has begun rolling out an update to the Photos app in Windows 10 that prompts you to confirm “all appropriate consents from the people in your photos and videos”, in order to use facial recog to find snaps of your friends and loved ones.

Microsoft has decided that additional safeguards are needed, and has come up with the notion that you should obtain “appropriate consents” from the people in your pictures.

Full article: You’re responsible for getting permission from subjects if you want to use Windows Photos’ facial recog feature • The Register

How Microsoft Plan to Empower Users to Own and Control Personal Data

Microsoft presented a vast blockchain-related plan: a decentralized identity (DID) network built atop of the bitcoin network, which can potentially empower users all over the internet to take control over their personal data and content.

Titled the Identity Overlay Network (ION), the infrastructure lets users obtain control over their own data via the management of their Public Key Infrastructure (PKI).

DID allows users to control their own data and content — including login details and photos, which is not currently possible on most social media platforms that store such data on their private, centralized servers.

Full article: Decentralized Identity: How Microsoft (and Others) Plan to Empower Users to Own and Control Personal Data

Microsoft working to support decentralised identity

Microsoft is among the big tech players aiming to help enable personalisation of products and services without putting privacy at risk.

Microsoft believes there are three important steps that will help to rebalance the equation, said Chik – first, enable individuals to bring their own identity; second, accept independently verified information from individuals; and third, recognise individuals as data controllers.

Source: Microsoft working to support decentralised identity

EU to check for GDPR violations in Microsoft’s contracts with EU institutions

The European Data Protection Supervisor (EDPS), the European Union’s data protection watchdog, has started an investigation into Microsoft’s contracts with EU institutions.

The investigation will focus on the contracts EU institutions have signed with Microsoft and if clauses in these contracts comply with the EU’s new data protection regulation -also known as the General Data Protection Rules (GDPR).

Source: EU to check for GDPR violations in Microsoft’s contracts with EU institutions | ZDNet

WTF is differential privacy?

Differential privacy allows companies to share aggregate data about user habits while protecting individual privacy.

It’s a process used to aggregate data that was pioneered by Microsoft and is now used by Apple, Google and other big tech companies. In a nutshell, a differential privacy algorithm injects random data into a data set to protect individual privacy.

Full article: WTF is differential privacy? – Digiday

Microsoft calls for AI facial-recognition laws

Microsoft wants new laws to put some constraints on the use and development of facial recognition.

Tech companies are faced with a “commercial race to the bottom”, which should have a “floor of responsibility” that allows competition but outlaws the use of facial recognition in ways that harm democratic freedom or enable discrimination.

The call to action comes as China increasingly adopts facial recognition to monitor public spaces. Analysts estimate China’s 200 million surveillance cameras will grow to 300 million in the next two years as tech companies beef up surveillance offerings.

Full article: Microsoft: Here’s why we need AI facial-recognition laws right now | ZDNet

>