Microsoft faces fines for violating GDPR

We've pointed out before that even the greats face similar problems when it comes to GDPR. This time, Microsoft got the Black Peter for flaws in its Office suite.

As part of complying with GDPR regulations, fcompanies must ensure that users are made abundantly clear about what data is being stored about them, as well as having the ability to turn that storage off. It's imperative that all sensitive data is kept under control, but that can also become a double-edged sword. In fact, Microsoft is likely to pay a hefty price for this collection of information.

Dutch data protection authorities have targeted Microsoft and its office suite Microsoft Office ProPlus (Office 2016 and Office 365). So where is the problem? Imagine a situation where a user repeatedly presses the "backspace" key to delete an entire word. In this case, Microsoft sends the entire sentence for analysis to improve the repair help system. Dozens of engineers then work on such analysis. None of this would presumably be such a problem, except that Microsoft does not adequately inform users that there is statistical data being sent, what exactly is being analyzed, and for what purpose. It also lacks the ability to turn off this sending.

Another problematic point is that this data was stored on servers in the US. However, Microsoft has tried to rectify this transgression and some of the data is already being processed within the European Union.

Since Microsoft is working with the Dutch authorities to remedy this, it is possible that the overall impact of the problem can be mitigated. An assessment of compliance with the corrective measures is expected to take place in spring 2019, which will also determine whether a fine will be imposed and the amount of any fine.

If you don't want to end up like this giant, get expert advice. You'll save yourself a lot of paperwork and explaining and the money you won't have to pay in fines can be invested in your business.