Windows 10 Creators Update, released this past spring, introduced new privacy options that clarified Microsoft's data-gathering activities, enabling users to make more informed decisions about the types of information they share with the software giant. Users largely approve of the changes, claims Marisa Rogers, privacy officer at Microsoft's Windows and Devices Group.
The Microsoft executive described the feedback the company has received as "positive," with many users opting for the Full option regarding the types diagnostics data sent to the company. In the Windows 10 Creators Update, Microsoft winnowed the operating system's telemetry data options to just two, Basic and Full (the middle-of-the-pack Enhanced setting is now gone).
The Basic option encompasses configuration, performance and other data information that company considers essential to gauging the operating system's health. Full, on the other hand, includes memory state information that is captured when an application crashes, information that the company warns may include personal information or parts of a document a user was working on when and application unexpectedly quits.
Microsoft's new privacy dashboard on accounts.microsoft.com has also been a hit, reported Rogers. Since its launch earlier this year, 23 million people have visited the tool, which allows them to control how their data is collected on the company's online and cloud services.
The company is also gearing up for the looming General Data Protection Regulation (GDPR) deadline, said Rogers. Companies that don't adhere to the European Union's stringent new data privacy protections when it goes into effect next year, can face some stiff penalties.
"We are also ensuring Windows 10 is compliant with the European Union's General Data Protection Regulation (GDPR) that goes into effect in 2018," assured Rogers. "Fundamentally, the GDPR is about protecting and respecting an individual’s privacy rights and Microsoft's enduring commitment to trust is well aligned through the privacy principles that shape the way we build our products and services."
Microsoft isn't stopping at Windows. In May, the company announced a GDPR cloud dashboard for its cloud customers, enabling to quickly see how their Azure and Office 365 environments stack up.
Cloud service providers are intensely focused on the GDPR, at least those that plan on continuing to do business in Europe.
Stephen Schmidt, chief information security officer at Amazon Web Services (AWS), revealed some of the actions his company is taking to help customers comply with the GDPR. "In addition to account managers, we have teams of compliance experts, data protection specialists, and security experts working with customers across Europe to answer their questions and help them prepare for running workloads in the AWS Cloud after the GDPR comes into force," he stated in a blog post.
In May, Google reiterated its commitment to the GDPR, pledging users that its G Suite and Google Cloud Platform would comply with the regulation when the May 25, 2018 enforcement date arrives. IBM also recently announced it had added GDPR features to Resilient Incident Response, the company's breach-response platform.