HomeWinBuzzer News Microsoft's GDPR Compliance under European Investigation following Office Data Claims

[UPDATE] Microsoft’s GDPR Compliance under European Investigation following Office Data Claims

The EU data protection supervisor will investigate Office ProPlus features in EU government institutions to see if Microsoft is gathering data.


[08.04.2019 – 01:55 CET] A spokesperson reached out to us and offered a statement about the investigation. The company does not go into detail but says it is committed to the privacy of its customers in Europe and complying with GDPR:

“We are committed to helping our customers comply with GDPR, 2018/1725, and other applicable laws and are confident that our contractual arrangements allow customers to do so. We stand ready to help our customers answer any questions the European Data Protection Supervisor may have.”

[08.04.2019 – 17:45 CET] While the European Commission is tough on all , Microsoft largely escapes the attention the regulatory body shows to serial offenders like Google, Facebook, and Amazon. However, the EU's data protection supervisor has said it is investigating Microsoft's software in EU institutions.

Specifically, the European Commission will see if Microsoft's solutions used by governments in the European Union comply with its GDPR regulations.

Europe's General Data Protection Regulations (GDPR) have been active since earlier this year. The new strict laws to prevent companies engaging in anti-competitive behavior. Last November, the Dutch government questioned the collection of data through Microsoft ProPlus. This is a bundle of solutions that includes Outlook and Word.

“Any EU institutions using the Microsoft applications investigated in this report are likely to face similar issues to those encountered by national public authorities,” the European Data Protection Supervisor (EDPS) said in a statement.

Furthermore, the EDPS believes institutions using Microsoft ProPlus may be increasing “risks to the rights and freedoms of individuals.”


A check will be made on the company's apps. Investigators will look at whether contracts between Microsoft and EU groups are “fully compliant with GDPR.

The investigation will include looking into software used by the European Commission itself and the European Parliament, both of which use MS Office services.

Dutch authorities say a telemetry data function in Microsoft Office breaks GDPR rules. The investigators go as far as to say Microsoft has participated in a “large scale and covert collection of personal data” through Office 2016 and .

Eight points of interest have been identified, including a lack of option to turn off Microsoft Office telemetry data collection. Furthermore, the investigators say they were unable to find any documentation highlighting what data Microsoft gathers.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News