Julie Brill, corporate vice president of Microsoft, announced via blog post on Tuesday that with regard to GDPR compliance, the company won't just stop with Europe, but will incorporate the policies in its services for all of its users throughout the world.
Per Brill,
"Known as Data Subject Rights, they include the right to know what data we collect about you, to correct that data, to delete it and even to take it somewhere else."
The General Data Protection Regulation, which more than likely has taken your inbox by storm in the past month, forces companies operating in Europe to comply with strict guidelines that serve to strengthen users' privacy. A lot of companies such as Facebook are actively hunting for ways to skirt compliance, whereas many such as Verve, UnRoll, Tungle and Drawbridge are pulling out of the EU outright by use of third-party services that block IP addresses in the region from accessing their websites.
As per Microsoft in its specialized portal for GDPR-related changes to its services:
Personal privacy
Individuals have the right to:
- Access their personal data
- Correct errors in their personal data
- Erase their personal data
- Object to processing of their personal data
- Export personal data
Controls and notifications
Organizations will need to:
- Protect personal data using appropriate security
- Notify authorities of personal data breaches
- Obtain appropriate consents for processing data
- Keep records detailing data processing
Transparent policies
Organizations are required to:
- Provide clear notice of data collection
- Outline processing purposes and use cases
- Define data retention and deletion policies
IT and training
Organizations will need to:
- Train privacy personnel and employees
- Audit and update data policies
- Employ a Data Protection Officer (if required)
- Create and manage compliant vendor contracts
Consequentially, users can find a number of new settings in their Microsoft account dashboard, in accordance with the changes made by the company to its privacy policy.
At the end of the day, this is by no means something Microsoft has to do outside of the EU. But it's nice to see a large company act as a standard bearer for a right as basic as privacy, and hope remains that other companies, such as Apple, follow in Microsoft's footsteps in this regard.
Source: Bleeping Computer
11 Comments - Add comment