Microsoft has announced it will extend the rights that are at the heart of GDPR to all of their consumer customers worldwide.
“Known as Data Subject Rights, they include the right to know what data we collect about you, to correct that data, to delete it and even to take it somewhere else,” Julie Brill, Corporate VP and Deputy General Counsel at Microsoft, explained.
Users can access these tools through Microsoft’s privacy dashboard.
Changes to the dashboard that allow Microsoft to comply with GDPR requirements have already been made in January 2018, when the wider availability of the Windows Diagnostic Data Viewer tool was announced.
A commitment to GDPR and privacy
“GDPR is an important step forward for privacy rights in Europe and around the world, and we’ve been enthusiastic supporters of GDPR since it was first proposed in 2012,” Brill noted.
“We are committed to making sure that our products and services comply with GDPR. That’s why we’ve had more than 1,600 engineers across the company working on GDPR projects. Since its enactment in 2016, we’ve made significant investments to redesign our tools, systems and processes to meet the requirements of GDPR.”
She also noted that changes to the tools can be expected.
“As our customers use our tools and experience other features we’ll also listen to their feedback and suggestions for improvements. Because regulatory interpretations change with experience and changing circumstances over time, we will constantly evaluate our products, services and data uses as understanding of GDPR evolves.”
The company’s GDPR compliance efforts have also resulted in an update of the privacy statement governing their consumer products and services.
As Greg McNeal, Professor of Law & Policy at Pepperdine Law, has pointed out, Microsoft seems to have used the advent of GDPR as an opportunity to achieve privacy goals without suffering a business impact.
It’s also smart business as peer competitors are on defense. Plus it makes MSFT and Azure the platform of choice for those entities looking for a solution that has GDPR type compliance baked in by default, especially as other geos follow policy of Europe.
— Greg McNeal (@GregoryMcNeal) May 22, 2018