Nagware makers Microsoft have come under fire from France's National Data Protection Commission (CNIL) over Windows 10 collecting too much data
CNIL has ordered Microsoft to comply with the French Data Protection Act within three months. The company has been ordered to stop collecting excessive data and tracking browsing by users without their consent .
In addition to this, the chair of CNIL has notified Microsoft that it needs to take satisfactory measures to ensure the security and confidentiality of user data . The notice comes after numerous complaints about Windows 10, and a series of
investigations by French authorities which revealed a number of failings on Microsoft's part.
The CNIL particularly notes Windows 10's telemetry 'service' which gathers information about the apps users have installed and how long each is used for. The complaint is that these data are not necessary for the operation of the service .
The company is also criticized for its lack of sufficient security -- such as the four-digit PIN used to protect payment information which does not have a limit on the number of guesses that can be made. The CNIL's list of complaints does not end there.
It also took exception to the activation of an advertising ID for tailored advertising without user consent, the lack of cookie blocking options, and the fact that data is being transferred out of Europe to the US.