, ,

Does Microsoft ignore the GDPR data subject rights?

Some acquaintances had their Hotmail e-mail accounts blocked by Microsoft because a Microsoft algorithm suspected that unauthorized users had accessed their e-mail accounts.

For starters, I can only applaud that Microsoft takes measures to protect the confidentiality of the information stored in Hotmail mailboxes.

However, the problems started when these acquaintances tried to re-access to their mailboxes. Even after entering a lot of personal information, the Microsoft algorithm concluded that there was insufficient information to restore access.

Furthermore, they weren’t able to regain access to the mailbox through human intervention because the telephone helpdesk (‘helpdesk’ only by name, in practice you are not helped) only refers you to a web page with a procedure that brings you full circle to the same faulty algorithm for regaining access.

In my view, this incident contains a number of clear GDPR non-conformities, such as:

  • Data subjects cannot access their own data;
  • No possibility of human intervention, to bypass an algorithm;
  • No possibility of data portability to another mailbox;
  • No possibility to delete mailbox data if a user is required to create a new account?

In summary, this makes Microsoft non-compliant with the GDPR…

1 reply
  1. Kathleen Larmore says:

    Thank you. It has been very frustrating having to deal with some of their software issues. It is also apparently impossible to close any accounts. This is not customer friendly, or considerate.

    Reply

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *