diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index af5222988d..2b4fa84488 100644 Binary files a/.openpublishing.redirection.json and b/.openpublishing.redirection.json differ diff --git a/windows/privacy/gdpr-it-guidance.md b/windows/privacy/gdpr-it-guidance.md deleted file mode 100644 index f0e1c95a3d..0000000000 --- a/windows/privacy/gdpr-it-guidance.md +++ /dev/null @@ -1,308 +0,0 @@ ---- -title: Windows and the GDPR-Information for IT Administrators and Decision Makers -description: Use this topic to understand the relationship between users in your organization and Microsoft in the context of the GDPR (General Data Protection Regulation). -keywords: privacy, GDPR, windows, IT -ms.prod: w10 -ms.mktglfcycl: manage -ms.sitesec: library -ms.pagetype: security -ms.localizationpriority: high -audience: ITPro -author: dansimp -ms.author: dansimp -manager: dansimp -ms.collection: M365-security-compliance -ms.topic: article -ms.date: 05/11/2018 -ms.reviewer: ---- -# Windows and the GDPR: Information for IT Administrators and Decision Makers - -Applies to: -- Windows 10, version 1703 and newer -- Windows 10 Team Edition, version 1703 for Surface Hub -- Windows Server 2016 and newer -- Desktop Analytics - -This topic provides IT Decision Makers with a basic understanding of the relationship between users in an organization and Microsoft in the context of the GDPR (General Data Protection Regulation). You will also learn what role an IT organization plays for that relationship. - -For more information about the GDPR, see: -* [Microsoft GDPR Overview](https://aka.ms/GDPROverview) -* [Microsoft Trust Center FAQs about the GDPR](https://aka.ms/gdpr-faq) -* [Microsoft Service Trust Portal (STP)](https://aka.ms/stp) -* [Get Started: Support for GDPR Accountability](https://servicetrust.microsoft.com/ViewPage/GDPRGetStarted) - -## GDPR fundamentals - -Here are some GDPR fundamentals: - -* On May 25, 2018, this EU data privacy law is implemented. It sets a new global bar for data privacy rights, security, and compliance. -* The GDPR is fundamentally about protecting and enabling the privacy rights of individuals – both customers and employees. -* The European law establishes strict global data privacy requirements governing how organizations manage and protect personal data while respecting individual choice – no matter where data is sent, processed, or stored. -* A request by an individual to an organization to take an action on their personal data is referred to here as a *data subject request*, or *DSR*. - -Microsoft believes data privacy is a fundamental right, and that the GDPR is an important step forward for clarifying and enabling individual privacy rights. We also recognize that the GDPR required significant changes by organizations all over the world with regard to the discovery, management, protection, and reporting of personal data that is collected, processed, and stored within an organization. - -### What is personal data under the GDPR? - -Article 4 (1) of [the GDPR](http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=en) defines personal data as any information relating to an identified or identifiable person. There is no distinction between a person’s private, public, or work roles. As defined by the GDPR, personal data includes, but is not limited to: -* Name -* Email address -* Credit card numbers -* IP addresses -* Social media posts -* Location information -* Handwriting patterns -* Voice input to cloud-based speech services - -### Controller and processor under the GDPR: Who does what - -#### Definition - -The GDPR describes specific requirements for allocating responsibility for controller and processor activities related to personal data. Thus, every organization that processes personal data must determine whether it is acting as a controller or processor for a specific scenario. - -* **Controller**: GDPR Article 4 (7) defines the ‘controller’ as the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. -* **Processor**: According to the GDPR Article 4 (8) ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. - -#### Controller scenario - -For example, when an organization is using Microsoft Windows Defender Advanced Threat Protection (ATP) to detect, investigate, and respond to advanced threats on their networks as part of their IT operations, that organization is collecting data from the user’s device – data, that might include personal data. In this scenario, the organization is the *controller* of the respective personal data, since the organization controls the purpose and means of the processing for data being collected from the devices that have Windows Defender ATP enabled. - -#### Processor scenario - -In the controller scenario described above, Microsoft is a *processor* because Microsoft provides data processing services to that controller (in the given example, an organization that subscribed to Windows Defender ATP and enabled it for the user’s device). As processor, Microsoft only processes data on behalf of the enterprise customer and does not have the right to process data beyond their instructions as specified in a written contract, such as the [Microsoft Product Terms and the Microsoft Online Services Terms (OST)](https://www.microsoft.com/licensing/product-licensing/products.aspx). - -## GDPR relationship between a Windows 10 user and Microsoft - -For Windows 10 services, Microsoft usually is the controller (with exceptions, such as Windows Defender ATP). The following sections describe what that means for the related data. - -### Types of data exchanged with Microsoft - -Microsoft collects data from or generates data through interactions with users of Windows 10 devices. This information can contain personal data, as defined in [Article 4 (1) of the GDPR](http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=OJ:L:2016:119:FULL&from=EN), that may be used to provide, support, and improve Windows 10 services. - -Microsoft discloses data collection and privacy practices in detail, for example: -* As part of the Windows 10 installation; -* In the Windows 10 privacy settings; -* Via the web-based [Microsoft Privacy dashboard](https://account.microsoft.com/privacy); and -* In the [Microsoft Privacy Statement](https://privacy.microsoft.com/en-us/privacystatement). - -It is important to differentiate between two distinct types of data Windows services are dealing with. - -#### Windows functional data - -A user action, such as performing a Skype call, usually triggers the collection and transmission of Windows *functional data*. Some Windows components and applications connecting to Microsoft services also exchange Windows functional data to provide user functionality. - -Some other examples of Windows functional data: -* The Weather app which can use the device’s location to retrieve local weather or community news. -* Wallpaper and desktop settings that are synchronized across multiple devices. - -For more info on how IT Professionals can manage Windows functional data sent from an organization to Microsoft, see [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md). - -#### Windows diagnostic data - -Windows diagnostic data is used to keep the operating system secure and up-to-date, troubleshoot problems, and make product improvements. The data is encrypted before being sent back to Microsoft. - -Some examples of diagnostic data include: -* The type of hardware being used, information about installed apps and usage details, and reliability data on drivers running on the device. -* For users who have turned on “Tailored experiences”, it can be used to offer personalized tips, ads, and recommendations to enhance Microsoft products and services for the needs of the user. - -Diagnostic data is categorized into the levels "Security", "Basic", "Enhanced", and "Full". For a detailed discussion about these diagnostic data levels please see [Configure Windows diagnostic data in your organization](configure-windows-diagnostic-data-in-your-organization.md). To find more about what information is collected and how it is handled, see [Understanding Windows diagnostic data](configure-windows-diagnostic-data-in-your-organization.md#understanding-windows-diagnostic-data). - -> [!IMPORTANT] -> Other Microsoft services as well as 3rd party applications and drivers running on Windows devices may implement their own functionality, independently from Windows, to transport their diagnostic data. Please contact the publisher for further guidance on how to control the diagnostic data collection level and transmission of these applications and services. - -### Windows services where Microsoft is the processor under the GDPR - -Most Windows 10 services are controller services in terms of the GDPR – for both Windows functional data and Windows diagnostic data. But there are a few Windows services where Microsoft is a processor for functional data under the GDPR, such as [Desktop Analytics](https://aka.ms/dadocs), [Update Compliance](https://docs.microsoft.com/windows/deployment/update/update-compliance-monitor) and [Windows Defender Advanced Threat Protection (ATP)](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp). - ->[!NOTE] ->Both Desktop Analytics and Windows Defender ATP are subscription services for organizations. Some functionality requires a certain license (please see [Compare Windows 10 editions](https://www.microsoft.com/windowsforbusiness/compare)). - -#### Desktop Analytics - -> [!IMPORTANT] -> The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Update Compliance](/windows/deployment/update/update-compliance-get-started) will continue to be supported. -> For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/en-us/help/4521815/windows-analytics-retirement). - -[Desktop Analytics](https://aka.ms/dadocs) is a cloud-based service that integrates with Configuration Manager. The service provides insight and intelligence for you to make more informed decisions about the update readiness of Windows Windows devices in their environment. It uses Windows diagnostic data from devices enrolled by the IT organization of an enterprise with data aggregated from millions of devices into the Desktop Analytics service. - -Windows [transmits Windows diagnostic data](enhanced-diagnostic-data-windows-analytics-events-and-fields.md) to Microsoft datacenters, where that data is analyzed and stored. With Desktop Analytics, the IT organization can then view the analyzed data to detect and fix issues or to improve their processes for upgrading to Windows 10. - -As a result, in terms of the GDPR, the organization that has subscribed to Desktop Analytics is acting as the controller, while Microsoft is the processor for Desktop Analytics. -> [!NOTE] -> The IT organization must explicitly enable Desktop Analytics for a device after the organization subscribes. - -> [!IMPORTANT] -> Desktop Analytics does not collect Windows Diagnostic data by itself. Instead, Desktop Analytics only uses a subset of Windows Diagnostic data that is collected by Windows for an enrolled device. The Windows Diagnostic data collection is controlled by the IT department of an organization or the user of a device. See [Enable data sharing for Desktop Analytics](https://docs.microsoft.com/configmgr/desktop-analytics/enable-data-sharing) - -#### Windows Defender ATP - -[Windows Defender ATP](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) is cloud-based service that collects and analyzes usage data from an organization’s devices to detect security threats. Some of the data can contain personal data as defined by the GDPR. Enrolled devices transmit usage data to Microsoft datacenters, where that data is analyzed, processed, and stored. The security operations center (SOC) of the organization can view the analyzed data using the [Windows Defender ATP portal](https://securitycenter.windows.com/). - -As a result, in terms of the GDPR, the organization that has subscribed to Windows Defender ATP is acting as the controller, while Microsoft is the processor for Windows Defender ATP. - -> [!NOTE] -> The IT organization must explicitly enable Windows Defender ATP for a device after the organization subscribes. - -#### At a glance – Windows 10 services GDPR mode of operations - -The following table lists in what GDPR mode – controller or processor – Windows 10 services are operating. - -| Service | Microsoft GDPR mode of operation | -| --- | --- | -| Windows Functional data | Controller or Processor* | -| Windows Diagnostic data | Controller | -| Desktop Analytics | Processor | -| Windows Defender Advanced Threat Detection (ATP) | Processor | - -*Table 1: Windows 10 GDPR modes of operations for different Windows 10 services* - -*/*Depending on which application/feature this is referring to.* - -## Windows diagnostic data and Windows 10 - - -### Recommended Windows 10 settings - -Windows diagnostic data collection level for Windows 10 can be set by a user in Windows (*Start > Settings > Privacy > Diagnostics & feedback*) or by the IT department of an organization, using Group Policy or Mobile Device Management (MDM) techniques. - -* For Windows 10, version 1803 and version 1809, Microsoft recommends setting the Windows diagnostic level to “Enhanced”. This enables organizations to get the full functionality of [Desktop Analytics](#desktop-analytics). - ->[!NOTE] ->For more information on the Enhanced level, see [Configure Windows diagnostic data in your organization](configure-windows-diagnostic-data-in-your-organization.md). - -* For Windows 10, version 1709, and Windows 10, version 1703, the recommended Windows diagnostic level configuration for EEA and Switzerland commercial users is “Basic”. - ->[!NOTE] ->For Windows 7, Microsoft recommends [using Commercial Data Opt-in setting](/previous-versions/windows/it-pro/windows-7/ee126127(v=ws.10)) to facilitate upgrade planning to Windows 10. - -### Additional information for Desktop Analytics - -The basic functionality of Desktop Analytics works at the “Basic” diagnostic data level. Other functionality of Desktop Analytics, such as usage or health data for updated devices, require “Enhanced”. - -Those organizations who wish to share the smallest set of events for Desktop Analytics and have set the Windows diagnostic level to “Enhanced” can use the [“Limit Enhanced diagnostic data to the minimum required by Desktop Analytics”](/windows/privacy/configure-windows-diagnostic-data-in-your-organization#limit-enhanced-diagnostic-data-to-the-minimum-required-by-desktop-analytics) setting. This filtering mechanism was that Microsoft introduced in Windows 10, version 1709. When enabled, this feature limits the operating system diagnostic data events included in the Enhanced level to the smallest set of data required by Desktop Analytics. - -> [!NOTE] -> Additional information can be found at [Desktop Analytics data privacy](https://docs.microsoft.com/configmgr/desktop-analytics/privacy). - -## Controlling Windows 10 data collection and notification about it - -Windows 10 sends diagnostic data to Microsoft services, and some of that data can contain personal data. Both the user and the IT organization have the ability to control the transmission of that data to Microsoft. - -### Adjusting privacy settings by the user - -A user has the ability to adjust additional privacy settings in Windows by navigating to *Start > Settings > Privacy*. For example, a user can control if location is enabled or disabled, whether or not to transmit feedback on inking and typing input to Microsoft for improving the personal accuracy of these services, or if Windows collects activities for syncing it with other devices. - -For a standard user in an organization, some privacy settings might be controlled by their IT department. This is done using Group Policies or Mobile Device Management (MDM) settings. If this is the case, the user will see an alert that says ‘Some settings are hidden or managed by your organization’ when they navigate to *Start > Settings > Privacy*. As such, the user can only change some settings, but not all. - -### Users can lower the diagnostic level - -Starting with Windows 10, version 1803, a user can change the Windows diagnostics data level for their device below to what was set by their IT department. Organizations can allow or disallow this feature by configuring the Group Policy **Computer Configuration\Administrative Templates\Windows Components\Data Collection and Preview Builds\Configure telemetry opt-in setting user interface** or the MDM policy **ConfigureTelemetryOptInSettingsUx**. - -If an IT organization has not disabled this policy, users within the organization can change their own Windows diagnostic data collection level in *Start > Settings > Privacy > Diagnostics & feedback*. For example, if the IT organization enabled this policy and set the level to “Full”, a user can modify the Windows diagnostics data level setting to “Basic”. - -### Notification at logon - -Windows 10, version 1803, and later can provide users with a notification during their logon. If the IT organization has not disabled the Group Policy **Computer Configuration\Administrative Templates\Windows Components\Data Collection and Preview Builds\Configure telemetry opt-in change notifications** or the MDM policy **ConfigureTelemetryOptInChangeNotification**, Windows diagnostic data notifications can appear at logon so that the users of a device are aware of the data collection. - -This notification can also be shown when the diagnostic level for the device was changed. For instance, if the diagnostic level on the device is set to “Basic” and the IT organization changes it to “Full”, users will be notified on their next logon. - -### Diagnostic Data Viewer (DDV) - -In Windows 10, version 1803 and later, users can invoke the [Diagnostic Data Viewer (DDV)](diagnostic-data-viewer-overview.md) to see what Windows diagnostic data is collected on their local device. This app lets a user review the diagnostic data collected on his device that is being sent to Microsoft. The DDV groups the information into simple categories based on how it is used by Microsoft. - -A user can turn on Windows diagnostic data viewing by going to go to *Start > Settings > Privacy > Diagnostics & feedback*. Under the ‘Diagnostic data viewer’ section, the user has to enable the ‘If data viewing is enabled, you can see your diagnostics data’ option. After DDV is installed on the device, the user can start it by clicking the ‘Diagnostic Data Viewer’ in the ‘Diagnostic data viewer’ section of *Start > Settings > Privacy > Diagnostics & feedback*. - -Also, the user can delete all Windows diagnostic data collected from the device. This is done by clicking the ‘Delete’ button in the ‘Delete diagnostic data’ section of *Start > Settings > Privacy > Diagnostics & feedback*. - -### Windows 10 personal data services configuration - -Microsoft assembled a list of Windows 10 services configuration settings that are useful for personal data privacy protection and related regulations, such as the General Data Protection Regulation (GDPR). There is one section with settings for service data that is managed at Microsoft and a section for local data that is managed by an IT organization. - -IT Professionals that are interested in this configuration, see [Windows 10 personal data services configuration](windows-personal-data-services-configuration.md). - -### Windows 10 connections to Microsoft - -To find out more about the network connections that Windows components make to Microsoft as well as the privacy settings that affect data shared with either Microsoft or apps, see [Manage connections from Windows operating system components to Microsoft services](https://docs.microsoft.com/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services). This article describe how these settings can be managed by an IT Professional, and fronts an array of Windows version-specific articles. - -### At-a-glance: the relationship between an IT organization and the GDPR - -Because Microsoft is a controller for data collected by Windows 10, the user can work with Microsoft to satisfy GDPR requirements. While this relationship between Microsoft and a user is evident in a consumer scenario, an IT organization can influence that relationship in an enterprise scenario. For example, the IT organization has the ability to centrally configure the Windows diagnostic data level by using Group Policy or MDM settings. - -## Windows Server - -Windows Server follows the same mechanisms as Windows 10 for handling of personal data – for example, when collecting Windows diagnostic data. - -More detailed information about Windows Server and the GDPR is available at Beginning your General Data Protection Regulation (GDPR) journey for Windows Server. - -### Windows diagnostic data and Windows Server - -The lowest diagnostic data setting level supported on Windows Server 2016 and Windows Server 2019 through management policies is “Security”. The lowest diagnostic data setting supported through the Settings UI is “Basic”. The default diagnostic data level for all Windows Server 2016 and Windows Server 2019 editions is “Enhanced”. - -IT administrators can configure the Windows Server diagnostic data settings using familiar management tools, such as Group Policy, MDM, or Windows Provisioning. IT administrators can also manually change settings using Registry Editor. Setting the Windows Server diagnostic data levels through a management policy overrides any device-level settings. - -There are two options for deleting Windows diagnostic data from a Windows Server machine: - -- If the “Desktop Experience” option was chosen during the installation of Windows Server 2019, then there are the same options available for an IT administrator that end users have with Windows 10, version 1803 and version 1809, to submit a request for deleting that device’s diagnostic data. This is done by clicking the **Delete** button in the **Delete diagnostic data** section of **Start > Settings > Privacy > Diagnostics & feedback**. -- Microsoft has provided a [PowerShell cmdlet](https://docs.microsoft.com/powershell/module/windowsdiagnosticdata) that IT administrators can use to delete Windows diagnostic data via the command line on a machine running Windows Server 2016 or Windows Server 2019. This cmdlet provides the same functionality for deleting Windows diagnostic data as with Desktop Experience on Windows Server 2019. For more information, see [the PowerShell Gallery](https://www.powershellgallery.com/packages/WindowsDiagnosticData). - -### Backups and Windows Server - -Backups, including live backups and backups that are stored locally within an organization or in the cloud, can contain personal data. - -- Backups an organizations creates, for example by using Windows Server Backup (WSB), are under its control. For example, for exporting personal data contained in a backup, the organization needs to restore the appropriate backup sets to facilitate the respective data subject request (DSR). -- The GDPR also applies when storing backups in the cloud. For example, an organization can use Microsoft Azure Backup to backup files and folders from physical or virtual Windows Server machines (located on-premises or in Azure) to the cloud. The organization that is subscribed to this backup service also has the obligation to restore the data in order to exercise the respective DSR. - -## Windows 10 Team Edition, Version 1703 for Surface Hub - -Surface Hub is a shared device used within an organization. The device identifier collected as part of diagnostic data is not connected to a user. For removing Windows diagnostic data sent to Microsoft for a Surface Hub, Microsoft created the Surface Hub Delete Diagnostic Data tool available in the Microsoft Store. - -> [!NOTE] -> Additional apps running on the device, that are not delivered as part of the in-box experience of Surface Hub, may implement their own diagnostic data collection and transmission functionality independently to collect and process personal data. Please contact the app publisher for further guidance on how to control this. - -An IT administrator can configure privacy- related settings, such as setting the Windows diagnostic data level to Basic. Surface Hub does not support group policy for centralized management; however, IT administrators can use MDM to apply these settings to Surface Hub. For more information about Surface Hub and MDM, please see [Manage settings with an MDM provider](https://docs.microsoft.com/surface-hub/manage-settings-with-mdm-for-surface-hub). - -## Further reading - -### Optional settings / features that further improve the protection of personal data - -Personal data protection is one of the goals of the GDPR. One way of improving personal data protection is to use the modern and advanced security features of Windows 10. An IT organization can learn more at [Mitigate threats by using Windows 10 security features](/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10) and [Standards for a highly secure Windows 10 device](https://docs.microsoft.com/windows-hardware/design/device-experiences/oem-highly-secure). - -> [!NOTE] -> Some of these features might require a particular Windows hardware, such as a computer with a Trusted Platform Module (TPM) chip, and can depend on a particular Windows product (such as Windows 10 E5). - -### Windows Security Baselines - -Microsoft has created Windows Security Baselines to efficiently configure Windows 10 and Windows Server. For more information, please visit [Windows Security Baselines](/windows/security/threat-protection/windows-security-baselines). - -### Windows Restricted Traffic Limited Functionality Baseline - -To make it easier to deploy settings that restrict connections from Windows 10 and Windows Server to Microsoft, IT Professionals can apply the Windows Restricted Traffic Limited Functionality Baseline, available [here](https://go.microsoft.com/fwlink/?linkid=828887). - ->[!IMPORTANT] ->Some of the settings of the Windows Restricted Traffic Limited Functionality Baseline will reduce the functionality and security configuration of a device in the organization and are therefore not recommended. - -### Microsoft Trust Center and Service Trust Portal - -Please visit our [GDPR section of the Microsoft Trust Center](https://www.microsoft.com/trustcenter/privacy/gdpr) to obtain additional resources and to learn more about how Microsoft can help you fulfill specific GDPR requirements. There you can find lots of useful information about the GDPR, including how Microsoft is helping customers to successfully master the GDPR, a FAQ list, and a list of [resources for GDPR compliance](https://www.microsoft.com/TrustCenter/Privacy/gdpr/resources). Also, please check out the [Compliance Manager](https://aka.ms/compliancemanager) of the Microsoft [Service Trust Portal (STP)](https://aka.ms/stp) and [Get Started: Support for GDPR Accountability](https://servicetrust.microsoft.com/ViewPage/GDPRGetStarted). - -### Additional resources - -#### FAQs - -* [Windows 10 feedback, diagnostics, and privacy](https://privacy.microsoft.com/windows-10-feedback-diagnostics-and-privacy) -* [Microsoft Edge and privacy](https://privacy.microsoft.com/windows-10-microsoft-edge-and-privacy) -* [Windows Hello and privacy](https://privacy.microsoft.com/windows-10-windows-hello-and-privacy) -* [Wi-Fi Sense](https://privacy.microsoft.com/windows-10-about-wifi-sense) - -#### Blogs - -* [Privacy and Windows 10](https://blogs.windows.com/windowsexperience/2015/09/28/privacy-and-windows-10) - -#### Privacy Statement - -* [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement) - -#### Other resources - -* [Privacy at Microsoft](https://privacy.microsoft.com/) diff --git a/windows/privacy/gdpr-win10-whitepaper.md b/windows/privacy/gdpr-win10-whitepaper.md deleted file mode 100644 index 71f256d128..0000000000 --- a/windows/privacy/gdpr-win10-whitepaper.md +++ /dev/null @@ -1,340 +0,0 @@ ---- -title: General Data Protection Regulation (GDPR) for Windows 10 -description: Use this article to understand what GDPR is and which products Microsoft provides to help you get started towards compliance. -keywords: privacy, GDPR -ms.prod: w10 -ms.mktglfcycl: manage -ms.sitesec: library -ms.pagetype: security -ms.localizationpriority: high -audience: ITPro -author: dansimp -ms.author: dansimp -manager: dansimp -ms.collection: M365-security-compliance -ms.topic: article -ms.date: 09/25/2017 -ms.reviewer: ---- - -# Beginning your General Data Protection Regulation (GDPR) journey for Windows 10 - -This article provides info about the GDPR, including what it is, and the products Microsoft provides to help you to become compliant. - -## Introduction -On May 25, 2018, a European privacy law is due to take effect that sets a new global bar for privacy rights, security, and compliance. - -The General Data Protection Regulation, or GDPR, is fundamentally about protecting and enabling the privacy rights of individuals. The GDPR establishes strict global privacy requirements governing how you manage and protect personal data while respecting individual choice — no matter where data is sent, processed, or stored. - -Microsoft and our customers are now on a journey to achieve the privacy goals of the GDPR. At Microsoft, we believe privacy is a fundamental right, and we believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights. But we also recognize that the GDPR will require significant changes by organizations all over the world. - -We have outlined our commitment to the GDPR and how we are supporting our customers within the [Get GDPR compliant with the Microsoft Cloud](https://blogs.microsoft.com/on-the-issues/2017/02/15/get-gdpr-compliant-with-the-microsoft-cloud/#hv52B68OZTwhUj2c.99) blog post by our Chief Privacy Officer [Brendon Lynch](https://blogs.microsoft.com/on-the-issues/author/brendonlynch/) and the [Earning your trust with contractual commitments to the General Data Protection Regulation](https://blogs.microsoft.com/on-the-issues/2017/04/17/earning-trust-contractual-commitments-general-data-protection-regulation/#6QbqoGWXCLavGM63.99)” blog post by [Rich Sauer](https://blogs.microsoft.com/on-the-issues/author/rsauer/) - Microsoft Corporate Vice President & Deputy General Counsel. - -Although your journey to GDPR-compliance may seem challenging, we're here to help you. For specific information about the GDPR, our commitments and how to begin your journey, please visit the [GDPR section of the Microsoft Trust Center](https://www.microsoft.com/trustcenter/privacy/gdpr). - -## GDPR and its implications -The GDPR is a complex regulation that may require significant changes in how you gather, use and manage personal data. Microsoft has a long history of helping our customers comply with complex regulations, and when it comes to preparing for the GDPR, we are your partner on this journey. - -The GDPR imposes rules on organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents, no matter where those businesses are located. Among the key elements of the GDPR are the following: - -- **Enhanced personal privacy rights.** Strengthened data protection for residents of EU by ensuring they have the right to access to their personal data, to correct inaccuracies in that data, to erase that data, to object to processing of their personal data, and to move it. - -- **Increased duty for protecting personal data.** Reinforced accountability of organizations that process personal data, providing increased clarity of responsibility in ensuring compliance. - -- **Mandatory personal data breach reporting.** Organizations that control personal data are required to report personal data breaches that pose a risk to the rights and freedoms of individuals to their supervisory authorities without undue delay, and, where feasible, no later than 72 hours once they become aware of the breach. - -As you might anticipate, the GDPR can have a significant impact on your business, potentially requiring you to update privacy policies, implement and strengthen data protection controls and breach notification procedures, deploy highly transparent policies, and further invest in IT and training. Microsoft Windows 10 can help you effectively and efficiently address some of these requirements. - -## Personal and sensitive data -As part of your effort to comply with the GDPR, you will need to understand how the regulation defines personal and sensitive data and how those definitions relate to data held by your organization. - -The GDPR considers personal data to be any information related to an identified or identifiable natural person. That can include both direct identification (such as, your legal name) and indirect identification (such as, specific information that makes it clear it is you the data references). The GDPR also makes clear that the concept of personal data includes online identifiers (such as, IP addresses, mobile device IDs) and location data. - -The GDPR introduces specific definitions for genetic data (such as, an individual’s gene sequence) and biometric data. Genetic data and biometric data along with other sub categories of personal data (personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership: data concerning health; or data concerning a person’s sex life or sexual orientation) are treated as sensitive personal data under the GDPR. Sensitive personal data is afforded enhanced protections and generally requires an individual’s explicit consent where these data are to be processed. - -### Examples of info relating to an identified or identifiable natural person (data subject) -This list provides examples of several types of info that will be regulated through GDPR. This is not an exhaustive list. - -- Name - -- Identification number (such as, SSN) - -- Location data (such as, home address) - -- Online identifier (such as, e-mail address, screen names, IP address, device IDs) - -- Pseudonymous data (such as, using a key to identify individuals) - -- Genetic data (such as, biological samples from an individual) - -- Biometric data (such as, fingerprints, facial recognition) - -## Getting started on the journey towards GDPR compliance -Given how much is involved to become GDPR-compliant, we strongly recommend that you don't wait to prepare until enforcement begins. You should review your privacy and data management practices now. We recommend that you begin your journey to GDPR compliance by focusing on four key steps: - -- **Discover.** Identify what personal data you have and where it resides. - -- **Manage.** Govern how personal data is used and accessed. - -- **Protect.** Establish security controls to prevent, detect, and respond to vulnerabilities and data breaches. - -- **Report.** Act on data requests, report data breaches, and keep required documentation. - - ![Diagram about how the 4 key GDPR steps work together](images/gdpr-steps-diagram.png) - -For each of the steps, we've outlined example tools, resources, and features in various Microsoft solutions, which can be used to help you address the requirements of that step. While this article isn't a comprehensive “how to,” we've included links for you to find out more details, and more information is available in the [GDPR section of the Microsoft Trust Center](https://www.microsoft.com/trustcenter/privacy/gdpr). - -## Windows 10 security and privacy -As you work to comply with the GDPR, understanding the role of your desktop and laptop client machines in creating, accessing, processing, storing and managing data that may qualify as personal and potentially sensitive data under the GDPR is important. Windows 10 provides capabilities that will help you comply with the GDPR requirements to implement appropriate technical and organizational security measures to protect personal data. - -With Windows 10, your ability to protect, detect and defend against the types of attacks that can lead to data breaches is greatly improved. Given the stringent requirements around breach notification within the GDPR, ensuring that your desktop and laptop systems are well defended will lower the risks you face that could result in costly breach analysis and notification. - -In this section, we'll talk about how Windows 10 provides capabilities that fit squarely in the **Protect** stage of your journey, including these 4 scenarios: - -- **Threat protection: Pre-breach threat resistance.** Disrupt the malware and hacking industry by moving the playing field to one where they lose the attack vectors that they depend on. - -- **Threat protection: Post-breach detection and response.** Detect, investigate, and respond to advanced threats and data breaches on your networks. - -- **Identity protection.** Next generation technology to help protect your user’s identities from abuse. - -- **Information protection.** Comprehensive data protection while meeting compliance requirements and maintaining user productivity. - -These capabilities, discussed in more detail below with references to specific GDPR requirements, are built on top of advanced device protection that maintains the integrity and security of the operating system and data. - -A key provision within the GDPR is data protection by design and by default, and helping with your ability to meet this provision are features within Windows 10 such as the Trusted Platform Module (TPM) technology designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. - -The chip includes multiple physical security mechanisms to make it tamper resistant, and malicious software is unable to tamper with the security functions of the TPM. Some of the key advantages of using TPM technology are that you can: - -- Generate, store, and limit the use of cryptographic keys. - -- Use TPM technology for platform device authentication by using the TPM’s unique RSA key, which is burned into itself. - -- Help to ensure platform integrity by taking and storing security measurements. - -Additional advanced device protection relevant to your operating without data breaches include Windows Trusted Boot to help maintain the integrity of the system by ensuring malware is unable to start before system defenses. - -### Threat protection: Pre-breach threat resistance -The GDPR requires you to implement appropriate technical and organizational security measures to protect personal data. - -Your ability to meet this requirement to implement appropriate technical security measures should reflect the threats you face in today’s increasingly hostile IT environment. Today’s security threat landscape is one of aggressive and tenacious threats. In previous years, malicious attackers mostly focused on gaining community recognition through their attacks or the thrill of temporarily taking a system offline. Since then, attacker’s motives have shifted toward making money, including holding devices and data hostage until the owner pays the demanded ransom. - -Modern attacks increasingly focus on large-scale intellectual property theft; targeted system degradation that can result in financial loss; and now even cyberterrorism that threatens the security of individuals, businesses, and national interests all over the world. These attackers are typically highly trained individuals and security experts, some of whom are in the employ of nation states that have large budgets and seemingly unlimited human resources. Threats like these require an approach that can meet this challenge. - -Not only are these threats a risk to your ability to maintain control of any personal or sensitive data you may have, but they are a material risk to your overall business as well. Consider recent data from Ponemon Institute, Verizon, and Microsoft: - -- The average cost of the type of data breach the GDPR will expect you to report is $3.5M. (Ponemon Institute). - -- 63% of these breaches involve weak or stolen passwords that the GDPR expects you to address. (2016 Data Breach Investigations Report, Verizon Enterprise). - -- Over 300,000 new malware samples are created and spread every day making your task to address data protection even more challenging. (Microsoft Malware Protection Center, Microsoft). - -As seen with recent ransomware attacks, once called the "black plague" of the Internet, attackers are going after bigger targets that can afford to pay more, with potentially catastrophic consequences. Desktops and laptops, that contain personal and sensitive data, are commonly targeted where control over data might be lost. - -In response to these threats and as a part of your mechanisms to resist these types of breaches so that you remain in compliance with the GDPR, Windows 10 provides built in technology, detailed below including the following: - -- Microsoft Defender Antivirus to respond to emerging threats on data. - -- Microsoft Edge to systemically disrupt phishing, malware, and hacking attacks. - -- Windows Defender Device Guard to block all unwanted applications on client machines. - -#### Responding to emerging data threats -Microsoft Defender Antivirus is a built-in antimalware solution that provides security and antimalware management for desktops, portable computers, and servers. In Windows 10, it uses a multi-pronged approach to improve antimalware: - -- **Cloud-delivered protection.** Helps to detect and block new malware within seconds, even if the malware has never been seen before. - -- **Rich local context.** Improves how malware is identified. Windows 10 informs Microsoft Defender Antivirus not only about content like files and processes, but also where the content came from, where it's been stored, and more. - -- **Extensive global sensors.** Help to keep Microsoft Defender Antivirus current and aware of even the newest malware. This is accomplished in two ways: by collecting the rich local context data from end points and by centrally analyzing that data. - -- **Tamper proofing.** Helps to guard Microsoft Defender Antivirus itself against malware attacks. For example, Microsoft Defender Antivirus uses Protected Processes, which prevents untrusted processes from attempting to tamper with Microsoft Defender Antivirus components, its registry keys, and so on. - -- **Enterprise-level features.** Give IT pros the tools and configuration options necessary to make Microsoft Defender Antivirus an enterprise-class antimalware solution. - -#### Systemically disrupting phishing, malware, and hacking attacks -In today’s threat landscape, your ability to provide those mechanisms should be tied to the specific data-focused attacks you face through phishing, malware and hacking due to the browser-related attacks. - -As part of Windows 10, Microsoft has brought you Microsoft Edge, our safest and most secure browser to-date. Over the past two years, we have been continuously innovating, and we’re proud of the progress we’ve made. This quality of engineering is reflected by the reduction of Common Vulnerabilities and Exposures (CVE) when comparing Microsoft Edge with Internet Explorer over the past year. Browser-related attacks on personal and sensitive data that you will need to protect under the GDPR means this innovation in Windows 10 is important. - -While no modern browser — or any complex application — is free of vulnerabilities, many of the vulnerabilities for Microsoft Edge have been responsibly reported by professional security researchers who work with the Microsoft Security Response Center (MSRC) and the Microsoft Edge team to ensure customers are protected well before any attacker might use these vulnerabilities in the wild. Even better, there is no evidence that any vulnerabilities have been exploited in the wild as zero-day attacks. - -![Graph of the Common Vulnerabilities and Exposures (CVE) in the National Vulnerability Database](images/gdpr-cve-graph.png) - -However, many businesses worldwide have come under increasing threat of targeted attacks, where attackers are crafting specialized attacks against a specific business, attempting to take control of corporate networks and data. - -#### Blocking all unwanted apps -Application Control is your best defense in a world where there are more than 300,000 new malware samples each day. As part of Windows 10, Windows Defender Device Guard is a combination of enterprise-related hardware and software security features that, when configured together, will lock a device down so that it can only run trusted applications that you define in your code integrity policies. If the app isn’t trusted it can’t run, period. - -With hardware that meets basic requirements, it also means that even if an attacker manages to get control of the Windows kernel, he or she will be much less likely to be able to run malicious executable code. With appropriate hardware, Windows Defender Device Guard can use the new virtualization-based security in Windows 10 to isolate the Code Integrity service from the Microsoft Windows kernel itself. In this case, the Code Integrity service runs alongside the kernel in a Windows hypervisor-protected container. - -Windows Defender Device Guard protects threats that can expose personal or sensitive data to attack, including: - -- Exposure to new malware, for which the "signature" is not yet known - -- Exposure to unsigned code (most malware is unsigned) - -- Malware that gains access to the kernel and then, from within the kernel, captures sensitive information or damages the system - -- DMA-based attacks, for example, attacks launched from a malicious device that read secrets from memory, making the enterprise more vulnerable to attack; and - -- Exposure to boot kits or to a physically present attacker at boot time. - -### Threat protection: Post-breach detection and response -The GDPR includes explicit requirements for breach notification where a personal data breach means, “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.” - -As noted in the Windows Security Center white paper, [Post Breach: Dealing with Advanced Threats](http://wincom.blob.core.windows.net/documents/Post_Breach_Dealing_with_Advanced_Threats_Whitepaper.pdf), “_Unlike pre-breach, post-breach assumes a breach has already occurred – acting as a flight recorder and Crime Scene Investigator (CSI). Post-breach provides security teams the information and toolset needed to identify, investigate, and respond to attacks that otherwise will stay undetected and below the radar._” - -#### Insightful security diagnostic data -For nearly two decades, Microsoft has been turning threats into useful intelligence that can help fortify our platform and protect customers. Today, with the immense computing advantages afforded by the cloud, we are finding new ways to use our rich analytics engines driven by threat intelligence to protect our customers. - -By applying a combination of automated and manual processes, machine learning and human experts, we can create an Intelligent Security Graph that learns from itself and evolves in real-time, reducing our collective time to detect and respond to new incidents across our products. - -![Diagram of Microsoft's Intelligent Security Graph](images/gdpr-intelligent-security-graph.png) - -The scope of Microsoft’s threat intelligence spans, literally, billions of data points: 35 billion messages scanned monthly, 1 billion customers across enterprise and consumer segments accessing 200+ cloud services, and 14 billion authentications performed daily. All this data is pulled together on your behalf by Microsoft to create the Intelligent Security Graph that can help you protect your front door dynamically to stay secure, remain productive, and meet the requirements of the GDPR. - -#### Detecting attacks and forensic investigation -Even the best endpoint defenses may be breached eventually, as cyberattacks become more sophisticated and targeted. - -Windows Defender Advanced Threat Protection (ATP) helps you detect, investigate, and respond to advanced attacks and data breaches on your networks. GDPR expects you to protect against attacks and breaches through technical security measures to ensure the ongoing confidentiality, integrity, and availability of personal data. - -Among the key benefits of ATP are the following: - -- Detecting the undetectable - sensors built deep into the operating system kernel, Windows security experts, and unique optics from over 1 billion machines and signals across all Microsoft services. - -- Built in, not bolted on - agentless with high performance and low impact, cloud-powered; easy management with no deployment. - -- Single pane of glass for Windows security - explore 6 months of rich machine timeline that unifies security events from Windows Defender ATP, Microsoft Defender Antivirus. - -- Power of the Microsoft graph - leverages the Microsoft Intelligence Security Graph to integrate detection and exploration with Office 365 ATP subscription, to track back and respond to attacks. - -Read more at [What’s new in the Windows Defender ATP Creators Update preview](https://blogs.microsoft.com/microsoftsecure/2017/03/13/whats-new-in-the-windows-defender-atp-creators-update-preview/). - -To provide Detection capabilities, Windows 10 improves our OS memory and kernel sensors to enable detection of attackers who are employing in-memory and kernel-level attacks – shining a light into previously dark spaces where attackers hid from conventional detection tools. We’ve already successfully leveraged this new technology against zero-days attacks on Windows. - -![Windows Defender Security Center](images/gdpr-security-center.png) - -We continue to upgrade our detections of ransomware and other advanced attacks, applying our behavioral and machine-learning detection library to counter changing attacks trends. Our historical detection capability ensures new detection rules apply to up to six months of stored data to detect attacks that previously went unnoticed. Customers can also add customized detection rules or IOCs to augment the detection dictionary. - -Customers asked us for a single pane of glass across the entire Windows security stack. Microsoft Defender Antivirus detections and Windows Defender Device Guard blocks are the first to surface in the Windows Defender ATP portal interleaved with Windows Defender ATP detections. The new user entity adds identity as a pivot, providing insight into actions, relationships, and alerts that span machines and allow us to track attackers moving laterally across the network. - -Our alert page now includes a new process tree visualization that aggregates multiple detections and related events into a single view that helps security teams reduce the time to resolve cases by providing the information required to understand and resolve incidents without leaving the alert page. - -Security Operations (SecOps) can hunt for evidence of attacks, such as file names or hashes, IP addresses or URLs, behaviors, machines, or users. They can do this immediately by searching the organization’s cloud inventory, across all machines – and going back up to 6 months in time – even if machines are offline, have been reimaged, or no longer exist. - -![Windows Defender Security Center - User screen](images/gdpr-security-center2.png) - -When detecting an attack, security teams can now take immediate action: isolate machines, ban files from the network, kill or quarantine running processes or files, or retrieve an investigation package from a machine to provide forensic evidence – with a click of a button. Because while detecting advanced attacks is important – shutting them down is even more so. - -![Windows Defender Security Center - Machine screen](images/gdpr-security-center3.png) - -### Identity Protection -Identify and access management is another area where the GDPR has placed special emphasis by calling for mechanisms to grant and restrict access to data subject personal data (for example, role-based access, segregation of duties). - -#### Multi-factor protection -Biometric authentication – using your face, iris, or fingerprint to unlock your devices – is much safer than traditional passwords. You– uniquely you– plus your device are the keys to your apps, data, and even websites and services – not a random assortment of letters and numbers that are easily forgotten, hacked, or written down and pinned to a bulletin board. - -Your ability to protect personal and sensitive data, that may be stored or accessed through desktop or laptops will be further enhanced by adopting advanced authentication capabilities such as Windows Hello for Business and Windows Hello companion devices. Windows Hello for Business, part of Windows 10, gives users a personal, secured experience where the device is authenticated based on their presence. Users can log in with a look or a touch, with no need for a password. - -In conjunction with Windows Hello for Business, biometric authentication uses fingerprints or facial recognition and is more secure, more personal, and more convenient. If an application supports Hello, Windows 10 enables you to authenticate applications, enterprise content, and even certain online experiences without a password being stored on your device or in a network server at all. -Windows Hello for Business works with the Companion Device Framework to enhance the user authentication experience. Using the Windows Hello Companion Device Framework, a companion device can provide a rich experience for Windows Hello even when biometrics are not available (for example, if the Windows 10 desktop lacks a camera for face authentication or fingerprint reader device). - -There are numerous ways one can use the Windows Hello Companion Device Framework to build a great Windows unlock experience with a companion device. For example, users can: - -- Work offline (for example, while traveling on a plane) - -- Attach their companion device to PC via USB, touch the button on the companion device, and automatically unlock their PC. - -- Carry a phone in their pocket that is already paired with their PC over Bluetooth. Upon hitting the spacebar on their PC, their phone receives a notification. Approve it and the PC simply unlocks. - -- Tap their companion device to an NFC reader to quickly unlock their PC. - -- Wear a fitness band that has already authenticated the wearer. Upon approaching PC, and by performing a special gesture (like clapping), the PC unlocks. - -#### Protection against attacks by isolating user credentials -As noted in the [Windows 10 Credential Theft Mitigation Guide](https://www.microsoft.com/download/confirmation.aspx?id=54095), “_the tools and techniques criminals use to carry out credential theft and reuse attacks improve, malicious attackers are finding it easier to achieve their goals. Credential theft often relies on operational practices or user credential exposure, so effective mitigations require a holistic approach that addresses people, processes, and technology. In addition, these attacks rely on the attacker stealing credentials after compromising a system to expand or persist access, so organizations must contain breaches rapidly by implementing strategies that prevent attackers from moving freely and undetected in a compromised network._” - -An important design consideration for Windows 10 was mitigating credential theft — in particular, derived credentials. Windows Defender Credential Guard provides significantly improved security against derived credential theft and reuse by implementing a significant architectural change in Windows designed to help eliminate hardware-based isolation attacks rather than simply trying to defend against them. - -When Credential Manager domain credentials, NTLM, and Kerberos derived credentials are protected using virtualization-based security, the credential theft attack techniques and tools used in many targeted attacks are blocked. Malware running in the operating system with administrative privileges can't extract secrets that are protected by virtualization-based security. While Windows Defender Credential Guard is a powerful mitigation, persistent threat attacks will likely shift to new attack techniques and you should also incorporate Windows Defender Device Guard, as described above, and other security strategies and architectures. - -### Information Protection -The GDPR is focused on information protection regarding data that is considered as personal or sensitive in relation to a natural person, or data subject. Device protection, protection against threats, and identity protection are all important elements of a Defense in Depth strategy surrounding a layer of information protection in your laptop and desktop systems. - -As to the protection of data, the GDPR recognizes that in assessing data security risk, consideration should be given to the risks that are presented such as accidental loss, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed. It also recommends that measures taken to maintain an appropriate level of security should consider the state-of-the-art and the costs of implementation in relation to the risks among other factors. - -Windows 10 provides built in risk mitigation capabilities for today’s threat landscape. In this section, we will look at the types of technologies that will help your journey toward GDPR compliance and at the same time provide you with solid overall data protection as part of a comprehensive information protection strategy. - -![Diagram of Microsoft's comprehensive information protection strategy](images/gdpr-comp-info-protection.png) - -#### Encryption for lost or stolen devices -The GDPR calls for mechanisms that implement appropriate technical security measures to confirm the ongoing confidentiality, integrity, and availability of both personal data and processing systems. BitLocker Encryption, first introduced as part of Microsoft's Next-Generation Secure Computing Base architecture in 2004 and made available with Windows Vista, is a built-in data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers. - -BitLocker provides the most protection when used with a Trusted Platform Module (TPM) version 1.2 or later. The TPM is a hardware component installed in many newer computers by the computer manufacturers. It works with BitLocker to protect user data and to ensure that a computer has not been tampered with while the system was offline. - -Data on a lost or stolen computer is vulnerable to unauthorized access, either by running a software-attack tool against it or by transferring the computer's hard disk to a different computer. BitLocker helps mitigate unauthorized data access by enhancing file and system protections. BitLocker also helps render data inaccessible when BitLocker-protected computers are decommissioned or recycled. - -Related to BitLocker are Encrypted Hard Drives, a new class of hard drives that are self-encrypting at a hardware level and allow for full disk hardware encryption. Encrypted Hard Drives use the rapid encryption that is provided by BitLocker Drive Encryption to enhance data security and management. - -By offloading the cryptographic operations to hardware, Encrypted Hard Drives increase BitLocker performance and reduce CPU usage and power consumption. Because Encrypted Hard Drives encrypt data quickly, enterprise devices can expand BitLocker deployment with minimal impact on productivity. - -Some of the benefits of Encrypted Hard Drives include: - -- **Better performance.** Encryption hardware, integrated into the drive controller, allows the drive to operate at full data rate with no performance degradation. - -- **Strong security based in hardware.** Encryption is always "on" and the keys for encryption never leave the hard drive. User authentication is performed by the drive before it will unlock, independently of the operating system - -- **Ease of use.** Encryption is transparent to the user because it is on by default. There is no user interaction needed to enable encryption. Encrypted Hard Drives are easily erased using on-board encryption key; there is no need to re-encrypt data on the drive. - -- **Lower cost of ownership.** There is no need for new infrastructure to manage encryption keys, since BitLocker leverages your Active Directory Domain Services infrastructure to store recovery information. Your device operates more efficiently because processor cycles don't need to be used for the encryption process. - -#### Preventing accidental data leaks to unauthorized users -Part of the reality of your operating in a mobile-first, cloud-first world is the notion that some laptops will have multiple purposes – both business and personal. Yet that data that is considered as personal and sensitive regarding EU residents considered as “data subjects” must be protected in line with the requirements of the GDPR. - -Windows Information Protection helps people separate their work and personal data and keeps data encrypted wherever it’s stored. Your employees can safely use both work and personal data on the same device without switching applications. Windows Information Protection helps end users avoid inadvertent data leaks by sending a warning when copy/pasting information in non-corporate applications – end users can still proceed but the action will be logged centrally. - -For example, employees can’t send protected work files from a personal email account instead of their work account. They also can’t accidently post personal or sensitive data from a corporate site into a tweet. Windows Information Protection also helps ensure that they aren’t saving personal or sensitive data in a public cloud storage location. - -#### Capabilities to classify, assign permissions and share data -Windows Information Protection is designed to coexist with advanced data loss prevention (DLP) capabilities found in Microsoft 365 Apps for enterprise, Azure Information Protection, and Azure Rights Management. Advanced DLP prevents printing, for example, or protects work data that is emailed outside your company. - -To continuously protect your data, regardless of where it is stored, with whom it is shared, or if the device is running iOS, Android or Windows, the classification and protection needs to be built into the file itself, so this protection can travel with the data wherever it goes. Microsoft Azure Information Protection (AIP) is designed to provide this persistent data protection both on-premises and in the cloud. - -Data classification is an important part of any data governance plan. Adopting a classification scheme that applies throughout your business can be particularly helpful in responding to what the GDPR calls data subject (for example, your EU employee or customer) requests, because it enables enterprises to identify more readily and process personal data requests. - -Azure Information Protection can be used to help you classify and label your data at the time of creation or modification. Protection in the form of encryption, which the GDPR recognizes may be appropriate at times, or visual markings can then be applied to data needing protection. - -With Azure Information Protection, you can either query for data marked with a sensitivity label or intelligently identify sensitive data when a file or email is created or modified. Once identified, you can automatically classify and label the data – all based on the company’s desired policy. - -Azure Information Protection also helps your users share sensitive data in a secure manner. In the example below, information about a sensitive acquisition was encrypted and restricted to a group of people who were granted only a limited set of permissions on the information – they could modify the content but could not copy or print it. - -![Azure Information Protection screen with limitations](images/gdpr-azure-info-protection.png) - -## Related content for associated Windows 10 solutions - -- **Windows Hello for Business:** https://www.youtube.com/watch?v=WOvoXQdj-9E and https://docs.microsoft.com/windows/access-protection/hello-for-business/hello-identity-verification - -- **Microsoft Defender Antivirus:** https://www.youtube.com/watch?v=P1aNEy09NaI and https://docs.microsoft.com/windows/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10 - -- **Windows Defender Advanced Threat Protection:** https://www.youtube.com/watch?v=qxeGa3pxIwg and https://docs.microsoft.com/windows/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection - -- **Windows Defender Device Guard:** https://www.youtube.com/watch?v=F-pTkesjkhI and https://docs.microsoft.com/windows/device-security/device-guard/device-guard-deployment-guide - -- **Windows Defender Credential Guard:** https://www.youtube.com/watch?v=F-pTkesjkhI and https://docs.microsoft.com/windows/access-protection/credential-guard/credential-guard - -- **Windows Information Protection:** https://www.youtube.com/watch?v=wLkQOmK7-Jg and https://docs.microsoft.com/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip - -- Windows 10 Security Guide: https://technet.microsoft.com/itpro/windows/keep-secure/windows-10-security-guide - -## Disclaimer -This article is a commentary on the GDPR, as Microsoft interprets it, as of the date of publication. We’ve spent a lot of time with GDPR and like to think we’ve been thoughtful about its intent and meaning. But the application of GDPR is highly fact-specific, and not all aspects and interpretations of GDPR are well-settled. - -As a result, this article is provided for informational purposes only and should not be relied upon as legal advice or to determine how GDPR might apply to you and your organization. We encourage you to work with a legally-qualified professional to discuss GDPR, how it applies specifically to your organization, and how best to ensure compliance. - -MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS ARTICLE. This article is provided “as-is.” Information and views expressed in this article, including URL and other Internet website references, may change without notice. - -This article does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this article for your internal, reference purposes only. - -Published September 2017
-Version 1.0
-© 2017 Microsoft. All rights reserved. diff --git a/windows/privacy/toc.yml b/windows/privacy/toc.yml index 48721791cf..18e7d05236 100644 --- a/windows/privacy/toc.yml +++ b/windows/privacy/toc.yml @@ -1,6 +1,5 @@ - name: Privacy href: index.yml - expanded: true items: - name: "Windows 10 & Privacy Compliance: A Guide for IT and Compliance Professionals" href: Windows-10-and-privacy-compliance.md diff --git a/windows/privacy/windows-personal-data-services-configuration.md b/windows/privacy/windows-personal-data-services-configuration.md deleted file mode 100644 index 273f2bac8d..0000000000 --- a/windows/privacy/windows-personal-data-services-configuration.md +++ /dev/null @@ -1,408 +0,0 @@ ---- -title: Windows 10 personal data services configuration -description: Learn more about Windows 10 configuration settings that are useful for complying with regulations such as the GDPR and protecting users' personal data. -keywords: privacy, GDPR, windows, IT -ms.prod: w10 -ms.mktglfcycl: manage -ms.sitesec: library -ms.pagetype: security -ms.localizationpriority: high -audience: ITPro -author: dansimp -ms.author: dansimp -manager: dansimp -ms.collection: M365-security-compliance -ms.topic: article -ms.date: 05/11/2018 -ms.reviewer: ---- -# Windows 10 personal data services configuration - -Applies to: -- Windows 10, version 1803 and newer - -Microsoft assembled a list of Windows 10 services configuration settings that are useful for personal data privacy protection and related regulations, such as the General Data Protection Regulation (GDPR). There is one section with settings for service data that is managed at Microsoft and a section for local data that is managed by an IT organization. - -IT Professionals that are interested in applying these settings via group policies can find the configuration for download [here](https://go.microsoft.com/fwlink/?linkid=874149). - -## Introduction - -Microsoft collects data from or generates it through interactions with users of Windows 10 devices. This information can contain personal data that may be used to provide, support, and improve Windows 10 services. - -Many Windows 10 services are controller services. A user can manage data collection settings, for example by opening *Start > Settings > Privacy* or by visiting the [Microsoft Privacy dashboard](https://account.microsoft.com/privacy). While this relationship between Microsoft and a user is evident in a consumer type scenario, an IT organization can influence that relationship. For example, the IT department has the ability to configure the Windows diagnostic data level across their organization by using Group Policy, registry, or Mobile Device Management (MDM) settings. - -Below is a collection of settings related to the Windows 10 personal data services configuration that IT Professionals can use as guidance for influencing Windows diagnostic data collection and personal data protection. - -## Windows diagnostic data - -Windows 10 collects Windows diagnostic data—such as usage data, performance data, inking, typing, and utterance data—and sends it back to Microsoft. That data is used for keeping the operating system secure and up-to-date, to troubleshoot problems, and to make product improvements. For users who have turned on "Tailored experiences", that data can also be used to offer personalized tips, ads, and recommendations to enhance Microsoft products and services for your needs. - -The following options for configuring Windows diagnostic data are relevant in this context. - -### Diagnostic level - -This setting determines the amount of Windows diagnostic data sent to Microsoft. - ->[!NOTE] ->In Windows 10, version 1709, Microsoft introduced a new feature: “Limit Enhanced diagnostic data to the minimum required by Windows Analytics”. When enabled, this feature limits the operating system diagnostic data events included in the Enhanced level to the smallest set of data required by [Windows Analytics](https://www.microsoft.com/windowsforbusiness/windows-analytics). For more information on the Enhanced level, see [Configure Windows diagnostic data in your organization](configure-windows-diagnostic-data-in-your-organization.md). - -#### Group Policy - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Group Policy** | Computer Configuration\Administrative Templates\Windows Components\Data Collection and Preview Builds | ->| **Policy Name** | Allow Telemetry | ->| **Default setting** | 2 - Enhanced | ->| **Recommended** | 2 - Enhanced | - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Group Policy** | User Configuration\Administrative Templates\Windows Components\Data Collection and Preview Builds | ->| **Policy Name** | Allow Telemetry | ->| **Default setting** | 2 - Enhanced | ->| **Recommended** | 2 - Enhanced | - ->[!NOTE] ->When both the Computer Configuration policy and User Configuration policy are set, the more restrictive policy is used. - -#### Registry - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Registry key** | HKLM\Software\Policies\Microsoft\Windows\DataCollection | ->| **Value** | AllowTelemetry | ->| **Type** | REG_DWORD | ->| **Setting** | "00000002" | - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Registry key** | HKCU\Software\Policies\Microsoft\Windows\DataCollection | ->| **Value** | AllowTelemetry | ->| **Type** | REG_DWORD | ->| **Setting** | "00000002" | - -#### MDM - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **MDM CSP** | System | ->| **Policy** | AllowTelemetry (scope: device and user) | ->| **Default setting** | 2 – Enhanced | ->| **Recommended** | 2 – Allowed | - -### Diagnostic opt-in change notifications - -This setting determines whether a device shows notifications about Windows diagnostic data levels to people on first logon or when changes occur in the diagnostic configuration. - -#### Group Policy - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Group Policy** | Computer Configuration\Administrative Templates\Windows Components\Data Collection and Preview Builds | ->| **Policy Name** | Configure telemetry opt-in change notifications | ->| **Default setting** | Enabled | ->| **Recommended** | Enabled | - -#### Registry - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Registry key** | HKLM\Software\Policies\Microsoft\Windows\DataCollection | ->| **Value** | DisableTelemetryOptInChangeNotification | ->| **Type** | REG_DWORD | ->| **Setting** | "00000000" | - -#### MDM - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **MDM CSP** | System | ->| **Policy** | ConfigureTelemetryOptInChangeNotification | ->| **Default setting** | 0 – Enabled | ->| **Recommended** | 0 – Enabled | - -### Configure telemetry opt-in setting user interface - -This setting determines whether people can change their own Windows diagnostic data level in *Start > Settings > Privacy > Diagnostics & feedback*. - -#### Group Policy - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Group Policy** | Computer Configuration\Administrative Templates\Windows Components\Data Collection and Preview Builds | ->| **Policy Name** | Configure telemetry opt-in setting user interface | ->| **Default setting** | Enabled | ->| **Recommended** | Enabled | - -#### Registry - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Registry key** | HKLM\Software\Policies\Microsoft\Windows\DataCollection | ->| **Value** | DisableTelemetryOptInSettingsUx | ->| **Type** | REG_DWORD | ->| **Setting** | "00000001" | - -#### MDM - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **MDM CSP** | System | ->| **Policy** | ConfigureTelemetryOptInSettingsUx | ->| **Default setting** | 0 – Enabled | ->| **Recommended** | 0 – Enabled | - -## Policies affecting personal data protection managed by the Enterprise IT - -There are additional settings usually managed by the Enterprise IT that also affect the protection of personal data. - -The following options for configuring these policies are relevant in this context. - -### BitLocker - -The following settings determine whether fixed and removable drives are protected by the BitLocker Drive Encryption. - -#### Fixed Data Drives - -#### Group Policy - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Group Policy** | Computer Configuration\Administrative Templates\Windows Components\Bitlocker Drive Encryption\Fixed Data Drives | ->| **Policy Name** | Deny write access to fixed drives not protected by BitLocker | ->| **Default setting** | Not configured | ->| **Recommended** | Enabled | - -#### Registry - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Registry key** | HKLM\System\CurrentControlSet\Policies\Microsoft\FVE | ->| **Value** | FDVDenyWriteAccess | ->| **Type** | REG_DWORD | ->| **Setting** | "00000001" | - -#### MDM - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **MDM CSP** | BitLocker | ->| **Policy** | FixedDrivesRequireEncryption | ->| **Default setting** | Disabled | ->| **Recommended** | Enabled (see [instructions](/windows/client-management/mdm/bitlocker-csp#fixeddrivesrequireencryption)) | - -#### Removable Data Drives - -#### Group Policy - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Group Policy** | Computer Configuration\Administrative Templates\Windows Components\Bitlocker Drive Encryption\Removable Data Drives | ->| **Policy Name** | Deny write access to removable drives not protected by BitLocker | ->| **Default setting** | Not configured | ->| **Recommended** | Enabled | - -#### Registry - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Registry key** | HKLM\System\CurrentControlSet\Policies\Microsoft\FVE | ->| **Value** | RDVDenyWriteAccess | ->| **Type** | REG_DWORD | ->| **Setting** | "00000001" | - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Registry key** | HKLM\Software\Policies\Microsoft\FVE | ->| **Value** | RDVDenyCrossOrg | ->| **Type** | REG_DWORD | ->| **Setting** | "00000000" | - -#### MDM - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **MDM CSP** | BitLocker | ->| **Policy** | RemovableDrivesRequireEncryption | ->| **Default setting** | Disabled | ->| **Recommended** | Enabled (see [instructions](/windows/client-management/mdm/bitlocker-csp#removabledrivesrequireencryption)) | - -### Privacy – AdvertisingID - -This setting determines if the advertising ID, which preventing apps from using the ID for experiences across apps, is turned off. - -#### Group Policy - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Group Policy** | Computer Configuration\Administrative Templates\System\User Profiles | ->| **Policy Name** | Turn off the advertising ID | ->| **Default setting** | Not configured | ->| **Recommended** | Enabled | - -#### Registry - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Registry key** | HKLM\Software\Policies\Microsoft\Windows\AdvertisingInfo | ->| **Value** | DisabledByGroupPolicy | ->| **Type** | REG_DWORD | ->| **Setting** | "00000001" | - -#### MDM - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **MDM CSP** | Privacy | ->| **Policy** | DisableAdvertisingId | ->| **Default setting** | 65535 (default) - Not configured | ->| **Recommended** | 1 – Enabled | - -### Edge - -These settings whether employees send “Do Not Track” from the Microsoft Edge web browser to websites. - ->[!NOTE] ->Please see [this Microsoft blog post](https://blogs.microsoft.com/on-the-issues/2015/04/03/an-update-on-microsofts-approach-to-do-not-track/) for more details on why the “Do Not Track” is no longer the default setting. - -#### Group Policy - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Group Policy** | Computer Configuration\Administrative Templates\Windows Components\Microsoft Edge | ->| **Policy Name** | Configure Do Not Track | ->| **Default setting** | Disabled | ->| **Recommended** | Disabled | - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Group Policy** | User Configuration\Administrative Templates\Windows Components\Microsoft Edge | ->| **Policy Name** | Configure Do Not Track | ->| **Default setting** | Disabled | ->| **Recommended** | Disabled | - -#### Registry - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Registry key** | HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main | ->| **Value** | DoNotTrack | ->| **Type** | REG_DWORD | ->| **Setting** | "00000000" | - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Registry key** | HKCU\Software\Policies\Microsoft\MicrosoftEdge\Main | ->| **Value** | DoNotTrack | ->| **Type** | REG_DWORD | ->| **Setting** | "00000000" | - -#### MDM - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **MDM CSP** | Browser | ->| **Policy** | AllowDoNotTrack (scope: device + user) | ->| **Default setting** | 0 (default) – Not allowed | ->| **Recommended** | 0 – Not allowed | - -### Internet Explorer - -These settings whether employees send “Do Not Track” header from the Microsoft Explorer web browser to websites. - -#### Group Policy - -> [!div class="mx-tableFixed"] ->| | | ->|:-|:-| ->| **Group Policy** | Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | ->| **Policy Name** | Always send Do Not Track header | ->| **Default setting** | Disabled | ->| **Recommended** | Disabled | - -> [!div class="mx-tableFixed"] ->||| ->|:-|:-| ->| **Group Policy** | User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | ->| **Policy Name** | Always send Do Not Track header | ->| **Default setting** | Disabled | ->| **Recommended** | Disabled | - -#### Registry - -> [!div class="mx-tableFixed"] ->||| ->|:-|:-| ->| **Registry key** | HKLM\Software\Policies\Microsoft\Internet Explorer\Main | ->| **Value** | DoNotTrack | ->| **Type** | REG_DWORD | ->| **Setting** | "00000000" | - -> [!div class="mx-tableFixed"] ->||| ->|:-|:-| ->| **Registry key** | HKCU\Software\Policies\Microsoft\Internet Explorer\Main | ->| **Value** | DoNotTrack | ->| **Type** | REG_DWORD | ->| **Setting** | "00000000" | - -#### MDM - -> [!div class="mx-tableFixed"] ->||| ->|:-|:-| ->| **MDM CSP** | N/A | - -## Additional resources - -### FAQs - -* [Windows 10 feedback, diagnostics, and privacy](https://privacy.microsoft.com/windows-10-feedback-diagnostics-and-privacy) -* [Microsoft Edge and privacy](https://privacy.microsoft.com/windows-10-microsoft-edge-and-privacy) -* [Windows Hello and privacy](https://privacy.microsoft.com/windows-10-windows-hello-and-privacy) -* [Wi-Fi Sense](https://privacy.microsoft.com/windows-10-about-wifi-sense) - -### Blogs - -* [Privacy and Windows 10](https://blogs.windows.com/windowsexperience/2015/09/28/privacy-and-windows-10) - -### Privacy Statement - -* [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement) - -### Windows Privacy on docs.microsoft.com - -* [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md) -* [Manage connections from Windows 10 operating system components to Microsoft services](https://docs.microsoft.com/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services) -* [Understanding Windows diagnostic data](configure-windows-diagnostic-data-in-your-organization.md#understanding-windows-diagnostic-data) -* [Configure Windows diagnostic data in your organization](configure-windows-diagnostic-data-in-your-organization.md) - -### Other resources - -* [Privacy at Microsoft](https://privacy.microsoft.com/)