Privacy and Data Security
We recognize privacy as a fundamental human right. We work to preserve our customers’ ability to control their data and make informed choices to protect their privacy.
Meeting EU privacy requirements
Microsoft’s released new General Data Protection Regulation (GDPR) compliance assessment tools for customers and other organizations.
Balancing law enforcement needs with privacy
Microsoft offered Congress our viewpoint on the need to modernize our country’s antiquated digital data laws.
Trust, privacy, and the GDPR
Microsoft’s President and Chief Legal Officer, Corporate Vice President, and Chief Privacy Officer, discuss Microsoft’s commitment and approach to privacy and the GDPR.
Our commitment and approach
Microsoft’s privacy practices and the way we build our products and services rest on six key privacy principles.
We put users in control of their privacy with easy-to-use tools and clear choices.
We’re transparent about data collection and use so users can make informed decisions.
We protect the data that users entrust to us through strong security and encryption.
We respect local privacy laws and fight for the protection of users’ privacy as a fundamental human right.
No content-based targeting
We don’t use email, chat, files, or other personal content to target ads.
When we do collect data, we use it to benefit you and your experiences.
We’re standing up for users’ rights, allowing them to view and control their activity; we’re committing to compliance across the cloud; and we’re hiring renowned leaders in the field to guide our way.
- Laptop with magnifying glass
- Shield with check mark
- Lock with person
- Cloud with key hole
- Shield with person
Launching privacy dashboard
In January 2017, Microsoft launched a new web-based privacy dashboard that allows users to see and control their activity data across multiple Microsoft services. This allows users to view—and choose to clear—the data that Microsoft collects, such as browsing history, search history, and location activity, and to manage information in the Cortana Notebook, which provides personalized recommendations. We will add additional data types and functionality over time.
Privacy shield certification
In August 2016, Microsoft became the first listed global cloud service provider to meet the U.S. Department of Commerce Privacy Shield certification. The EU-US Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to apply EU data protection requirements to govern data transmission between Europe and the United States.
Leading regulator takes privacy post
In April 2017 Microsoft announced that it had hired former Commissioner of the U.S. Federal Trade Commission, Julie Brill, to lead privacy, data protection, and other regulatory issues at Microsoft. Brill is a globally recognized leader on privacy, data protection, and cybersecurity law and policy.
Enabling compliance with new privacy protections
In May 2018, the European Union is imposing strong new privacy rules: The General Data Protection Regulation (GDPR). Microsoft believes GDPR is an important step forward for privacy rights and we’re committed to GDPR compliance across our cloud services. We’re among the first cloud service providers to include GDPR-related assurances in our contractual commitments with customers and are committed to helping other organizations comply as well.
Standing up for users’ rights
Microsoft has helped lead our industry in pushing for reform in government surveillance in the U.S. and around the world. We're challenging an effort by the U.S. government to use search warrants unilaterally to reach beyond U.S. borders. We’re supporting efforts to modernize U.S. surveillance laws and sparked the idea of a Digital Geneva Convention—an international treaty to protect civilians from state-sponsored cyberattacks.
FY17 Reporting resources
Get the bigger picture
Visit these key resources across microsoft.com to learn more about Microsoft’s work in privacy and data security.