Privacy and Data Security

We recognize privacy as a fundamental human right. We work to preserve our customers’ ability to control their data and make informed choices to protect their privacy.

Our commitment and approach

Microsoft’s privacy practices and the way we build our products and services rest on six key privacy principles.


We put users in control of their privacy with easy-to-use tools and clear choices.


We’re transparent about data collection and use so users can make informed decisions.


We protect the data that users entrust to us through strong security and encryption.

Legal protections

We respect local privacy laws and fight for the protection of users’ privacy as a fundamental human right.

No content-based targeting

We don’t use email, chat, files, or other personal content to target ads.

User benefits

When we do collect data, we use it to benefit you and your experiences.

FY17 Highlights

We’re standing up for users’ rights, allowing them to view and control their activity; we’re committing to compliance across the cloud; and we’re hiring renowned leaders in the field to guide our way.

  • Launching privacy dashboard

    In January 2017, Microsoft launched a new web-based privacy dashboard that allows users to see and control their activity data across multiple Microsoft services. This allows users to view—and choose to clear—the data that Microsoft collects, such as browsing history, search history, and location activity, and to manage information in the Cortana Notebook, which provides personalized recommendations. We will add additional data types and functionality over time.

  • Privacy shield certification

    In August 2016, Microsoft became the first listed global cloud service provider to meet the U.S. Department of Commerce Privacy Shield certification. The EU-US Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to apply EU data protection requirements to govern data transmission between Europe and the United States.

  • Leading regulator takes privacy post

    In April 2017 Microsoft announced that it had hired former Commissioner of the U.S. Federal Trade Commission, Julie Brill, to lead privacy, data protection, and other regulatory issues at Microsoft. Brill is a globally recognized leader on privacy, data protection, and cybersecurity law and policy.

  • Enabling compliance with new privacy protections

    In May 2018, the European Union is imposing strong new privacy rules: The General Data Protection Regulation (GDPR). Microsoft believes GDPR is an important step forward for privacy rights and we’re committed to GDPR compliance across our cloud services. We’re among the first cloud service providers to include GDPR-related assurances in our contractual commitments with customers and are committed to helping other organizations comply as well.

  • Standing up for users’ rights

    Microsoft has helped lead our industry in pushing for reform in government surveillance in the U.S. and around the world. We're challenging an effort by the U.S. government to use search warrants unilaterally to reach beyond U.S. borders. We’re supporting efforts to modernize U.S. surveillance laws and sparked the idea of a Digital Geneva Convention—an international treaty to protect civilians from state-sponsored cyberattacks.

FY17 Reporting resources

Get the bigger picture

Visit these key resources across to learn more about Microsoft’s work in privacy and data security.

Cloud-shaped lock, shield, and gear