Microsoft has once again crossed a red line that neither ethics nor European law should ever have permitted: the illegitimate confiscation of personal data. By simply and unilaterally removing the ability to export Skype contacts — even though the service remains operational — Microsoft today deprives millions of users of their legitimate access to their own contact information.
This disappearance was carried out without any transparent communication, nor any acceptable alternative. Worse still, Microsoft’s website continues to claim that such an export is possible, while the function itself has been quietly removed. This reveals a deliberate strategy of locking user data under the company’s exclusive control.
For more than twenty years, the massive collection of personal data has been the silent engine behind the rise of technological giants. What was once a contractual exchange between service provider and user has turned into a one-sided appropriation, trapping users in closed environments without any real right of withdrawal or recovery.
The current case of Skype starkly illustrates this dynamic: contacts built over a decade of private or professional interactions are now locked away, with no possibility of export or migration.
Even when users attempt to export other account data, they are provided with nearly empty .json files, containing almost no usable information, and certainly not in a form that would allow normal exploitation of their own data.
Yet European law leaves no room for ambiguity.
Article 20 of the General Data Protection Regulation (GDPR) establishes a fundamental right to data portability: every individual must be able to receive, in a structured, commonly used, and machine-readable format, all the data they have provided to a service. This right is intended to restore the individual’s control over their own information, ensuring they can leave a platform without penalty.
By making data export impossible, Microsoft openly violates this principle and infringes upon the fundamental rights of European citizens.
The gravest issue here is not just the violation itself, but the apparent impunity Microsoft enjoys while engaging in such practices.
By multiplying technical obstacles and making the process intentionally opaque or inaccessible, Microsoft engages in what can only be described as digital theft: the appropriation of others’ data under the cover of undisclosed service conditions.
This situation raises a major political question:
Will we allow a handful of multinational corporations to usurp rights over our digital identities with total impunity, in defiance of the very laws that claim to protect us?
At a time when Brussels claims to represent a global model of digital regulation, remaining silent in the face of such abuses would amount to an admission of weakness.
T
he European Data Protection Board (EDPB), the European Commission, and national authorities must urgently demand that Microsoft restore effective access to user data. Otherwise, we will have to accept that the GDPR is nothing more than an empty shell — and that the law of the strongest now reigns unchecked over the European digital space.
What is at stake here goes far beyond the specific case of Skype.
It concerns the credibility of data protection in Europe, the defense of digital sovereignty, and ultimately, the balance of power between citizens and globalized private powers.
To remain passive would be to consent. There is still time to oppose this programmed confiscation of our fundamental freedoms.
