Microsoft tackles Windows 10 privacy concerns, explains what types of data it collects

David bisson
David Bisson
@

Windows 10At the beginning of September, I described how PC users have been upset by Windows harvesting data from their computers.

Most of these concerns have arisen in response to the telemetry feature enabled by default in Windows 10, which collects information ranging from security settings to the frequency and manner in which applications are used.

Microsoft fanned this discontent when it introduced “upgrade preparation” updates to Windows 7 and 8 that have since activated telemetry services on these older Windows OS versions in preparation for users’ migration to Windows 10.

You can read more about Windows’ telemetry features here.

Sign up to our free newsletter.
Security news, advice, and tips.

Apparently, Microsoft has now heard the concerns of its users.

Terry Myerson, Executive Vice President of the Windows and Devices Group, has published a blog post that seeks to explain Microsoft’s data collection policies and set the record straight on the privacy concerns revolving around Windows 10.

Terry Myserson of Microsoft

Myerson states:

“From the very beginning, we designed Windows 10 with two straightforward privacy principles in mind:

  1. Windows 10 collects information so the product will work better for you.
  2. You are in control with the ability to determine what information is collected.

With Windows 10, information we collect is encrypted in transit to our servers, and then stored in secure facilities.”

The post goes on to explain that much of the data Microsoft collects is meant either to ensure a “secure and reliable experience” or to optimize personalization, and it notes that new features like Cortana can be disabled using a suite of new privacy customization options.

The extent to which Myerson’s explanation will assuage users’ fears is uncertain.

This is especially true given the fact that even when all personalization features are turned off, Windows 10 sends personally identifiable information associated with Microsoft’s OneDrive to an unknown content delivery network.

Additionally, as reported by Ars Technica, even with Cortana and searching the web from the Start menu disabled, opening the Start menu on Windows 10 sends a request to www.bing.com, which returns a file that appears to contain information relating to Cortana even though it is disabled.

Cortana

Myerson does note in his post, however, what Microsoft allegedly does not do: collect advertising information.

“Unlike some other platforms, no matter what privacy options you choose, neither Windows 10 nor any other Microsoft software scans the content of your email or other communications, or your files, in order to deliver targeted advertising to you.”

Notwithstanding this announcement, which comes at the same time that Apple has revealed the details of its privacy policy, users’ privacy concerns are not overtly hurting the attractiveness of Windows 10.

After all, the OS has been downloaded 75 million times just this month.

However, it is important to note that Myerson’s words do not wholly coincide with Microsoft’s recent actions, which include when it surreptitiously added the “upgrade preparation” updates to Windows 7 and 8. Users want to have the ability to limit what data is collected about them, and they want Microsoft to honor that desire.

Whether the company’s actions will restore trust that it can live up to its side of the bargain remains to be seen.


David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

5 comments on “Microsoft tackles Windows 10 privacy concerns, explains what types of data it collects”

  1. Myles

    For a company that claims to be 'listening more and harder than anyone else' it would be interesting to know they are listening to more than the Echo Chamber that is going to be the insiders program.

    They have even disabled comments on the blog post – Great example of 'listening' there.

    Will be staying away from Win10 for the long and forseeable future, and looking into a user friendly Linux that isn't insistent on spaffing your telemetry, search terms, and such to 3rd parties.

    1. Simon · in reply to Myles

      Albeit the average user wouldn't know what they've signed up for regarding the recent 'Telemetry' updates for 7, 8/8.1.

      Their probably thinking they're simply applying 'updates' to improve their experience… Worse is, Microsoft have dumb down the patch info on Windows 10.

      I have the same sentiment on using Linux and opensource products for personal use. I take comfort in their libre and transparency.

  2. Steve Keel

    Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.
    I would suggest to use AntiTrail software. Just google "antitrail software"

  3. David G

    Why none of this matters.
    https://theintercept.com/2015/09/25/gchq-radio-porn-spies-track-web-users-online-identities/

  4. Spence A

    I have solved the entire Windows 10 privacy/spying problem. I have migrated all my computers to Ubuntu 14.04 LTS Linux. Problem solved!

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.