Executives in Redmond were caught flat-footed after this summer’s Windows 10 launch by charges that the new operating system is spying on customers. Several new statements for consumers and IT pros today aim to explain why those accusations are unfounded.
Microsoft has a privacy problem.
It’s not the one you’ve read about lately, though. Instead, Microsoft’s biggest problem is that its customers don’t understand its privacy policies, and a sensational press is all too eager to manufacture outrage over policies that don’t exist.
In reality, Microsoft has been building privacy protections into its software products for years.
Given the long awareness of privacy in Redmond, then, the virulent attacks against Windows 10 this summer came as an unwelcome surprise. Critics have accused Windows 10 of spying on customers and collecting data for nefarious purposes, and those criticisms, despite a lack of supporting evidence, have persisted.
The trouble for Microsoft is that its only communication on Windows 10 privacy features so far has been its privacy policy, a long document written by lawyers and designed to cover a broad range of legal situations across hundreds of jurisdictions worldwide.
Today, the company published a series of detailed technical articles designed to explain how its actual practices align with its privacy policies across the board. The explanation starts with two clear principles:
1. Windows 10 collects information so the product will work better for you.
2. You are in control with the ability to determine what information is collected.
Most of the criticisms I’ve seen were based on misreading of the privacy policies for Windows 10 and for Microsoft’s online services.
Telemetry data
“We collect a limited amount of information to help us provide a secure and reliable experience,” the company says. “This includes data like an anonymous device ID and device type. … This doesn’t include any of your content or files, and we take several steps to avoid collecting any information that directly identifies you, such as your name, email address or account ID.”
In Windows 10, telemetry data is stored on dedicated servers that are used exclusively for reliability purposes. I’ve seen several online analyses using network packet sniffers that point a suspicious finger at the unique ID included with each packet. But as Microsoft engineers have explained in the past, the point of those identifiers isn’t to tag an individual person; rather, that ID is essential to tell whether 100 identical problem reports are from a single device or from 100 different devices.
Windows 10 has three telemetry settings: Basic, Full, and Enhanced.
Basic. This information includes information about security settings, quality-related info (such as crashes and hangs), and application compatibility.
Enhanced. This level includes the Basic information and adds details about how Windows and Windows apps are used, how they perform, and advanced reliability info.
Full. This setting, which is the default for Windows 10, includes all information from the previous levels, plus additional details necessary to identify and help to fix problems.
In earlier Windows versions, telemetry (Windows Error Reporting) was an opt-in feature. In Windows 10, it’s on by default. Individuals and small businesses can change telemetry collection to the Basic level with the flip of a switch in Settings. Organizations running Windows 10 Enterprise or Education have the option to disable telemetry completely, although Microsoft recommends against it.
Personalization and services
In a world where software and cloud-based services are increasingly intertwined, software companies have to “collect” your information to carry out your wishes.
As the company explains, “Windows sends and gets info … to give you access to online services like Outlook, OneDrive, Cortana, Skype, Bing and the Microsoft Store, to personalize your experiences on Windows, to help you keep your preferences and files in sync on all your devices, to help keep your device up to date, and so that we can make the next features of Windows ones that you’ll enjoy.”
As usually happens, the Internet echo chamber turned the complex technical details of Windows 10 privacy into a series of gross oversimplifications. Even normally sober publications like PC World succumbed to the hysteria, offering advice on “how to turn off Windows 10′s keylogger,” adding parenthetically, “Yes, it still has one.”
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
We are a professional review site that has advertisement and can receive compensation from the companies whose products we review. We use affiliate links in the post so if you use them to buy products through those links we can get compensation at no additional cost to you.OkDecline
1 Comment
Tomi Engdahl says:
Ed Bott / ZDNet:
Microsoft explains data collection practices, says Windows 10 doesn’t infringe on user privacy
Microsoft tries to clear the air on Windows 10 privacy furor
http://www.zdnet.com/article/microsoft-tries-to-clear-the-air-on-windows-10-privacy-furor/
Executives in Redmond were caught flat-footed after this summer’s Windows 10 launch by charges that the new operating system is spying on customers. Several new statements for consumers and IT pros today aim to explain why those accusations are unfounded.
Microsoft has a privacy problem.
It’s not the one you’ve read about lately, though. Instead, Microsoft’s biggest problem is that its customers don’t understand its privacy policies, and a sensational press is all too eager to manufacture outrage over policies that don’t exist.
In reality, Microsoft has been building privacy protections into its software products for years.
Given the long awareness of privacy in Redmond, then, the virulent attacks against Windows 10 this summer came as an unwelcome surprise. Critics have accused Windows 10 of spying on customers and collecting data for nefarious purposes, and those criticisms, despite a lack of supporting evidence, have persisted.
The trouble for Microsoft is that its only communication on Windows 10 privacy features so far has been its privacy policy, a long document written by lawyers and designed to cover a broad range of legal situations across hundreds of jurisdictions worldwide.
Today, the company published a series of detailed technical articles designed to explain how its actual practices align with its privacy policies across the board. The explanation starts with two clear principles:
1. Windows 10 collects information so the product will work better for you.
2. You are in control with the ability to determine what information is collected.
Most of the criticisms I’ve seen were based on misreading of the privacy policies for Windows 10 and for Microsoft’s online services.
Telemetry data
“We collect a limited amount of information to help us provide a secure and reliable experience,” the company says. “This includes data like an anonymous device ID and device type. … This doesn’t include any of your content or files, and we take several steps to avoid collecting any information that directly identifies you, such as your name, email address or account ID.”
In Windows 10, telemetry data is stored on dedicated servers that are used exclusively for reliability purposes. I’ve seen several online analyses using network packet sniffers that point a suspicious finger at the unique ID included with each packet. But as Microsoft engineers have explained in the past, the point of those identifiers isn’t to tag an individual person; rather, that ID is essential to tell whether 100 identical problem reports are from a single device or from 100 different devices.
Windows 10 has three telemetry settings: Basic, Full, and Enhanced.
Basic. This information includes information about security settings, quality-related info (such as crashes and hangs), and application compatibility.
Enhanced. This level includes the Basic information and adds details about how Windows and Windows apps are used, how they perform, and advanced reliability info.
Full. This setting, which is the default for Windows 10, includes all information from the previous levels, plus additional details necessary to identify and help to fix problems.
In earlier Windows versions, telemetry (Windows Error Reporting) was an opt-in feature. In Windows 10, it’s on by default. Individuals and small businesses can change telemetry collection to the Basic level with the flip of a switch in Settings. Organizations running Windows 10 Enterprise or Education have the option to disable telemetry completely, although Microsoft recommends against it.
Personalization and services
In a world where software and cloud-based services are increasingly intertwined, software companies have to “collect” your information to carry out your wishes.
As the company explains, “Windows sends and gets info … to give you access to online services like Outlook, OneDrive, Cortana, Skype, Bing and the Microsoft Store, to personalize your experiences on Windows, to help you keep your preferences and files in sync on all your devices, to help keep your device up to date, and so that we can make the next features of Windows ones that you’ll enjoy.”
As usually happens, the Internet echo chamber turned the complex technical details of Windows 10 privacy into a series of gross oversimplifications. Even normally sober publications like PC World succumbed to the hysteria, offering advice on “how to turn off Windows 10′s keylogger,” adding parenthetically, “Yes, it still has one.”
No, it doesn’t.
Privacy and Windows 10
http://blogs.windows.com/bloggingwindows/2015/09/28/privacy-and-windows-10/