Is Windows 10 slurping too much data? No, says Microsoft. Nuh-uh. Nope

Doth Redmond protest too much?

By Neil McAllister in San Francisco

Posted in Software, 28th September 2015 19:53 GMT

Is Windows 10 spying on you by grabbing all sorts of personally identifying data about you without your permission? Not at all, claims Redmond.

On Monday, Microsoft OS boss Terry Myerson let fly a blog post explaining that all the Sturm und Drang on blogs and in the media about Windows 10's data collection policies is unfounded – although he did admit that the OS does regularly phone home by default.

"We collect a limited amount of information to help us provide a secure and reliable experience. This includes data like an anonymous device ID, device type, and application crash data which Microsoft and our developer partners use to continuously improve application reliability," Myerson wrote. "This doesn't include any of your content or files, and we take several steps to avoid collecting any information that directly identifies you, such as your name, email address or account ID."

So has this telemetry data every actually helped? Sure, Microsoft says. By way of example, Myerson said Windows 10's data collection helped to fix a problem where a graphics driver update was crashing people's PCs. (He stopped short of naming Nvidia.)

Mind you, most critics of Windows 10's new upgrade policy argue that if Microsoft is going to ram updates down customers' throats without letting them know what's in them, then graphics drivers – which are notorious for affecting system performance – certainly shouldn't be delivered via Windows Update.

Myerson said enterprise customers will be able to disable collection of telemetry data – once the long-fabled enterprise features for Windows 10 are delivered later this year, that is – but added that "we strongly recommend against this."

Moving right along, Myerson confirmed that Microsoft would love to collect words and phrases that you type – something we've known about since the first Windows 10 Technical Preview shipped – but explained that it's not about advertising. Rather, it's about being able to "deliver a delightful and personalized Windows experience to you."

The Windows 10 Privacy Statement gives examples of data that Redmond might collect, including "name, email address, preferences and interests; location, browsing, search and file history; phone call and SMS data."

'Nothing whatsoever to do with advertising'

In his blog post, Myerson expanded upon that somewhat, giving the hypothetical that Microsoft might like to know "whether you are a Seattle Seahawks fan or Real Madrid fan, in order to give you updates on game scores or recommend apps you might enjoy" – recommending apps, of course, having nothing whatsoever to do with advertising.

"Unlike some other platforms, no matter what privacy options you choose, neither Windows 10 nor any other Microsoft software scans the content of your email or other communications, or your files, in order to deliver targeted advertising to you," Myerson claimed.

He also said that newer features that want to grab more data than usual, including the Cortana personal assistant software, are disabled by default and offer additional privacy customization options.

Microsoft has also published new documents explaining what data it collects and how customers can configure their preferences – one aimed at consumers and another aimed at IT admins.

"If you ever find a situation where our software is not behaving the way it should with your privacy settings, please let us know here," Myerson said. "Like security, we are committed to following up on all reported issues, continuously probe our software with leading edge techniques, and proactively update supported devices with necessary updates." ®

Sign up to our NewsletterGet IT in your inbox daily

108 Comments

More from The Register

Microsoft emergency update: Malware Engine needs, erm, malware protection

Stop appreciating the irony and go install the patch now

Microsoft patched more Malware Protection Engine bugs last week

Redmond's out-of-band advisory landed after the bugs were fixed

Microsoft says: Lock down your software supply chain before the malware scum get in

Stealthy attack code spotted going after payment systems

Security bods liberate EITest malware slaves

Miscreants' command and control network traffic sent down sinkhole

Infosec brainiacs release public dataset to classify new malware using AI

Data is the secret sauce to advancing AI research

Crumbs! Crunchyroll distributed malware for a couple of hours

Anime-streamer is fine again, and disinfection is easy

Researchers create AI attacker to defeat AI malware defender

It's like Spy Vs Spy, but with neural network boffins

Slingshot malware uses cunning plan to find a route to sysadmins

Advanced router code has been in circulation for six years

'Crazy bad' bug in Microsoft's Windows malware scanner can be used to install malware

Critical update for security engine rushed out the door

'R2D2' stops disk-wipe malware before it executes evil commands

'Reactive Redundancy for Data Destruction Protection' stops the likes of Shamoon and Stonedrill before they hit 'erase'