Microsoft on Monday published new details on the user data collection in Windows 10, in an attempt to put controversy on the matter to rest.
Previously, the software giant confirmed that Windows 10 collects user data which is sent to Microsoft, under the claim that it was used for an improved overall user experience. However, this raised concerns regarding user privacy and the manner in which the collected data would be used, especially since both consumers and enterprise users are affected.
These concerns deepened when news broke in the beginning of September that Windows 7 and Windows 8.1 also started collecting user data following a series of Diagnostics and Telemetry tracking service updates released this spring. Microsoft said at the time that the update was pushed to systems in the Customer Experience Improvement Program (CEIP), and that users could opt out of it at any time.
As Rob Sadowski, Director of Technology Solutions at RSA, told SecurityWeek in early September, that it is important for users understand what data is being collected and for what purpose. Moreover, developers need to understand the security implications of data they collect, as they are responsible for keeping user information protected against unauthorized disclosure, he said.
In a Monday blog post, Microsoft suggests that it is aware of all these implications and explains that Windows 10 collects information so that it would work better. Moreover, the company notes that users are in control of the collected information and how it is used, and that all data is encrypted when transmitted and is stored in secure facilities.
The blog post reiterates what the tech giant previously stated about the collected data—that it includes only a limited amount of information necessary for delivering a secure and reliable Windows experience. This means that, if a driver or applications crashes on multiple PCs, the collected user data can be used to deliver an update that fixes the problem as soon as possible.
“This includes data like an anonymous device ID, device type, and application crash data which Microsoft and our developer partners use to continuously improve application reliability. This doesn’t include any of your content or files, and we take several steps to avoid collecting any information that directly identifies you, such as your name, email address or account ID,” the company says.
The software company also explains that enterprise customers will receive enterprise feature updates later this year to provide them with the option to disable the data collection process. As expected, Microsoft recommends against this, but businesses might be more concerned about their privacy than user experience in Windows 10.
To deliver a personalized experience, Windows 10 also collects personal information on users, including typing habits, sports team preferences, and the like. Cortana, on the other hand, might require some more personalized information to offer a full experience, yet the tech company notes that users can always change their privacy settings to control the collected data.
“Unlike some other platforms, no matter what privacy options you choose, neither Windows 10 nor any other Microsoft software scans the content of your email or other communications, or your files, in order to deliver targeted advertising to you,” Microsoft explains, adding that user feedback on these privacy concerns is welcomed.