Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy & Compliance

Microsoft Details Data Collection in Windows 10 Creators Update

Microsoft on Wednesday revealed details on the data collection practices that the next major Windows 10 version, set to arrive next week, will be collecting from computers.

Microsoft on Wednesday revealed details on the data collection practices that the next major Windows 10 version, set to arrive next week, will be collecting from computers.

Ever since first announcing Windows 10, the tech giant faced criticism for collecting a large amount of data on the usage of the platform and applications. In July 2016, France served notice to Microsoft to stop collecting excessive user data without consent on civil liberty grounds.

In September 2015, the company said that the collected data was meant to improve the overall user experience. Only months before, the company had boosted data collection in Windows 7 and Windows 8.

In January this year, the company took the wraps off a privacy dashboard, meant to provide users with increased visibility and control over the data collected by Microsoft services, and even allows them to clear the collected data if they want to.

At the time, Microsoft also revealed that Windows 10 Creators Update will simplify Diagnostic data levels, reduce data collected at the Basic level, and present only two data collection options to users: Basic and Full. The platform update will also bring increased privacy settings, Microsoft said in early March.

Only one week before Windows 10 Creators Update starts rolling out to users, Microsoft decided to provide specific information on the type of data it will be gathering from users’ computers based on the collection level selected.

“The Basic level gathers a limited set of information that is critical for understanding the device and its configuration including: basic device information, quality-related information, app compatibility, and Windows Store,” Microsoft’s Brian Lich explains.

Security level information is also collected as part of the Basic level, with all of the gathered information meant to help identify problems that can occur on a particular device hardware or software configuration.

Advertisement. Scroll to continue reading.

When it comes to the Full level, the type of collected data expands dramatically beyond the data gathered in the Basic level, to include device, connectivity, and configuration data; products and services usage data; software setup and inventory data; browsing, search and query data; typing and speech data; and licensing and purchase data.

Thus, users who opt in for this data collection level will allow their Windows 10 machine to send information such as OS version, user ID, Xbox user ID, device ID, device properties and capabilities, app usage, device health and crash data, device performance and reliability data, device preferences and network info, installed applications, content consumption data, and information on purchases made on the device.

Facing increased scrutiny over its data collection practices, Microsoft appears determined to become more transparent on the matter, so as to ensure it doesn’t run into too much trouble, especially in the European Union, which last year started investigating the tech giant on user privacy-related issues. For that, the company also published a privacy statement.

Related: Windows 10 Option to Block Installation of Win32 Apps

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.

Audits

The PCI Security Standards Council (SSC), the organization that oversees the Payment Card Industry Data Security Standard (PCI DSS), this week announced the release...