Security Experts:

Connect with us

Hi, what are you looking for?


Privacy & Compliance

Microsoft Details Data Collection in Windows 10 Creators Update

Microsoft on Wednesday revealed details on the data collection practices that the next major Windows 10 version, set to arrive next week, will be collecting from computers.

Microsoft on Wednesday revealed details on the data collection practices that the next major Windows 10 version, set to arrive next week, will be collecting from computers.

Ever since first announcing Windows 10, the tech giant faced criticism for collecting a large amount of data on the usage of the platform and applications. In July 2016, France served notice to Microsoft to stop collecting excessive user data without consent on civil liberty grounds.

In September 2015, the company said that the collected data was meant to improve the overall user experience. Only months before, the company had boosted data collection in Windows 7 and Windows 8.

In January this year, the company took the wraps off a privacy dashboard, meant to provide users with increased visibility and control over the data collected by Microsoft services, and even allows them to clear the collected data if they want to.

At the time, Microsoft also revealed that Windows 10 Creators Update will simplify Diagnostic data levels, reduce data collected at the Basic level, and present only two data collection options to users: Basic and Full. The platform update will also bring increased privacy settings, Microsoft said in early March.

Only one week before Windows 10 Creators Update starts rolling out to users, Microsoft decided to provide specific information on the type of data it will be gathering from users’ computers based on the collection level selected.

“The Basic level gathers a limited set of information that is critical for understanding the device and its configuration including: basic device information, quality-related information, app compatibility, and Windows Store,” Microsoft’s Brian Lich explains.

Security level information is also collected as part of the Basic level, with all of the gathered information meant to help identify problems that can occur on a particular device hardware or software configuration.

When it comes to the Full level, the type of collected data expands dramatically beyond the data gathered in the Basic level, to include device, connectivity, and configuration data; products and services usage data; software setup and inventory data; browsing, search and query data; typing and speech data; and licensing and purchase data.

Thus, users who opt in for this data collection level will allow their Windows 10 machine to send information such as OS version, user ID, Xbox user ID, device ID, device properties and capabilities, app usage, device health and crash data, device performance and reliability data, device preferences and network info, installed applications, content consumption data, and information on purchases made on the device.

Facing increased scrutiny over its data collection practices, Microsoft appears determined to become more transparent on the matter, so as to ensure it doesn’t run into too much trouble, especially in the European Union, which last year started investigating the tech giant on user privacy-related issues. For that, the company also published a privacy statement.

Related: Windows 10 Option to Block Installation of Win32 Apps

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content


The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...


Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.


Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Application Security

Microsoft’s security patching machine hummed into overdrive Tuesday with the release of fixes for at least 97 documented software vulnerabilities, including a zero-day that’s...