Slashdot Mirror
A Breakdown of the Windows 10 Privacy Policy
WheezyJoe writes: The Verge has a piece on Windows 10 privacy that presents actual passages from the EULA and privacy policy that suggest what the OS is capturing and sending back to Microsoft. The piece takes a Microsoft-friendly point of view, arguing that all Microsoft is doing is either helpful or already being done either by Google or older releases of Windows, and also touches on how to shut things off (which is also explained here). But the quoted passages from the EULA and the privacy policy are interesting to review, particularly if you look out for legal weasel words that are open to Microsoft's interpretation, such as "various types (of data)", diagnostic data "vital" to the operation of Windows (cannot be turned off), sharing personal data "as necessary" and "to protect the rights or property of Microsoft". And while their explanations following the quotes may attempt an overly friendly spin, the article may be right about one thing: "In all, only a handful of these new features, and the privacy concerns they bring, are actually in fact new... Most people have just been either unaware or just did not care of their existence in past operating systems and software." Even pirates are having privacy concerns and blocking Windows 10 users.
Posting anon for obvious reasons.
In a former life, there was some question about what and how far an org could go into customer data that was collected through remote telemetry or use of cloud services. A couple years ago, legal counsel informed us that we could capture, examine, and retain essentially any customer data, because any security-related review fell under the clauses about use of customer data for "enhancement of customer experience", to which the customer consented in the EULA. This is why some entities feel very free to capture any data they want from endpoint computers and effectively lie about it in marketing documents: because end-users consented to a free-for-all in the prior/overriding legal license.
Exactly how vital can they be if the fucking computer still works with no Internet connection?
No, I think his point is more like "Never look a gift horse in the mouth while its trying to mount you." Or something like that.
The advice is to use a possibly compromised operating system over a guaranteed compromised operating system.
Do you have a better suggestion for those who has to use windows?
All this talk about Windows made me rediscover Linux. Tried out latest Mint and was really pleasantly surprised by how well polished the thing is overall. Everything worked right from Live CD. Things that I could never get to work on Ubuntu even a year ago. Bluetooth speaker just connected, Android phone didn't make any components die a quiet death. Skype. All menus are reasonably laid out. Configurations work. Started being productive on it just after two hours of installation/configuration. Breath of fresh air.
From a meta point of view, what is really happening? If nothing else, there is some kind of breakdown between reasonable expectations of people who use Windows and the actions of Microsoft. Aside from particulars of what exactly is being or not being collected, Microsoft handled this poorly by not anticipating that many people are rightfully highly sensitive to data collection/telemetry/tracking issues, and the fact that it is being disclosed only via EULA legalese doublespeak only damages the situation by orders of magnitude.
Microsoft needs to have a press conference and set up a special page for users concerned about privacy and who want to know more about telemetry/tracking. You do not address users' concerns by blowing them off, but by engaging them.
In this day and age it is reasonable to expect that a complex system such as an OS actually needs to communicate with central servers for reasons related to routine the operation of the system. But what are those routine things?
All we get from EULA's is BS.