Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Finally Reveals What Data Windows 10 Really Collects (theverge.com)

Posted by msmash on from the opening-up dept.

Starting today, Microsoft is updating its privacy statement and publishing information about the data it collects as part of Windows 10. From a report: "For the first time, we have published a complete list of the diagnostic data collected at the Basic level," explains Windows chief Terry Myerson in a company blog post. "We are also providing a detailed summary of the data we collect from users at both Basic and Full levels of diagnostics." Microsoft is introducing better controls around its Windows 10 data collection levels in the latest Creators Update, which will start rolling out broadly next week. The controls allow users to switch between basic and full levels of data collection. "Our teams have also worked diligently since the Anniversary Update to re-assess what data is strictly necessary at the Basic level to keep Windows 10 devices up to date and secure," says Myerson. "As a result, we have reduced the number of events collected and reduced, by about half, the volume of data we collect at the Basic level."

24 of 286 comments (clear)

  1. The real problem... by Anonymous Coward · · Score: 5, Insightful

    ... of course, is that we have to wait for Microsoft to "inform" us about that in the first place.

    1. Re:The real problem... by ytene · · Score: 5, Insightful

      And the only reason Microsoft are doing this is [likely to be] because the EU were basically telling them that their latest privacy-slurping OS was going to run foul of EU legislation if they didn't come clean. Having Windows 10 banned in the EU because of privacy concerns was likely a suitable incentive. What a shame it has come to the point where companies need this sort of inducement to come clean.

    2. Re:The real problem... by gweihir · · Score: 3, Insightful

      My guess is that they only do it because they got some pretty severe threats from the EU behind the scenes. The first round (Swiss Data Protection Commissioner) they already lost and that guy very likely talked this over with his EU colleagues before and they decided that his situation was best for a test-balloon (as Switzerland is not in the EU, hence not setting legal precedent for the EU).

      Without that, my guess would be that MS would never have informed anybody. And they could still be lying. Unless there is an independent verification by somebody competent, I am not going to trust this at all.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    3. Re:The real problem... by Kjella · · Score: 5, Insightful

      What a shame it has come to the point where companies need this sort of inducement to come clean.

      Companies will run slave plantations unless somebody forces them not to. Capitalism is useful but it'll throw you under the bus if it means higher profit, it's nobody's friend just raw application of economic power. Once you're past the size where anyone feels personally responsible and they only answer to shareholders who want return on interest it has no conscience, ethics or morality. So I'm not sure what you think is new or different here, the only time they don't act like total psychos is exactly when there's consequences. Otherwise they'd make Soylent Green out of you.

      --
      Live today, because you never know what tomorrow brings
    4. Re:The real problem... by cayenne8 · · Score: 4, Insightful
      Ok..so where is the option to switch it to NO DATA COLLECTED AND REPORTED....?

      Basic and full are dandy for those that want to "opt in" for such data collection, but how about those of us who liked the old fashioned OS days when NO data was sent or required to be sent?

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    5. Re:The real problem... by Anonymous Coward · · Score: 2, Insightful

      You imply that this behavior only applies to larger companies, but any perusal of popular sites online clearly demonstrates that people are only decent in person because they fear immediate physical retribution.

    6. Re:The real problem... by Jason+Levine · · Score: 2, Insightful

      Companies will run slave plantations unless somebody forces them not to. Capitalism is useful but it'll throw you under the bus if it means higher profit, it's nobody's friend just raw application of economic power. Once you're past the size where anyone feels personally responsible and they only answer to shareholders who want return on interest it has no conscience, ethics or morality. So I'm not sure what you think is new or different here, the only time they don't act like total psychos is exactly when there's consequences. Otherwise they'd make Soylent Green out of you.

      I think a lot of people forget this when they cry out that all government regulations are bad and should be done away with. That was nearly the case in relatively-recent history. Children were forced to work 19 hour days in locked factories with only one way out. Employers treated them like little more than slaves and there was no protection for the worker. Got injured on the job due to your employer providing a dangerous work environment? Too bad, you're unemployed now since you can't do the job they hired you to do. Fire raging in the one spot where you can exit the factory? Jump from the tenth story window to your death. (See the Triangle Shirtwaist Factory fire.)

      Over time, outrage over these abuses led to the government making rules against them. You can't work kids 19 hours a day. You need to provide a safe working environment. Employees injured on the job deserve compensation. Products should be safe for people to use.

      Are all regulations good? Of course not, but acting like they're all bad and companies would be job-creating angels if that big, bad government would just get off their back is far from the truth as well.

      --
      My sci-fi novel, Ghost Thief, is now available from Amazon.com.
  2. Thanks, but by Anonymous Coward · · Score: 4, Insightful

    Why can't we turn it off entirely? I can troubleshoot my own PC and don't need it "phoning home" - EVER.

    1. Re:Thanks, but by Mashiki · · Score: 4, Insightful

      You don't need it. I don't need it. We're also the extreme minority who don't need it. We're getting this because everyone else can't troubleshoot their own PC/device.

      --
      Om, nomnomnom...
    2. Re:Thanks, but by ilsaloving · · Score: 3, Insightful

      Not even that. We're getting it because Microsoft believes that they can get away with it. If it was just for troubleshooting, they wouldn't need half the information they're collecting.

    3. Re:Thanks, but by ausekilis · · Score: 3, Insightful

      Or maybe, instead of a constant firehose of crap going to Windows servers, we can have a dialog and elect to send stuff to MS when a problem happens. You know, how things used to be. They can create as detailed a dump file as they need, but I should have control over if/when it gets sent somewhere.

    4. Re:Thanks, but by CanadianMacFan · · Score: 3, Insightful

      What in the world makes you think that this has anything to do with troubleshooting your PC/device? It may sound like a nice excuse for them to say that it allows your computer to be kept up to do date easier but a good package manager does that. This is all about them using your data to make money and they can't make that money if people turn off the flow of data.

  3. Calling Stallman by jawtheshark · · Score: 5, Insightful

    We all know that without the source, it is impossible to verify their claims.

    --
    Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
  4. Removed half of stats before disclosing by Anonymous Coward · · Score: 5, Insightful

    "Our teams have also worked diligently since the Anniversary Update to re-assess what data is strictly necessary at the Basic level to keep Windows 10 devices up to date and secure," says Myerson. "As a result, we have reduced the number of events collected and reduced, by about half, the volume of data we collect at the Basic level."

    I wonder what they felt they needed to remove before they were willing to publish the disclosure.

  5. What non-diagnostic data is collected? by QuietLagoon · · Score: 3, Insightful

    The Tech Net article lists the diagnostic data. Is any non-diagnostic data collected?

  6. A Missing Detail by surfdaddy · · Score: 4, Insightful

    They are transparent about the Creator's Update. But they have reduced the telemetry by about half, saying that they realized they didn't find all telemetry useful. So you don't really know what they *have been* collecting prior to the Creator's Update. For all we know they've removed a bunch of more onerous details that could have *upset* us.

  7. Re:Don't forget about open source projects. by Raenex · · Score: 5, Insightful

    Some open source supporters will make claims like "But they're being transparent!" or "But you can opt out!" or some other nonsense like that.

    But guess what? None of that matters!

    It does matter. It's relatively trivial to opt out of Mozilla's data collection and to know what's being collected, whereas that's absolutely not the case with Microsoft. So when you say shit like this:

    "we cannot consider them to be any better than Windows, or conversely, we can't consider Windows to be any worse than projects like Firefox"

    I know you're either shilling for Microsoft or being idealistically stupid about practical differences.

  8. Re:Real link by jez9999 · · Score: 4, Insightful

    "The Basic level gathers a limited set of information that is critical for understanding the device and its configuration"

    LOL, that's the bare minimum critical info is it? A metric fuckton of data.

    How about, oh i dunno, NOTHING?

    --
    == Jez ==
    Do you miss Firefox? Try Pale Moon.
  9. I miss the critical information by Opportunist · · Score: 3, Insightful

    "Why should I believe you?"

    Time and again we have been lied and misled by Microsoft. Give me one good reason I should believe this.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  10. Re:Don't forget about open source projects. by Anonymous Coward · · Score: 3, Insightful

    That AC's position is much more consistent and sensible than yours is. That AC is saying, ``Data harvesting is wrong.'', while you're saying,``Data harvesting is wrong, except if you can opt out, or except if you know what's being harvested, or except if moz://a is doing it, or except if it's called telemetry, or except if Google Analytics is used to store it, or except if ...''. Face it, data harvesting is wrong. It doesn't matter who is doing it, or how they're doing it, or why they're doing it, or what they're doing with the harvested data. It's wrong. There aren't degrees of wrongness here. All incidents of data harvesting are equally wrong.

  11. Re:Don't forget about open source projects. by Raenex · · Score: 4, Insightful

    All incidents of data harvesting are equally wrong.

    No, the world is not black and white. Otherwise Richard Stallman would be a practical person instead of out on an idealistic island. People like Stallman are useful as standard bearers, but in the real world we deal with practical choices that require us to distinguish between varying degrees of "wrong".

  12. Solution: Find a way to get an Enterprise build by ErichTheRed · · Score: 4, Insightful

    We're rolling out Windows 10 in a very low-bandwidth environment, and in some cases a no-bandwidth environment. (Yes, they still exist today!) Turning off telemetry was one of the reasons we upgraded the OEM licenses from Pro to Enterprise -- there's just no need to use precious connection time sending usage data to Microsoft. And yes, that means "paying twice" for the OS, once to the OEM and once for the Enterprise subscription.

    In my opinion, Microsoft did a very poor job of communicating what the difference between Home, Pro and Enterprise was. Basically, anyone with Home and Pro is getting the OS for "free" in exchange for telemetry data and information they can sell to marketers, period. Pro is Home with the ability to join a classic AD domain. This is very different from the days of Windows 7, where Pro had enough features to make it the default OS for business deployment. What Microsoft is doing is pulling more and more features under Enterprise, including the ability to opt out of constant feature changes. The result is that most large companies are buying Enterprise upgrades and getting on the subscription treadmill.

    I think the best thing they could do right now is to let anybody buy the Enterprise version as a one-off, or make a complete shut-off of the telemetry available but slightly difficult to find in every edition of the OS. Even if they made the telemetry controllable by a few hard to find registry keys, the vast majority of consumers wouldn't touch any of the default settings and they'd still be getting data from them. Microsoft just got done "giving away" Windows 10 to millions of Windows 7 and 8 users in the form of the free upgrade, and the indication is that they will be on the same major release forever from now on, just releasing big update packages once or twice a year. Enterprise customers are subsidizing this development by still paying license fees in the form of subscriptions -- those millions of PCs that were upgraded for free only have the revenue stream of the marketing data coming in until they're replaced. And if Microsoft sticks to their promises, there will be no more revenue for traditional boxed software upgrades either -- no Windows 11 release they can ship out on DVDs to stores is coming.

    Do I like being a product for marketing companies to mine data on? Not really -- and I do think Microsoft should be transparent about why they're doing what they're doing. I think all the companies doing this (Microsoft, Apple, Google, etc.) are going to have to find a new way to operate once the social media and advertising bubbles pop too...right now all of them are subsidizing their phone OS development with the fact that they have access to very personal data on a device you carry with you 24 hours a day.

  13. Re:Don't forget about open source projects. by sexconker · · Score: 1, Insightful

    Many issues are pretty binary. Data harvesting is wrong. It provides nothing to the user and there is no reason a user would want to enable it.

  14. Re:Don't forget about open source projects. by Just+Some+Guy · · Score: 5, Insightful
    I disagree. RMS is supremely practical over long periods of time. His core message is "if you tie your fate to something you don't control, you will get burned." I've never seen this not be correct. Vendors come and go. Sometimes they change their pricing model from reasonable to extortionate. Maybe they discontinue features that were critical to you. Perhaps they throw away the whole thing and start over. But whatever form it takes, the end result is the same: if you can't control it, it will control you.

    Apple and Microsoft have probably been the best major companies for keeping their changes small and manageable. Eventually you had to migrate off VB6. Eventually you had to click the "also compile this for Intel" checkbox in Xcode. But that doesn't change the fact that if you use their platforms, you are subject to their business decisions, even when they conflict with yours.

    Perhaps hypocritically, I'm typing this on a Mac. I've decided that given Apple's track record, they're probably not going to yank the rug out from under me overnight. But you can bet that all the code I write is in FOSS languages and deployed to FOSS operating systems. I can change my desktop OS - with some pain and gnashing of teeth to be sure - without compromising the things I design. That's because RMS is correct: he's convinced many of us that it's practical to choose open platforms instead of closed shininess where it really matters.

    --
    Dewey, what part of this looks like authorities should be involved?