Jump to content
  • entries
    10
  • comments
    58
  • views
    15,300

Microsoft's documentation outlining that MS sells customer data collected through MS products and services

Delicieuxz

1,657 views

As shown in a link at the bottom of this page, Microsoft's own reporting shows that Microsoft is recording data from over 3,100 individual data-points in Windows 10 Home and Pro, even when data-harvesting is set to its absolute minimum configuration.

 

It is notable that Microsoft was an eager participant in the US government's illegal PRISM spying program, and voluntarily gave its users' and customers' data to the US government without informing their users it was doing so. Certainly, Microsoft continues that practice today. But what are the indications in Microsoft's own agreements showing that it is selling user data?

 

 

Example 1

 

From Microsoft's documentation Windows 7, Windows 8 and Windows 10 Telemetry Updates (Diagnostic Tracking).

 

Under "Microsoft Data Management Service".

Quote

The Microsoft Data Management Service routes information to internal cloud storage, where it's compiled into business reports for analysis and research.

 

Under "Collection".

Quote

Only those who can demonstrate a valid business need can access the telemetry info.

 

Under "Usage".

Quote

However, we do share business reports with partners that include aggregated, anonymous telemetry information.

 

Microsoft isn't its own partner. A partner means a 3rd-party. A business agreement with a 3rd-party means a profitable transaction. What Microsoft is saying, in a sterilized PR manner, is that they sell the data they collect through Windows 10 to whoever has the money to pay for it just like Facebook, Google, Amazon, Twitter, do.

 

A key difference between Microsoft's harvesting of personal data and those other companies' harvesting of personal data, though, is that Microsoft collects data from people's personally-owned OS environments and activities that those individual Windows 10 owners host and pay for the housing, hardware, software, electricity, maintenance of, whereas the other mentioned companies collect data from online services that each of those companies hosts and pays for the housing, hardware, software, electricity, maintenance, of.

 

 

 

 

Example 2

 

From Microsoft's document Configure Windows diagnostic data in your organization, in the "Data use and access" section.

Quote

Microsoft may share business reports with OEMs and third party partners

5b6029435c3fa_MicrosoftsharesbusinessreportswithOEMsand3rd-partypartners.PNG.c11caceffa8a827fd38f606f396b0f5f.PNG

 

 

 

Example 3

 

From Microsoft's "privacy statement", in the "Advertising" section.

Quote

Microsoft partners with third-party ad companies to help provide some of our advertising services, and we also allow other third-party ad companies to display advertisements on our sites. These third parties may place cookies on your computer and collect data about your online activities across websites or online services.

 

5b602945600de_Microsoftpartnerswith3rd-partyadcompanies.PNG.42b40f925dccaad95e4d41a255690cf5.PNG

 

 

 

 

Example 4

 

From Microsoft's "privacy statement", in the "Reasons We Share Personal Data" section.

Quote

We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets.

5b602944918e8_Microsoftdisclosesdatainsaleofassets.PNG.f9d362b84b5d6c2a5cddc0f81b6e8ea1.PNG

 

 

If Microsoft opts to think of the personal data that Microsoft has harvested through Windows 10 as theirs to sell (a position I think is legally indefensible and amounting to unjust enrichment), then Microsoft would count that data as their assets. And so, a "sale of assets" as a corporate transaction would describe the sale of collected personal and personally-owned (by the individual Windows 10 instance owners the data is harvested from) data for the sake of Microsoft's profit.

 

 

 

 

Additional thoughts and resources

 

While Microsoft claims in one case that the data they share with 3rd-party companies has been made anonymous due to aggregation, it should be noted that Microsoft does not claim the data they share is exclusively anonymous. And in some situations, such as sharing data with law enforcement (which Microsoft states they do elsewhere in the "privacy statement"), it would logically not be anonymous. So, Microsoft hasn't given a clear answer as to how much of the data that it shares is anonymous, and how much isn't, and has only offered that some data which they share has been made anonymous.

 

It should also be remembered that Microsoft originally claimed that all of the data they collect is anonymous to begin with, but the year-long Dutch DPA investigation revealed that claim to be a lie and that all data harvested by Microsoft is attached with identifiers cataloguing it according to the person, the device, the network, and more that it came from, so that all collected data on each person can form a comprehensive virtual profile of that person:

 

 

"It turns out that Microsoft’s operating system follows about every step you take on your computer. That results in an intrusive profile of yourself. What does that mean? Do people know about this, do they want this? Microsoft needs to give users a fair opportunity to decide about this themselves." - Wilbert Tomesen, vice-chairman of the Dutch DPA

 

"In our full report (only available in Dutch unfortunately), we deal extensively with the points of forced install. We also explain why all the telemetry data collected by Microsoft are indeed personal data, and certainly not anonymous, regardless of the view of MS that they would only relate to the system/be 'mere' technical data." - Dutch DPA

 

 

For more information about how data collected in Windows 10 is tagged according to the type of account that is logged into a Windows 10 session, see this post:

 

An incomplete documentation of the minimum data that Microsoft harvests from all devices running a copy of Windows 10 Home or Pro as of version 1803 of Windows 10 can be viewed on Microsoft's website. Microsoft's website documentation of data that's harvested at the "Basic" setting is revealed to be incomplete when comparing the transmitted data reported by Microsoft's Diagnostic Data Viewer to the data that is documented on Microsoft's website.

 

In any case, Microsoft's own report shows that, at the very most minimal data-harvesting setting in Windows 10 Home and Pro, Microsoft is siphoning data from over 3,100 data-points on people's systems.

 

Microsoft Ad Monetization platform

7 ways Windows 10 pushes ads at you, and how to stop them

Windows 10 isn't an operating system, it's an advertising platform

0 Comments

There are no comments to display.

×