Microsoft shares what it collectes in Windows 10 Telemetry data

[GoodBytes]

In Windows 10 Creators Update, Microsoft made it so that the privacy related options are displayed when you install the OS for the first time (or start the system for the first time if it is OEM bought system. To be Specific the: I am talking about the OOBE), regardless of the settings you put. No more "Express" and "Custom" will be presented, where Express picks everything enabled without the user really knowing. In addition, each option shares what they do, and how it affects it will affect the user.

If you have read the news post on Everything you need to know Creators Update, you know already this.

 

Now, Microsoft did something else. When it will come to upgrading current users to the Creator Update, the user will be greeted with the following screen logged in:

 

OnMSFT reports:

Quote

When you will start the upgrade process on your PC, you will see the following privacy settings screen that will reflect your current Windows 10 settings. As you can see, there are detailed descriptions for each setting to help you choose what’s best for you, but you will be able to change these settings at any time after installing the update.

This ensures that those who aren't aware when they passed through the Out-of-the-Box (OOBE) of Windows 10 and not know about it, will be informed, and allow them to opt in or out to their liking. Of course, as always, any settings related to the privacy options is available in the settings panel.

 

 

In addition to this, Microsoft shares what they collect in the Privacy Statement page found here: https://privacy.microsoft.com/en-us/privacyStatement

It is very long, and covers all services from the company. But focusing on Windows 10, if you wondered what the "Basic" and "Full" settings where and are:

 

Quote

Diagnostics

---

As you use Windows, we collect diagnostic data that helps us fix problems and improve Microsoft products. If you choose to turn on Tailored experiences, this data can also be used to personalize your experiences with Microsoft products. This data is transmitted to Microsoft and stored with one or more unique identifiers that can help us recognize an individual user on an individual device and understand the device's service issues and use patterns. There are two levels of diagnostic and usage data: Basic and Full. At the lowest level, Basic, we collect only data necessary to keep Windows devices up-to-date and secure. Basic data includes data about the device itself, the proper functioning of Windows and Store updates, and basic error data. We collect the following data at the Basic level:

• Device, connectivity and configuration data:
  • Data about the device such as the processor type, OEM manufacturer, type of battery and capacity, number and type of cameras, firmware, and memory attributes.
  • Network capabilities and connection data such as the device’s IP address, mobile network (including IMEI and mobile operator) and whether the device is connected to a free or paid network.
  • Data about the operating system and its configuration such as the OS version and build number, region and language settings, diagnostics level, and whether the device is part of the Windows Insider program.
  • Data about connected peripherals such as model, manufacturer, drivers, and compatibility data.
  • Data about the applications installed on the device such as application name, version, and publisher.
• Whether a device is ready for an update and whether there are factors that may impede the ability to receive updates, such as low battery, limited disk space, or connectivity through a paid network.
• Whether updates complete successfully or fail.
• Data about the reliability of the diagnostics collection system itself.
• Basic error reporting, which is health data about the operating system and applications running on your device. For example, basic error reporting tells us if an application, such as Microsoft Paint or a third-party game, hangs or crashes.

For more information about what is collected in Basic data, click here (English only).

 

Full data includes everything collected with Basic data, plus additional information that enables Microsoft to fix and improve products and services for all users. We collect the following additional information at the Full level:

• Additional data about the device, connectivity and configuration, beyond that collected at Basic.
• Status and logging information about the health of operating system and other system components (in addition to data about the update and diagnostics systems collected at Basic).
• App usage, such as which programs are launched on a device, how long they run, and how quickly they respond to input.
• Browser usage, including browser history and search terms, on Microsoft browsers.
• Small samples of inking and typing input, which is processed to remove identifiers, sequencing information, and other data (such as names, email addresses, and numeric values) which could be used to reconstruct the original content or associate the input to the user. This data is never used for Tailored experiences as described below.
• Enhanced error reporting, including the memory state of the device when a system or app crash occurs (which may unintentionally contain user content, such as parts of a file you were using when the problem occurred). Crash data is never used for Tailored experiences as described below.

We provide limited portions of error report information to partners (such as OEMs) to help them troubleshoot products and services which work with Windows and other Microsoft product and services. They are only permitted to use this information to repair or improve those products and services.

If you choose to turn on Tailored experiences, we will use some of the data described above in Diagnostics to personalize your experiences with Windows and other products and services. This includes suggestions on how to customize and optimize Windows; and recommendations and offers of Windows features and supported apps, services, hardware, and peripherals. The scope of data will depend on whether you choose Full or Basic as your Diagnostics setting. For example, if you choose Full, your data will include browser and app usage. However, even if you enable Tailored experiences, we will not use your crash, typing, or inking input data for personalization.

 

It is very lengthy documents so I can't post everything here. I encourage to read it. It covers: Windows Apps, WiFi-Connecting to suggested open hotspots, Edge, Sync Settings, Speech, Inking and Typing, Security and Safety Features, Advertising ID, and Activation.

 

Going through you'll see that no, there is indeed no keylogger, no spying, no NSA stuff, etc... Telemetry data, and has no goal in contains any personal information.

The only thing, is if you Edge, similarly to Chrome, your web history is passed to Microsoft, if you have the setting set to "Full".

 

 

Source 1:  https://privacy.microsoft.com/en-us/privacyStatement

Source 2: https://www.onmsft.com/news/microsoft-lays-out-privacy-features-and-tools-available-in-windows-10-creators-update

 

Please note that the document assumes that you have Windows 10 Creators Update, and any software you use mentioned (example: Skype, for the Skype section), on their last version.

 

[Aurora906]

I doubt microsoft is telling everything, im sticking with W7 indefinitely.

[Stefan1024]

Don't bother reading just disable everything.

 

But it doesn't matter anyway, it will reenable itself with the next update /s

[LAwLz]

1) That is still very vague. 

2) That is a lot of data that I would call personal even at the basic level.

3) We are not sure they are telling the whole truth. 

 

This does not change my mind one bit. 

[Drak3]

Huh. Interesting. Who could see that coming, certainly not I. Total surprise. /s

 

 

The fact that this is news worthy is very distrssing to me. Just shows how ignorant and short sighted people are when it comes to large companies and customer relations.

[Humbug]

6 minutes ago, GoodBytes said:

Going through you'll see that no, there is indeed no keylogger, no spying, no NSA stuff, etc... Telemetry data, and has no goal in contains any personal information.

The only thing, is if you Edge, similarly to Chrome, your web history is passed to Microsoft, if you have the setting set to "Full".

Isn't below a keystroke recorder?

 

"  Small samples of inking and typing input, which is processed to remove identifiers, sequencing information, and other data (such as names, email addresses, and numeric values) which could be used to reconstruct the original content or associate the input to the user.   "

 

I think that as well as the sending of browser search terms to Microsoft is what people are most uncomfortable with.

[Enderman]

1 minute ago, Aurora906 said:

I doubt microsoft is telling everything, im sticking with W7 indefinitely.

Lol, you think windows 7 takes any less telemetry than windows 10?

[LAwLz]

4 minutes ago, Drak3 said:

Huh. Interesting. Who could see that coming, certainly not I. Total surprise. /s

 

 

The fact that this is news worthy is very distrssing to me. Just shows how ignorant and short sighted people are when it comes to large companies and customer relations.

Yeah a lot of people sure are ignorant and short sighted. You would not believe how many times I have had to run packet sniffers to disprove people who defend Microsoft over these types of things. 

 

3 minutes ago, Enderman said:

Lol, you think windows 7 takes any less telemetry than windows 10?

It demonstrably does. Especially when you're careful with what updates you install. 

[Aurora906]

1 minute ago, Enderman said:

Lol, you think windows 7 takes any less telemetry than windows 10?

Yes, i do.  I never said W7 was completely secure from their BS.  

[Bouzoo]

What I'm interested is in there a way to remove this? No matter what I do it's still there. And I did a LOT of things.

 

 

[Princess Luna]

6 minutes ago, Aurora906 said:

I doubt microsoft is telling everything, im sticking with W7 indefinitely.

Just use spybot anti-beacon....

 

@Bouzoo you too.

 

I even killed Cortana process for good by renaming the folder quickly after stopping the process before it could restart lol

[Enderman]

Just now, LAwLz said:

Yeah a lot of people sure are ignorant and short sighted. You would not believe how many times I have had to run packet sniffers to disprove people who defend Microsoft over these types of things. 

 

It demonstrably does. 

Proof?

Pretty sure they've been collecting the exact same stuff for the past 5 years.

 

Well, your browser, search engine, phone, ISP, and every piece of software you use also collects that same information, so it's not like you're preventing anything by using windows 7.

[GoodBytes]

10 minutes ago, Aurora906 said:

I doubt microsoft is telling everything, im sticking with W7 indefinitely.

That would be illegal.

[GoodBytes]

11 minutes ago, Stefan1024 said:

But it doesn't matter anyway, it will reenable itself with the next update /s

No it does not.

[Murdoch]

For me it's too little too late, I've already moved most of my computing to Linux, only run Windows 10 when I absolutely have to (running games mostly).

 

 

[GoodBytes]

11 minutes ago, LAwLz said:

1) That is still very vague. 

2) That is a lot of data that I would call personal even at the basic level.

3) We are not sure they are telling the whole truth. 

 

This does not change my mind one bit. 

1- You didn't read shit, because it includes exactly what it collects. But here is the link for Basic: https://technet.microsoft.com/itpro/windows/configure/basic-level-windows-diagnostic-events-and-fields

 

2- and 3-  B.S Just hating for hating

 

Of course it doesn't. You are closed minded. Even if there was a disable button, you would say that they collect even more than Full, because NSA, etc.

[GoodBytes]

19 hours ago, Humbug said:

Isn't below a keystroke recorder?

 

"  Small samples of inking and typing input, which is processed to remove identifiers, sequencing information, and other data (such as names, email addresses, and numeric values) which could be used to reconstruct the original content or associate the input to the user.   "

 

I think that as well as the sending of browser search terms to Microsoft is what people are most uncomfortable with.

Key logger logs your every key that is typed. Keystroke, as it says it removes, the best it can, all personal information, and send stroke segments to improve ink to text conversion that Windows support.

[ARikozuM]

My faith in the tech community drops further every time I read through tech news about MS. So much salt.

[GoodBytes]

10 minutes ago, Princess Cadence said:

Just use spybot anti-beacon....

 

@Bouzoo you too.

 

I even killed Cortana process for good by renaming the folder quickly after stopping the process before it could restart lol

If you think it does something these apps then you manually going to the Settings panel and stable everything, you are being played by the software maker marketing. But hey, people love security theater these days.

[Princess Luna]

17 minutes ago, GoodBytes said:

If you think it does something these apps then you manually going to the Settings panel and stable everything, you are being played by the software maker marketing. But hey, people love security theater these days.

It's not like I haven't done my own research, I really don't appreciate your condescending tone, I know the greatest majority of such applications are a scam but spybot anti-beacon actually has some solid background backing it up?

 

 

 

[mikat]

If they'd wanted something from me, they'd already have it (I've deselected everything in the express settings, but idk if they send more stuff), now give me this update so I can spawn windows programs from the WSL's linux command prompt

[Aurora906]

8 minutes ago, GoodBytes said:

1- You didn't read shit, because it includes exactly what it collects. But here is the link for Basic: https://technet.microsoft.com/itpro/windows/configure/basic-level-windows-diagnostic-events-and-fields

 

2- and 3-  B.S Just hating for hating

 

Of course it doesn't. You are closed minded. Even if there was a disable button, you would say that they collect even more than Full, because NSA, etc.

You sound like a salesmen for MS.  Call me crazy, but i dont trust them.

[mattebad]

33 minutes ago, Humbug said:

Isn't below a keystroke recorder?

 

"  Small samples of inking and typing input, which is processed to remove identifiers, sequencing information, and other data (such as names, email addresses, and numeric values) which could be used to reconstruct the original content or associate the input to the user.   "

 

I think that as well as the sending of browser search terms to Microsoft is what people are most uncomfortable with.

You could argue pretty much any autocorrect/learning keyboard is a keylogger then. I think the whole hullabaloo surrounding the "privacy concerns" for Windows 10 are ridiculous. Your phones have "keyloggers", track your location, and use advertising across devices already as do desktop browsers. First everyone criticized them for being underhanded with the privacy settings which was valid. Now that they've come out and laid everything out and even made the dumb users aware of what they were tracking. 

 

Now it's a conspiracy and Microsoft is obviously lying, it never ends does it. Can't possibly say Microsoft did something good, nooo, Microsoft is evil and trying to track all of us, even though they do much less than modern day smartphones...I'm honestly so done with the ignorant Microsoft hate train, it screams of "I don't understand anything about data security and the fact that we carry around mobile gps', with all our personal and sensitive data, cameras, and microphones", oh but Autocorrect and advertising? Microsoft is literally Hitler

 

Edit: Now does this mean I'm ok with spying? Fuck no, but Microsoft is doing leagues less than what is being done on the smartphone side of things, even though they could well go full throttle spy mode yet they haven't 

[colonel_mortis]

22 minutes ago, GoodBytes said:

We collect the following data at the Basic level:

• Device, connectivity and configuration data:
  • Data about the device such as the processor type, OEM manufacturer, type of battery and capacity, number and type of cameras, firmware, and memory attributes.

I suppose that makes sense, in that it allows them to determine what they need to support in future.

22 minutes ago, GoodBytes said:

• • Network capabilities and connection data such as the device’s IP address, mobile network (including IMEI and mobile operator) and whether the device is connected to a free or paid network.

What possible reason could they have for collecting the IMEI number? That number uniquely identifies the device, and while it isn't personally identifiable information, since there is no public record of who owns what device, it's not something that I can understand them needing.

22 minutes ago, GoodBytes said:

• • Data about the operating system and its configuration such as the OS version and build number, region and language settings, diagnostics level, and whether the device is part of the Windows Insider program.
  • Data about connected peripherals such as model, manufacturer, drivers, and compatibility data.

They make sense.

22 minutes ago, GoodBytes said:

• • Data about the applications installed on the device such as application name, version, and publisher.

That is pretty specific information. For developers, that is PII, since the publisher is them.

22 minutes ago, GoodBytes said:

• Whether a device is ready for an update and whether there are factors that may impede the ability to receive updates, such as low battery, limited disk space, or connectivity through a paid network.
• Whether updates complete successfully or fail.
• Data about the reliability of the diagnostics collection system itself.
• Basic error reporting, which is health data about the operating system and applications running on your device. For example, basic error reporting tells us if an application, such as Microsoft Paint or a third-party game, hangs or crashes.

They make sense.

 

From the link to the more detailed breakdown of the information collected (which, to their credit, is exceptionally detailed)

Quote

Census.Enterprise

This event sends data about Azure presence, type, and cloud domain use in order to provide an understanding of the use and integration of devices in an enterprise, cloud, and server environment.

The following fields are available:

• IsCloudDomainJoined Is this device joined to an Azure Active Directory (AAD) tenant? true/false
• IsMDMEnrolled Whether the device has been MDM Enrolled or not.
• ServerFeatures Represents the features installed on a Windows Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
• CommercialId Represents the GUID for the commercial entity which the device is a member of. Will be used to reflect insights back to customers.
• AzureVMType Represents whether the instance is Azure VM PAAS, Azure VM IAAS or any other VMs.
• AzureOSIDPresent Represents the field used to identify an Azure machine.
• IsDomainJoined Indicates whether a machine is joined to a domain.
• HashedDomain The hashed representation of the user domain used for login.
• SystemCenterID The SCCM ID is an anonymized one-way hash of the Active Directory Organization identifier
• MPNId Returns the Partner ID/MPN ID from Regkey. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\DeployID
• SCCMClientId This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in an Enterprise SCCM environment.
• CDJType Represents the type of cloud domain joined for the machine.
• IsDeviceProtected Represents if Device protected by BitLocker/Device Encryption
• IsDERequirementMet Represents if the device can do device encryption.
• IsEDPEnabled Represents if Enterprise data protected on the device.
• ContainerType The type of container, such as process or virtual machine hosted.

The CommercialId field is concerning, because that uniquely identifies the company, and Microsoft has the details to connect that to the actual company.

 

 

Microsoft collects a lot of data, and while most of it is not PII or particularly concerning in itself, it is still a very large amount of data, which when combined could almost certainly be used to identify a person if desired, just as anonymised search engine searches can be used to identify a person sometimes.

[Murdoch]

11 minutes ago, mattebad said:

You could argue pretty much any autocorrect/learning keyboard is a keylogger then. I think the whole hullabaloo surrounding the "privacy concerns" for Windows 10 are ridiculous. Your phones have "keyloggers", track your location, and use advertising across devices already as do desktop browsers. First everyone criticized them for being underhanded with the privacy settings which was valid. Now that they've come out and laid everything out and even made the dumb users aware of what they were tracking. 

 

Now it's a conspiracy and Microsoft is obviously lying, it never ends does it. Can't possibly say Microsoft did something good, nooo, Microsoft is evil and trying to track all of us, even though they do much less than modern day smartphones...

This is the go to argument for defending Microsoft. I get it, it seems a bit pointless to split hairs over what Microsoft is tracking, when you may well use an Android phone.

 

But, it sidesteps the actual issue. Microsoft have changed business models, they've gone down the route of trying to copy Google, and they've treated their consumers with a certain level of arrogance. The very first example of this, is trying to create a local account on your first install of Windows 10. For any competent user, it's a real smack in the face when they treat people like idiots. If you attempt to take away control of your OS and how it's used from your technically proficient users, you will alienate them, and they will push back, or move to an OS that better suits their needs.