Microsoft’s New Privacy Tactic: (Even) More Transparency

Posted on April 5, 2017 by Paul Thurrott in Windows 10 with 44 Comments

Microsoft's New Privacy Tactic: (Even) More Transparency

Back in January, Microsoft finally bowed to the inevitable and said that it would become more transparent about the privacy settings in Windows 10 and in the cloud. This week, the software giant reaffirmed this direction, perhaps at the prodding of EU privacy watchdogs.

The real impetus for this week’s missive is unclear, given that it doesn’t actually provide much in the way of new information. But the fact that it was co-penned by Terry Myerson, who heads the Windows and Devices Group, and Microsoft Privacy Officer Marisa Rogers is, I think, important to note.

The stakes here are high: Since Windows 10 first shipped in mid-2015, it has come under ongoing fire for what I feel are completely fabricated or misunderstood privacy concerns. This FUD was easy to ignore because it’s so fanciful, and because Windows 10 had–and still has—much more substantive issues to worry about. But regulatory bodies in Europe and elsewhere obviously have nothing better to do than to listen to every conspiracy theory they’re presented with. And some have started warning Microsoft that Windows 10 is in violation of local privacy statutes.

This is why I noted that Microsoft has lost the Windows 10 privacy FUD war back in February. Because, real or imagined, governments like the EU are now changing the design of Windows yet again. And this despite the fact that Microsoft’s monopoly is long gone.

Hooray.

In any event, Microsoft is now backpedaling mightily in order to find some middle ground between the anonymous data tracking they feel they need in order to keep Windows 10 users safe and the legal requirements of the locales in which Windows 10 is sold. And the strategy they’ve settled on, very belatedly, is to be completely transparent about what they’re doing.

“Today we’re sharing three new things that will help you be more informed about your privacy with Windows 10,” Mr. Myerson explains. “We are improving in-product information about your privacy. We are updating the Microsoft privacy statement to include more information about the privacy enhancements in the Creators Update … And we are publishing more information about the data we collect.”

That latter bit is perhaps the most interesting.

According to Myerson, Windows 10 with the Creators Update will offer “Basic” and “Full” levels of data collection. At the Basic level, Microsoft will only “collect data that is necessary to keep your Windows 10 device secure and up to date.” But at the Full level, Microsoft will “use diagnostic data to improve Windows 10 for everyone and deliver more personalized experiences for you where you choose to let us do so.”

The big question here, of course, is opt-in. That is, how and where does one choose between these levels of data collection? (And for privacy fans, why isn’t there a “None” option?)

As it turns out, Microsoft provides basic UIs for choosing when you upgrade to the Creators Update or otherwise acquire Windows 10 on a new PC. There’s no real news there: We found out about all that previously.

What is new, however, is [the full detailing of what data Microsoft does collect at that Basic level](use diagnostic data to improve Windows 10 for everyone and deliver more personalized experiences for you where you choose to let us do so.).

“The Basic level gathers a limited set of information that is critical for understanding the device and its configuration including: basic device information, quality-related information, app compatibility, and Windows Store,” the Microsoft website explains. “When the level is set to Basic, it also includes the Security level information. The Basic level helps to identify problems that can occur on a particular device hardware or software configuration. For example, it can help determine if crashes are more frequent on devices with a specific amount of memory or that are running a particular driver version. This helps Microsoft fix operating system or app problems.”

Likewise, Microsoft provides a detailed summary of the data it collects at both levels.

One can only assume that Microsoft believes these disclosures will satisfy the needs of regulatory bodies around the world and we can all just move on. But if I’ve learned anything from this episode, it’s that we’re never moving on. I suspect we’ll continue talking about Windows 10 privacy for years to come.

 

Elevate the Conversation!

Join Thurrott Premium to enjoy our Premium comments.

Premium member comments on news posts will feature an elevated status that increases their visibility. This tab would allow you to participate in Premium comments with other premium members. Register to join the other Premium members in elevating the conversation!

Register or Subscribe

Join the discussion!

BECOME A THURROTT MEMBER:

Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Register