Like it or not, Microsoft isn’t alone here. What Windows 10 is doing has become common and normal across the web, Android, iOS, and other modern platforms. Microsoft is hoovering up all the data it can get to better target ads, personalize the operating system, and improve its software and services.
Editor’s Note: almost everything is sending back data to somewhere — for instance, if you are using Chrome, everything you search for is sent back to Google. Ad networks are tracking you on every website (including this one). Facebook and Amazon have ad systems that border on creepy. We’re not necessarily condemning Microsoft with this article, but with all the recent interest in privacy and Windows 10, we decided to build a list of all the things being sent back in Windows 10 and let you decide what you think.
Privacy Options, Personalized Ads, Location, Getting to Know You and Feedback
You can actually change many of these options right after the installation process if you select “Customize settings” instead of “Use express settings.” However, most people will probably click right through and use the express settings. This activates a lot of features that share data with Microsoft.
You’ll find a lot of these features under Privacy in the new Settings app. (Click the Start button, click Settings, and select Privacy.) Some of the options here simply control which apps have access to different data — for example, which apps can control your webcam. Others allow you to set system-wide privacy options.
Under General, you’ll find:
- 1. Let apps use my advertising ID for experiences across apps (turning this off will reset your ID) – This enables a unique advertising ID that you can be tracked with across different “Windows Store”, or universal, apps. Microsoft can track your use of apps and show you targeted ads across different apps.
- 2. Turn on the SmartScreen Filter to check web content (URLs) that Windows Store apps use – This enables the SmartScreen filter in universal apps. As we point out below, it’s also enabled in File Explorer itself, Microsoft Edge, and Internet Explorer with different settings.
- 3. Send Microsoft info about how I write to help us improve typing and writing in the future – This is related to the “Speech, inking, & typing” settings below. With it enabled, information about how you type and write is sent to Microsoft’s servers.
- 4. Let websites provide locally relevant content by accessing my language list – Websites you access can see the languages you have installed on your system and choose to serve you in your preferred language with this option enabled.
You’ll see a “Manage my Microsoft advertising and other personalization info” link at the bottom here. Click it, and then click over to “Personalized ad preferences” on the web page that appears. You can also access this page at https://click.linksynergy.com/deeplink?id=2QzUaswX1as&mid=24542&u1=htg/224616&murl=https%3A%2F%2Fchoice.microsoft.com%2Fen-us%2Fopt-out .
- 5. Personalized ads in this browser – This option is specific to each individual browser you use, and controls whether Microsoft will show you personalized ads in that browser.
- 6. Personalized ads wherever I use my Microsoft account – This option is tied to your Microsoft account and controls whether you see personalized ads on Windows, Windows Phone, Xbox, and other devices you use a Microsoft account on.
The Location screen activates location services. This isn’t mentioned on the Location Settings window itself, but the custom setup screen states this will also “send Microsoft and trusted partners some location data to improve location services.”
- 7. Location and location history – Your location is shared with individual apps that you choose to share it with. Location history is also available to apps, and stored only on your local device — and just for 24 hours. But apparently some data is shared with Microsoft and its trusted partners if you have location services enabled.
The “Speech, inking, & typing” section covers a surprising amount of data:
- 8. Speech, inking, & typing – Windows and Cortana can “get to know you ” by logging your voice, writing, contacts, calendar events, speech and handwriting pattern, and typing history. You can tell Windows to “Stop getting to know me” from here. This clears data stored only on your Windows device.
- 9. Speech, inking, & typing in the cloud – Click the “Go to Bing and manage personal info for all your devices” option to clear personalization data stored on Microsoft’s servers tied to your Microsoft account. This link takes you to the https://bing.com/account/personalization page. Use the “Clear” button under “Other Cortana Data and Personalized Speech, Inking and Typing” section to clear this data.
The “Feedback & diagnostics” setting has a surprising option. What’s especially surprising is Windows 10 won’t actually let you disable this option.
- 10. Diagnostic and usage data – By default, Windows 10 will send “Full” diagnostic and usage data to Microsoft. This seems to be Microsoft’s new telemetry system codenamed “Asimov.” You can select only Enhanced or Basic diagnostic and usage data. You can only disable this on Enterprise editions of Windows, and that requires changing the “Allow Telemetry” option in the group policy editor. This change doesn’t even work on Professional editions of Windows. Yes, you can set the option to “0” which would normally disable it, but the Group Policy editor states that the “0” setting is ignored except on Enterprise versions of Windows. Instead, setting the option to “0” just sends “Basic” telemetry data.
Cortana and Bing Search
Obviously, when you use Microsoft’s built-in Cortana assistant, Cortana requires a lot of your information to function.
- 11. Cortana – As you can see when you enable Cortana, Cortana will collect and use “location and location history, contacts, voice input, searching history, calendar details, content and communication history from messages and apps, and other information on your device.” Cortana also captures your browsing history from the Microsoft Edge web browser. Cortana as a whole requires sharing a lot of data with Microsoft, just as Google Now and Siri do with Google and Apple.
- 12. Bing Search in the Start Menu – Even if you’ve disabled Cortana, searches you make in the new Start menu will also return search suggestions from Bing and the Windows Store. This means Microsoft sends your Start menu search queries to their servers unless you disable the Bing integration.
Device Encryption and Your BitLocker Recovery key
This part carries forward from Windows 8.1. If you buy a new device and it has the required hardware — as most new Windows 8.1 and 10 devices do — it’s automatically encrypted with BitLocker-like encryption known as “device encryption.”
- 13. Device encryption’s BitLocker recovery key – This actually only automatically happens if you use a Microsoft account. And, if you do, it will upload your encryption recovery key to Microsoft’s servers. This means that you can get access if you ever lose it, but it also means that Microsoft or anyone who can get the key from Microsoft — such as a government — can decrypt your encrypted files. Of course, this is still an upgrade over the previous situation where all Windows Home devices were unencrypted. In that case, anyone could read their data.
You can avoid this by not logging in with a Microsoft account, but then your device won’t be encrypted at all. if you’d rather not do this, you can upgrade to a Professional edition of Windows and use the standard BitLocker feature. BitLocker will ask if you want to store your recovery key with Microsoft for safekeeping, but that’s optional. You can find these keys at https://onedrive.live.com/recoverykey.
Windows 10 includes the Windows Defender antivirus, and it’s enabled right out of the box. This is the successor to the Microsoft Security Essentials antivirus that was available for free on Windows 7. Settings for this are available under Update & security > Windows Defender in the Settings app. Windows Defender will automatically enable real-time protection. Even if you turn it off, it’s only temporary — it will turn that real-time antivirus protection back on later. The only real way to turn it off is to install a third-party antivirus. Windows Defender won’t run if another antivirus is running.
- 14. Cloud-based Protection – Cloud-based antivirus protection “sends Microsoft info about potential security problems Windows Defender finds.”
- 15. Sample submission – This helps improve Windows Defender’s protection “by sending MIcrosoft malware samples” that Windows Defender finds. Both of these features are similar to the features found in popular third-party antivirus products, and can be disabled.
Windows 10 also includes the SmartScreen filter introduced in Windows 8. When you run an application downloaded from the Internet, SmartScreen checks in with Microsoft’s servers to check that application’s reputation. If it’s a known-good application, Windows 10 will run it normally. if it’s a known-bad application, Windows 10 will block it. If it’s unknown, Windows 10 will warn you and get your permission before running it.
- 16. Windows SmartScreen in File Explorer – These settings can be controlled from the old Control Panel. To access them, open the Start menu, type “smartscreen”, and click “Change SmartScreen settings.” This will take you to the System and Security > Security and Maintenance window in the Control Panel. Click the “Change Windows SmartScreen settings” link and you’ll be able to disable SmartScreen, if you like.
SmartScreen and Cortana are also part of Microsoft Edge, Windows 10’s new web browser. You’ll find the privacy related options under the menu in Edge — select Settings and then select “View advanced settings.”
- 17. Have Cortana assist me in Microsoft Edge – When Cortana is enabled in Microsoft Edge, Cortana will track your browsing history and other information, saving it.
- 18. Show search suggestions as I type – When you start typing in the address bar, your typing will be sent to your search engine — Bing unless you change the search engine — and it will return search suggestions. This means Bing will see your typing even if you’re typing a web address directly. All modern browsers, aside from Firefox with its separate address bar and search box, work this way.
- 19. Help protect me from malicious sites and downloads with the SmartScreen filter – Like Google Safe Browsing in Chrome and Firefox, Edge uses a filter to help block dangerous sites.
If you choose to save other types of data in Edge, it will be synced online with your Microsoft account.
Internet Explorer is still around, although it’s not the default browser.
- 20. SmartScreen – Internet Explorer also uses SmartScreen, and this can be controled by clicking the gear menu, pointing to Safety, and selecting Turn off SmartScreen filter.
- 21. Enable Suggested Sites – This is an older feature and isn’t enabled by default, but is still offered under the Advanced list of settings in the Internet Options window. This little-known feature of Internet Explorer has been around for a long time, and it uploads your browsing history to Microsoft if you enable it.
- 22. Bing Suggestions – As in Edge, anything you type in the address bar is sent to Microsoft’s Bing search engine to provide you with search suggestions unless you change search engines or click “Turn off suggestions (stop sending keystrokes to Bing)” after typing in the address bar.
Microsoft Account and Sync
Windows 10 recommends you sign in with a Microsoft account, just like Windows 8. This allows you to log in with the same account you use for other Microsoft services like Outlook.com, Office 365, OneDrive, Skype, MSN, and other services. This also enables a lot of online features in Windows 10, like access to the Windows Store and many included apps that require a Microsoft account, OneDrive file access in File Explorer, and various sync features. You can choose to use a local user account if you prefer.
- 23. Sync settings – A variety of Windows settings such as your saved passwords and web browser data are synced by default if you sign in with a Microsoft account. These options are available under Settings > Accounts > Sync your settings.
- 24. Devices you’ve logged in from – Microsoft will keep track of devices you’ve logged into with your Microsoft account. You can view this list at https://account.microsoft.com/devices .
Personal history and interests
As Microsoft puts it: “When you’re signed into your Microsoft account, Microsoft services like Bing, MSN, and Cortana personalize your experience.”
- 25. Personal history and interests – You can clear personal info and “interests” in Bing, MSN, and Cortana from the https://bing.com/account/personalization page.
- 26. Bing search history – Search using Windows 10’s Start menu and the Bing search in Edge and you’ll build up a Bing search history tied to your Microsoft account. You can view and clear this history from https://bing.com/profile/history.
Windows Update, Store, and Activation
While it’s not technically “phoning home,” Windows Update uses your upload bandwidth by default to upload Windows Updates to other users. It’s a bit like BitTorrent, and similar to how Blizzard’s Battle.net downloader distributes game updates. These settings can be controlled under Settings > Update & security > Windows Update > Advanced options > Choose how updates are delivered. You can make Windows only share updates with PCs on your local network, not the entire Internet.
- 27. Windows Update – Windows 10 Home requires that you install security, driver, and feature updates automatically, and you can only prevent Windows 10 from automatically downloading updates by setting your device’s connection as a metered connection or upgrading to Windows 10 Pro. Thankfully, there is at least a way to block updates you don’t want.
- 28. Windows Store – The Windows Store will automatically check in with Microsoft and download new versions of included universal apps like Microsoft Edge. Even Cortana and the Start menu can be updated via the Windows Store.
- 29. Windows Activation – Windows still includes Windows Activation, which checks in with Microsoft’s servers to ensure you’re using a properly licensed and activated version of Windows.
The Wi-Fi sense feature is enabled by default, and it will automatically connect to suggested open hotspots and networks your Outlook.com, Skype, and Facebook contacts have shared with you.
- 30. Wi-Fi Sense – These options can be controlled under Settings > Wi-Fi > Manage Wi-Fi settings. Note that Windows 10 won’t actually share your Wi-Fi network’s passphrase with anyone else unless you choose to manually share that individual network. However, if you give a friend access to your passphrase and they connect and click the Share option, they could share it with their entire network of Facebook, Skype, and Outlook.com email contacts and give them access to your Wi-Fi network.
And, again, this isn’t unusual in this day and age. Whether you love it or hate it — actually, it’s more like you’re indifferent to it or hate it — many operating systems and services now function this way. What’s new here is Windows is jumping on board. Many of these features were already present in Windows 8 and 8.1, too.
But Microsoft could certainly do a better job of putting these options in a single place and better explaining them, though. They’re scattered not just across Windows 10’s interface, but across a variety of different Microsoft websites.