Windows 10 and your privacy

by Shijaz Abdulla on 12.08.2015 at 10:45

Windows 10 is undoubtedly Microsoft’s best release of Windows in recent times, featuring enhanced user interface, return of the iconic Start menu, a personal digital assistant that you can talk to, sign in with facial recognitionmultiple workspaces, continuum, among others. Oh, and an all-new kickass browser that makes Internet Explorer look bad.

However, with increased attention and apprehensions over Windows 10 privacy from friends and social media outlets alike, I thought I should wield my pen once again.

Windows 10 puts customers in control by giving them choices about how information is used to deliver personalized services and experiences. Microsoft also offers customers a number of options in Windows 10 privacy settings, and customers can adjust their Windows 10 privacy settings at any time.

Q: Are there any plans to provide more information to users on how to control their privacy in Windows 10?  

A: Windows 10 Privacy information is available for customers in several places. “Settings” has a section called “Privacy Settings,” which provides Windows 10 customers a menu of privacy choices. Customers can click on the “Learn More” link, prominent when installing Windows 10, which explains privacy settings. Additionally, a Privacy “frequently asked questions” list is available here and the Microsoft Privacy Statement can be found here.

Q: In the Settings menu, you can control Microsoft’s ability to receive and share data about your computer’s unique ID, location, microphone, camera, even how you write and type. All of these are turned on by default, right?
A: Personalization is a key benefit to Windows 10. Personalized features like Cortana can help you find files on your PC, remind you of appointments you might miss, locate nearby restaurants and suggest music you might love. In order to do that well, Cortana needs to understand your interests and preferences. With Microsoft Edge, you can mark-up the Web and interact with your PC or tablet, just as you would write on a document, save items to read later, and share your mark-ups with others.

Customers have the option, using customize settings in the Windows 10 experience, to choose which settings to enable, including enabling personalized speech, inking and typing to help Windows 10 correctly recognize and personalize your input, or to deliver handy information such as restaurants near your location, driving tips to avoid traffic, and more. Many more options are available in Settings.

Wi-Fi Sense Privacy (More FAQ here)

Q: Is Wi-Fi Sense secure?
A: Wi-Fi Sense gives people choices and benefits. It does not reveal passwords, allow your friends to share your Wi-Fi with their friends, nor put your personal information from your Wi-Fi network at risk. For more information visit the Wi-Fi Sense FAQ.

Q: How does Microsoft store Wi-Fi passwords securely? 

A: Wi-Fi sense offers ease of access to Wi-Fi networks. With these settings, you can choose to automatically connect to suggested open networks or automatically connect to networks shared by your contacts. For networks you choose to share access to, the password is sent over an encrypted connection and stored in an encrypted file on a Microsoft server, and then sent over a secure connection to your contacts’ phone if they use Wi-Fi Sense, and they’re in range of the Wi-Fi network you shared. Your contacts don’t get to see your password, and you don’t get to see theirs. For more information visit the Wi-Fi Sense FAQ.

Cortana Privacy

Q: Why can’t I use Cortana without having to opt-in to data collection and personalization?

A: Cortana is a truly personal digital assistant, providing personally relevant suggestions, alerts and help. In order to do that well, Cortana needs to understand certain information about you, such as interests, location and preferences.

You have options to remove individual items that Cortana uses for personal recommendations in your Notebook, or additional information collected by Cortana in the bing.com settings. To selectively remove information from Cortana, you can access the Cortana Notebook on your device and add or remove specific items such as interests, places and others. If you add or remove an interest in the Cortana Notebook on your device, it will also remove that item from your interests in the bing.com dashboard.

Q: Can I remove what Cortana knows about me?

You have options to remove individual items that Cortana uses for personal recommendations in your Notebook, or additional information collected by Cortana in the bing.com settings. To selectively remove information from Cortana, you can access the Cortana Notebook on your device and add or remove specific items such as interests, places and others. If you add or remove an interest in the Cortana Notebook on your device, it will also remove that item from your interests in the bing.com dashboard.

If you want to remove other Cortana data, in the Cortana Settings you can disable Cortana and then hit the “Delete phone data” button. This will clear the notebook on your device. To clear the Cortana information stored online, you can choose “Manage cloud data” from your device which will bring you to a settings page on the Bing.com dashboard (settings tab > personalization). Here you can clear other Cortana data.

Q: You can choose not to activate Cortana or log in with a Microsoft account. If you do that, updates to Windows and Defender will still come through, right?
A: Yes, updates for Windows and Defender will still work without a Microsoft account.

Windows Hello Privacy

Q: Does Microsoft collect any information when Windows Hello is used to sign in to a device, service or website?
A: Your data is secured locally on the device and shared with no one but you. Microsoft gathers user data regarding how you signed in, the number of times you signed in and if each sign in was successful or not. This info helps us keep things working properly and make improvements. The data isn’t tied to your biometric data.

Q: Will my Windows Hello data be given to third parties?

A: Your Windows Hello data is secured locally on the device and shared with no one but you. A secured numerical key is provided to entities (services, social networks, websites, etc.) to authenticate user sign-in credentials. When you create your sign in data, Windows 10 creates what’s known as a key pair – a public key and a unique attestation statement. The public portion (public key) for each user and device, along with a unique attestation statement for each user and device are registered with identity providers (IDPs), third parties that need to authenticate user sign in credentials, e.g., services, social networks, websites, etc. Your actual biometric data isn’t given to any third parties.

Q: Will my biometric data be given to third parties?

A: Your data is secured locally on the device and shared with no one but you. A secured numerical key is provided to entities (services, social networks, websites, etc.) to authenticate user sign-in credentials. When you create your sign in data, Windows 10 creates what’s known as a key pair – a public key and a unique attestation statement. The public portion (public key) for each user and device, along with a unique attestation statement for each user and device are registered with identity providers (IDPs), third parties that need to authenticate user sign in credentials, e.g., services, social networks, websites, etc. Your actual biometric data isn’t given to any third parties.

Diagnostics and Performance – Privacy

Q: What information is collected when I am asked to send Windows diagnostic, performance and usage-related feedback data? Who has access to that data?
A: Customers can choose the level of information sent to Microsoft (e.g., basic, enhanced, full) to help Windows and apps run properly. Microsoft does not sell this data or use it for advertising purposes.

A small, select number of Microsoft employees and third party engineers are provided access to select portions of the information to repair or improve Microsoft products and services, or third-party software and hardware that uses Microsoft products and services. In some cases, select employees use portions of the data to help personalize services as well. That data is put through rigorous, multi-pass scrubs to ensure it does not collect sensitive or identifiable fields (e.g., no email addresses, passwords, alpha-numeric data). Data is also chopped into very small bits and stripped of sequence data so it cannot be put back together or identified.

Q: How are you putting the customer in control of their privacy? – back in.
A: Windows 10 puts customers in control by giving them choices about how information is used to deliver personalized services and experiences. To help customers make informed privacy decisions, we let them know that Windows 10 and some apps need basic device information to run properly. We also offer customers a number of options in Windows 10 privacy settings to control any additional information they choose to provide. Customers can adjust their Windows 10 privacy settings at any time. Additionally, a Privacy “frequently asked questions” list is available here and the Microsoft Privacy Statement can be found here.

Q: Can I choose what diagnostic, performance and usage information I send to Microsoft? What are my options?
A: Yes, you can choose how much performance, diagnostic and usage information will be sent to Microsoft from your device.  For more information, see the Windows 10 Feedback, diagnostics, and privacy: FAQ.

Q: What is telemetry?
A:
Telemetry is diagnostic, performance and usage information that helps us keep Windows and apps running properly on your device.

Q: Do you provide telemetry data to third parties?
A: We share aggregated telemetry information with third parties, such as original equipment manufacturers (OEMs – like companies that make PCs) and partners, in the form of business reports. These reports help our partners troubleshoot and improve their own products and services that work with Windows.  These reports do not contain personal data of Microsoft customers.

Q: What is Microsoft’s response to concerns of keylogging? Is the company in fact saving all keystrokes?
A:
No. With the customer’s permission, information about speech, inking (handwriting) and typing input can help improve the device’s ability to correctly recognize pronunciation, improve character recognition for handwritten words, and provide a personalized dictionary and text completion suggestions. This information helps Windows 10 correctly recognize and personalize input, for a more natural experience.

A small, select number of Microsoft employees and third party engineers are provided access to select portions of the information to repair or improve Microsoft products and services, or third-party software and hardware that uses Microsoft products and services. In some cases, select employees use portions of the data to help personalize services as well. That data is put through rigorous, multi-pass scrubs to ensure it does not collect sensitive or identifiable fields (e.g., no email addresses, passwords, alpha-numeric data). Data is also chopped into very small bits and stripped of sequence data so it cannot be put back together or identified.

Shijaz Abdulla is a Datacenter Solutions Professional at Microsoft, based in Doha, Qatar and helps customers better run their IT infrastructure using Microsoft technologies. He is a blogger and a technology enthusiast.

Trackback Permanent Link

Leave a Reply

Your email address will not be published. Required fields are marked *

Connect with Facebook