European privacy watchdogs concerned about Windows 10’s data collection methods

Posted 21 February 2017 19:26 CEST by Jan Willem Aldershoff

A group of European privacy watchdogs is going to investigate whether Windows 10 properly deals with personal data. In a letter to Microsoft the watchdogs express their concerns about the  protection of private data in the latest Windows version.

The letter is signed by Isabelle Falque-Pierrotin, chairwoman of the Article 29 Working Party, a partnership of privacy watchdogs of all countries in the European Union.

The organisations are concerned about the default settings of Windows 10 and, “an apparent lack of control for a user to prevent collection or further processing of data”. They are also concerned about the scope of the data that is collected.

In the letter (PDF) the watchdogs state to appreciate that Microsoft recently introduced new privacy tools, including a website where users can gain more control over the way Microsoft collects data. With the upcoming Creators Update also the privacy settings within Windows will be simplified and it will be possible to opt-out of more data collection methods Microsoft utilizes.

However, according to the privacy watchdogs it’s still unclear how new and existing Windows 10 users will be informed about the data collection. They point out that collection of personal data is only allowed if users are properly informed and give their consent.

Windows 10 users send all kinds of data to Microsoft, which according to the company, are used to improve the services it offers. This includes information about the user’s device, crashes and app usage. Private data such as the contents of emails and documents are not sent to the Redmond software giant.

During the installation of Windows 10 the OS  setting ‘full data collection’ is enabled by default, but users can opt to switch to a ‘basic’ setting where less data is collected. The privacy watchdogs feel that this is still not sufficient information for users, in the letter they state about this, “the proposed new explanation when, for example, a user switches the level of telemetry data from ‘full’ to ‘basic’ that Microsoft will collect ‘less data’ is insufficient without further explanation. Such information currently is also not available in the current version of the privacy policy.”

They are also worried that users are not properly informed on why Microsoft collects data, and call for the company to be more specific about that, “the purposes for which Microsoft collects personal data have to be specified, explicit and legitimate, and the data may not be further processed in a way incompatible with those purposes. Microsoft processes data collected through Windows 10 for different purposes, including personalised advertising. Microsoft should clearly explain what kinds of personal data are processed for what purposes.”

In a response to the letter, Microsoft has stated to listen carefully to the comments of the Article 29 Working Party and that the company wants to cooperate with the organisation. The changes Microsoft will release in an upcoming update to Windows 10, “reflect our commitment to the protection of user data”, according to the company.

MyCE Rookie
Posted on: 22 Feb 17 06:57
“reflect our commitment to the protection of user data”,  ???? oh really then why monitor people Microsoft should just disable the features and be done with it instead of wanting it both ways. You either care about your customers privacy and show that up with actions or you don't lol.
2 Agree

MyCE Resident
Posted on: 22 Feb 17 14:11
Your Smart Phone gives out more then Windows could ever possible do.
2 Agree

Posted on: 22 Feb 17 14:29
Originally Posted by coolcolors
Your Smart Phone gives out more then Windows could ever possible do.
I agree that your mobile is more of a threat to your privacy and security than a computer as it does not even come with adequate firewall functionality.

Still, one does not excuse the other and there is little doubt that Windows 10 has seen a change in regime that gives reason for concern in this respect. What I notice and find somewhat troublesome is that there seem to be an interest from Microsoft in collecting more than strictly needed to develop the OS. They say they don't collect your e-mail and documents, but still the EULA states that they may collect keystrokes (which in my mind extends to both your e-mails and documents).

I base this on the fact that Microsoft is seemingly uninterested in listening to user feedback in this respect and the changes that we have seen have come due to court rulings and now this entity which Microsoft 'says' it will listen to. How much they actually will listen remains to be seen though.
3 Agree

MyCE Resident
Posted on: 22 Feb 17 21:41
Originally Posted by Xercus
They say they don't collect your e-mail and documents, but still the EULA states that they may collect keystrokes (which in my mind extends to both your e-mails and documents).
That's the crux of the problem EULA if you don't agree you don't use...
0 Agree

Reactions closed

Sorry, you can't comment on this item anymore. It's either too old or comments are disabled for this post. settings

Several settings at can be changed, they are stored in cookies, which means they will be reset if you clear cookies


Change the background to a plain color or trianglified image (similar to the default image)

No tracking features

At Myce most social media feature are done server side and impose no privacy risk to the visitor when not used. Several features use Javascript with you can turn off here


Switch to the List layout for an index with chronologycally listed news items or Grid layout for a block based layout. To see the change you need to reload the page