Microsoft’s new Windows 10 has a lot of good points, but since its release it’s come under fire for some serious privacy concerns. The major worries are that it sends a lot of data back to Microsoft, and, by default, shares some things you might not be comfortable sharing.
We’ve already covered how to tell Windows 10 not to show you targeted advertising, track your location, store your searches and contacts, or share your Wi-Fi network with friends and family. However, there are some more privacy gotchas in Windows 10 that you need to know.
If you linked your Microsoft account to your Windows 10 user account, which is what Windows asks you to do during setup, then Windows is backing up certain information. That includes your Edge browser history, favorites and passwords, plus Windows themes and more.
The idea is that you can log into any other Windows 8 or 10 computer and have your basic account right there. However, it also means a lot of sensitive personal information is on Microsoft’s servers.
If you aren’t comfortable with that, you can turn off syncing. Go to Start>>Settings>>Accounts and under Sync your settings, switch off every option. Under Accounts, you can also change your account from a Microsoft Account to a local account. A local account cuts most ties with Microsoft’s servers and takes care of some of the privacy worries.
In Windows 10, Microsoft decided to add compatibility with Xbox games and the Xbox Live gaming service. However, that feature brought with it a new addition to the Windows license agreement if you use a Microsoft Account or the Cortana smart assistant.
Basically, if you agree to the license, you agree to let Microsoft scan your computer for pirated software and unauthorized peripherals, and disable them if found. While most readers of this site aren’t going to have pirated games or apps, it still means Microsoft is reserving the right to disable things on your computer.
The jury is still out on whether Microsoft will actually conduct these scans. Consumers wouldn’t be too happy, and the ones who do pirate would just go back to older versions of Windows.
Still, going the other way, Microsoft might in the future run scans and disable software or hardware it sees as a security threat. It would be in keeping with its new policy on forced security updates. Who knows where it will draw the line?
If you want to avoid agreeing to this part of the license, you can switch your user account to a local account, as we talked about above, and disable Cortana. As we said, that will halt most of the privacy problems, but there’s still a big one.
If you go through Windows 10 and turn off every feature that’s a privacy concern and then switch to a local account, you’d assume that Windows 10 wouldn’t have any need to communicate with Microsoft. It turns out that isn’t the case.
Peter Bright over at ArsTechnica took an in-depth look at what information a locked-down Windows 10 sends and receives from Microsoft, and it’s still a lot. Some of it is harmless, like checking to see whether your Internet connection is using IPv4 or IPv6. Also, even if you’ve customized your Start menu to remove the Live Tiles, Windows still pulls occasional updates for them.
However, some of the traffic is a bit more worrying. For example, even if you turn off searching the Internet from the Start menu, it still sends information to Bing when you run a local search. Also, information related to Cortana is passed back and forth, even if Cortana is disabled.
Not only that, but the traffic contains a machine identifier that’s persistent across sessions. In other words, Microsoft could know what your machine is searching for, even if it technically isn’t linked to your name or Microsoft account.
Microsoft’s response to ArsTechnica in the matter is, “As part of delivering Windows 10 as a service, updates may be delivered to provide ongoing new features to Bing search, such as new visual layouts, styles and search code. No query or search usage data is sent to Microsoft, in accordance with the customer’s chosen privacy settings. This also applies to searching offline for items such as apps, files and settings on the device.”
That’s somewhat comforting, but still there’s more. If you’ve decided to use a local account and disable OneDrive, Microsoft’s cloud storage service, Windows is still sending data to a Microsoft server linked to OneDrive. What that data is no one knows, but it’s impossible to stop.
In the future as new features are released, who knows what else will start phoning home to Microsoft? This kind of software behavior is likely to increase as services offer more cloud-based features.
Android, Apple, Google, Facebook and now Microsoft products all send and receive data regularly from their developers, whether you like it or not. The only option is to stop using those products, which is becoming harder every year.
If you’re seriously concerned about this topic, you’ll want to stay with the less-connected Windows 7 for now. There are also alternative operating systems like Linux Mint that are geared toward privacy.
What’s your take on this? Is this trend a serious concern or a small price to pay for what modern software can do? Let us know in the comments.