Linked by Thom Holwerda on Wed 29th Jul 2015 08:47 UTC

Summing up these 45 pages, one can say that Microsoft basically grants itself very broad rights to collect everything you do, say and write with and on your devices in order to sell more targeted advertising or to sell your data to third parties. The company appears to be granting itself the right to share your data either with your consent "or as necessary".

You done got Scroogled.

Thread beginning with comment 614866
To read all comments associated with this story, please click here.
Playing the devil's advocate
by karunko on Wed 29th Jul 2015 12:47 UTC
Member since:

I never thought that this day would come, but here I am, playing the the devil's advocate -- for Microsoft, no less! ;-)

"By default, when signing into Windows with a Microsoft account, Windows syncs some of your settings and data with Microsoft servers [...] Users can however deactivate this transfer to the Microsoft servers by changing their settings."

So not really a big deal, as long as you are aware of the functionality, you can disable it.

"More problematic from a data protection perspective is however the fact that Windows generates a unique advertising ID for each user on a device."

I haven't touched Windows 10 yet, but on my Windows Phone with the latest update this "feature" can also be easily disabled: Settings -> System -> Advertising ID.

"Also, when device encryption is on, Windows automatically encrypts the drive Windows is installed on and generates a recovery key. The BitLocker recovery key for the user’s device is automatically backed up online in the Microsoft OneDrive account."

I agree that this one is potentially ripe for abuse, but if someone manages to get access to your recovery key, he also needs (physical) access to the OS itself and, if this happens, you clearly have much bigger problems to worry about. Besides, what are the alternatives? Would you prefer to lose the recovery key and be locked out of your PC?

"To enable Cortana to provide personalized experiences and relevant suggestions, Microsoft collects and uses various types of data, such as your device location, data from your calendar, the apps you use, data from your emails and text messages, who you call, your contacts and how often you interact with them on your device."

Is anyone one really surprised by this? I mean: personal assistants, software or otherwise, need to know about you and "your stuff". Magic would be nice and telepathy is a close second, but "poking around" will have to do for the time being. For what is worth, I won't use Cortana, but mostly because I find it really weird to talk to a computer -- not to mention the fact that I curse, swear and shout on a regular basis.

“We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to”

This is the real worrisome part, if you ask me. But I don't do mail on Windows (or OS X) and your ISP, the NSA & C. can peek at your mail anyway; and don't forget that if you use Dropbox, GoogleDrive, OneDrive, etc. you're pretty much serving them your data on a silver platter. But you know what? Maybe for some people convenience is worth more than privacy, I don't know. In fact I don't even use Windows as a general purpose computing platform, only as as a glorified Xbox/Playstation: turn it on, play some game for a bit, turn it off.

To summarize: I don't think that there's nothing new or surprising about what Microsoft is putting in "the fine print". It's bad, but pretty much anyone else is just as guilty and the only difference is that Microsoft is being upfront about it -- at least with the brave souls who will take the time to read all that stuff. Those who are serious about privacy and "data ownership" already know to use something else. And again, I'm not talking about OS X either. We are lucky enough to have many alternatives that are certainly good enough for general purpose computing -- just take your pick.


Edited 2015-07-29 12:48 UTC

Reply Score: 5

RE: Playing the devil's advocate
by RJay75 on Wed 29th Jul 2015 20:44 in reply to "Playing the devil's advocate"
RJay75 Member since:

Finally someone else on this thread seeing a bigger picture.

Basically if anyone wants to take advantage of syncing between devices so you can move from device to device and have the same expectation (ie. if did something under the MS account on one device some will hope Windows is smart enough to know you did that when switching to another device.) The information to facilitate this has to be collected and sent somewhere.

For Cortana to be anywhere as predictive as it's billed to be there's gotta be some aggressive data mining to 'get to know' the user.

A lot of this comes at a cost as it does with Google, Apple and others. They advertise to you unless you opt out. And to do that effectively they need to identify you somehow.

Some of this is overreaching and can be dialed back. But to anyone in the IT field who's had a hint of some of Windows 10 and Cortana's capabilities, just how was any of it going to be accomplished if your data was never used? Where was the data going to come from?

The biggest concern of any of this should be, How well is the data being secured? Who is it available too? Can I be personally identified with the data as stored should it be stolen or placed in 3rd party hands?

New operating systems are trying to get the device to be more and more of an extension of the user as possible. The amount of processing needed to the predictive info, the mechanics of syncing devices remotely and automatically, always have access to your data regardless of device or location cannot happen if nothing is ever collected.

Plain and simple if you don't want to use any of those capabilities, turn them off. No more data collection.

Reply Parent Score: 1