Three New Privacy Concerns with Windows 10

Six months in from its initial launch, there’s little doubt that Windows® 10 offers many great features that cement its reputation as the OS upgrade users have been waiting for since Windows 7.

However, Microsoft has established a more intrusive presence with Windows 10; in fact, there are several settings that could compromise user privacy, some of which are rather difficult to fully disable.

The world’s leading PC optimization software System Mechanic® offers a brand new suite of tools to help you do just this, should you decide to opt out of Microsoft’s data collection and other user tracking tools. Called Privacy Shield, the new features allow you far greater control over how Microsoft monitors your computer habits, even letting you adjust settings that without System Mechanic you could only adjust by diving into the registry and making edits there.

Without prior knowledge that these specific Windows features exist or what they are individually named, even those you could adjust from within the Windows Control Panel cannot be easily found because typing general privacy queries into the Cortana search box won’t list them. Let’s look at what these new Microsoft services are in more detail.

Telemetry and Data Collection
The first of these potential privacy concerns is Microsoft’s Telemetry and Data Collection, which is a more aggressive form of the once-volunteer-only Customer Experience Improvement Program (CEIP). Now, if you do not vigilantly customize your Windows 10 settings and opt out during installation, you will not be able to opt out of Telemetry and Data Collection later without a potentially treacherous registry edit.

This service automatically collects data on user habits, including memory snapshots and information on program usage, system configuration, network connection, and more. Microsoft has been unclear about the amount and types of data being collected.

What Microsoft says about CEIP is that Windows “can collect information about how you use your apps, your PCs, connected devices, and Windows … If you choose to participate in Windows CEIP, Windows will send this data to Microsoft, and will also periodically download a file to collect more relevant information” (emphasis added).

This statement was accurate for users up to Windows 8.1—now, all of the above is true except the choice to participate. The vast majority of Windows 10 users have already opted into Telemetry and Data Collection.

What data is being collected?
What user information is Microsoft collecting, exactly, and what are they doing with it? The company’s official Privacy Statement delivers only vague answers. But what they do list may surprise you. Microsoft reports that among the info “collected, processed, or transmitted” are “[a]pp use information, including information about the features you use most often, such as how frequently you open apps, how often you use Windows Help and Support, which services you use to sign in to apps, and how many folders you typically create on your desktop.” This does not appear to be a trivial amount of information, and users would do well having the option, at least, to not share it.

Wi-Fi Sense
This is a new wi-fi network sharing feature that allows people in your online social networks to automatically gain access to your wi-fi network without having your password. When enabled, anyone on a Windows 10 device from your Outlook, Facebook, and Skype contacts can automatically log in to your wi-fi network.

The passwords are stored in an encrypted form on a Microsoft server, and then shared with your contacts’ various Windows devices directly, theoretically keeping your passwords invisible to them.

“Theoretically” because a decrypted version of your password almost certainly gets stored somewhere on their machines—how else would these devices gain wi-fi access? It therefore seems that a skillful troublemaker could comb through their own registry and learn your password.

Wi-Fi Sense is turned on by default, but won’t share your connections unless you initiate use of the feature. Still, once a user chooses to share their network, wi-fi access is granted to all contacts, regardless of whether a contact is an actual person the user knows and trusts.

Inconvenience, at the very least, wins the day if we all suddenly must be much more discerning about how and with whom we connect. One of the nicer things about modern business networking, for example, is how effortless it can be by casually connecting digitally with strangers. But no amount of vigilance is ultimately enough. Modern digital communication is far too porous. For example, what about now-dormant Skype contacts that were solely established to communicate in a work environment but set up with a personal Skype account? The crossover between the intimate and the impersonal can be very messy nowadays.

Also, it is not a stretch to imagine that a big, powerful corporation like Microsoft housing a giant database of user passwords in the Cloud somewhere could become a target of cyberattacks.

Yet another concern is, even among those you trust, malware may be installed on some devices without your contacts’ knowledge. Who else may currently have—or has ever had—access to each of your contacts’ PCs?

SmartScreen Filter
This feature analyzes the websites you visit and compares them to a list of known phishing sites or those known to harbor malware. SmartScreen also warns you before downloading potentially malicious content from the internet.

These services may be much appreciated, but unfortunately SmartScreen also collects information on your browsing history and sends it to Microsoft. The filter may also conflict with your internet security software or security features built into your browser.

Again, what data are we giving away about ourselves?
From the SmartScreen settings window, below the courteous if vague heads-up that, “Some info is sent to Microsoft about files and apps you run on this PC,” you can click to view the company’s Privacy Statement.

In it, Microsoft admits that, “In order to help provide our services, we occasionally provide information to other companies that work on our behalf …The personal information we collect from you will be used by Microsoft and its controlled subsidiaries and affiliates to enable the features you use and provide the services or carry out the transactions you have requested or authorized.”

Microsoft also says that they “may access or disclose information about you, including the content of your communications,” though they state that this is limited to legal compliance purposes and customer and company personal safety and property protection. Nevertheless, this language once again reflects that a pretty broad swath of information about you is considered in play by Microsoft for collection, sharing, and storing without your knowledge of any specifics.

System Mechanic has your back
You may decide that these features work well for you and you prefer to keep them fully enabled. What troubles no small amount of users, however, is the new trend toward automatically opting into them, as well as making it difficult to opt out. You can disable—or re-enable—these Windows 10 features whenever you like with a few simple clicks from within the new System Mechanic 15.5 Privacy Shield wizard. For more information, visit www.iolo.com/products/system-mechanic/.

Windows is a registered trademark of Microsoft Corporation in the United States and other countries.

iolo UptoSpeed

UpToSpeed™ is iolo's ongoing article series written by PC experts for everyday computer users. Each article is packed with easy tips and practical advice on the latest issues affecting computers to help you get the most out of your PC.






Stay Connected

Stay Tuned®

Receive helpful PC optimization articles like this one directly in your email inbox.

We respect your privacy and would never share your information.

Three New Privacy Concerns with Windows 10