Microsoft finally sheds light on Windows 10 telemetry

This morning’s revelations about Win10 Creators Update snooping (finally!) sheds light on your privacy, but there's a whole lotta snoopin' goin' on

Microsoft finally sheds light on Windows 10 telemetry
Leon Brooks

While we won't see a Snooping Off button in Windows 10 Creators Update, announcements this morning move us a big step toward a very simple, basic goal: We now know quite a bit about the privacy settings in Win10 version 1703. It's not exactly the Holy Grail, but nonetheless rates as a step over the Gorge of Eternal Peril.

This morning's Windows blog announcement called "Windows 10 privacy journey continues: more transparency and controls for you," covers a lot of ground we've already seen. But two TechNet posts from Brian Lich called, simply, "Windows 10, version 1703 Diagnostic Data" and "Windows 10, version 1703 basic level Windows diagnostic events and fields," cover new ground.

The Windows blog announcement contains a rehash of what's gone before. Back in January, I took a deep dive into the Creators Update privacy choices that appear when you install the Creators Update. Here's what you agree to if you choose to turn on all the choices:

win10 15063 install sequence 21 on IDG

 

And here's what you're missing with all of the choices turned off:

win10 15063 install sequence 21 off IDG

 

(If you're upgrading-in-place from an earlier version of Win10 to Win10 Creators Update, you see a less snazzy, but syllable-for-syllable identical set of selections.)

Diagnostics, you'll note, are set at either Basic or Full. There's no such thing as "none."

My objection back in January still holds:

The odd man out is the new setting marked "Tailored experiences with diagnostic data." That one raises a red flag for me because it says Microsoft can use diagnostic data to "get more relevant tips and recommendations to tailor Microsoft products and services for your needs." I guess it all depends on what you mean by "diagnostic data," but clearly Microsoft includes personally identifiable data—what one might call snooping—in its definition of "diagnostic data."

Now, finally, we have lists of what information that might include. Actually, we have two lists:

Windows 10, version 1703 Diagnostic Data gives a high-level view of the kinds of data collected at both Full and Basic levels, with a small handful of examples of the kinds of data in each category. The TechNet post breaks down those categories into Common data; ​Device, Connectivity, and Configuration data; Product and Service Usage data; Product and Service Performance data; Software Setup and Inventory data; Content Consumption data; Browsing, Search and Query data; Inking Typing and Speech Utterance data; and ​​​​​​​Licensing and Purchase data.

The second lists gives field-by-field descriptions of the data collected at the Basic level. Windows 10, version 1703 basic level Windows diagnostic events and fields runs more than 30,000 words describing the events and data being plucked. If my macro skills are still up to snuff, I count 1,966 separate data fields.

No matter how you look at it, that's a whole lotta snoopin' goin' on. That's in the Basic diagnostic level, no less. There's no definitive list for Full Diagnostics, as best I can tell.

This morning, Lich updated his TechNet post "Configure Windows telemetry in your organization" -- this latest version still covers the Enhanced Diagnostic level, although it'll disappear in 1703 -- but it doesn't contain a great deal of detail.

Windows and Devices EVP Terry Myerson says in the Windows blog post:

Our commitment to you is that we only collect data at the Basic level that is necessary to keep your Windows 10 device secure and up to date.

Although it isn't clear how frequently Microsoft transmits Windows data, how many of those 1,966 data items go out in each spurt, and how many machines are under scrutiny, the sum total of all that telemetry must be breathtaking.

You can blame me if you want. I've been kvetching about Microsoft's lack of transparency in Win10 snooping for years. It's nice to have the details in hand at last. Let's see what we can make of them.

The sheer volume of data is overwhelming. Microsoft collects a hell of a lot of data about your Windows system. It's going to take a lot of divining to figure out what goes out and when.

My biggest beef? There's still no "Telemetry Off" option, no ability to say, "Golly, thanks, but my machine's OK without sending you 1,966 pieces of info."

As for increased snooping in Windows 7 and 8.1, those remain unaddressed. MrBrian on the AskWoody Lounge has undertaken extensive testing, and the results aren't pleasant.

Microsoft's made a great step forward with Win10 today. This, much more than Insider nudging on Wintrivia, shows that Microsoft's management is listening to its customers. Perhaps this newfound transparency religion is in response to the Damocles sword of regulatory pressures in Europe. Perhaps it's a realization that resistance to Win10 adoption is founded on real concerns, not tinfoil hats. Whatever the motivation and its shortcomings, the direction's right.

Of course, I still recommend that you refrain from installing Win10 1703 for several more months. But when time comes to take the medicine, it may not be as bitter as anticipated.

Avid discussion continues on the AskWoody Lounge.

Copyright © 2017 IDG Communications, Inc.

9 steps to lock down corporate browsers
  
Shop Tech Products at Amazon