Microsoft keeps making news on the privacy front, and not in a good way.
Much has been made of the way Cortana in Windows 10 may invade your privacy by collecting data such as the words you speak and the keys you strike. Though that is disturbing to many people, Microsoft has responded by noting that Cortana needs to know that information in order to fulfill users’ requests. That’s true, but beside the point. The real issue, as my fellow columnist Steven J. Vaughan-Nichols points out, is that it’s extremely difficult, if not impossible, to completely turn off Cortana.
Another potential privacy danger is more hidden than Cortana, buried deep in Windows 10 — what’s called telemetry data. Telemetry gathers detailed information from every Windows PC, laptop and device about how Windows 10 is being used. So it tracks, for example, what software is installed on the system, what crashes occur, when and how they occur, and more. And there’s no way to turn that off, unless you use the enterprise edition of Windows 10 and your IT department essentially flips the “off” switch.
Microsoft claims there’s no need for users to worry about the privacy implications of the telemetry data gathered by Windows 10 because the company aggregates and anonymizes the data and doesn’t collect personal information such as names, email addresses and account IDs. A blog post by Terry Myerson, Microsoft’s executive vice president for the Windows and Devices Group, titled “Privacy and Windows 10” claims that the information is used to improve the reliability of Windows and applications that run on it.
But Microsoft has been called to task for the practice by privacy advocate the Electronic Frontier Foundation. A blog post by EFF staffer Amul Kalia criticizes the company not just for collecting information for Cortana, but also for collecting telemetry data. Kalia writes: “A significant issue is the telemetry data the company receives. While Microsoft insists that it aggregates and anonymizes this data, it hasn’t explained just how it does so. Microsoft also won’t say how long this data is retained, instead providing only general timeframes. Worse yet, unless you’re an enterprise user, no matter what, you have to share at least some of this telemetry data with Microsoft and there’s no way to opt-out of it.”
Microsoft counters that if a PC didn’t allow this kind of data to be collected, it might not work properly. But there’s a problem with that argument: If that’s the case, why does Microsoft allow telemetry to be turned off in the enterprise edition of Windows 10? Don’t businesses care about their PCs working properly?
This brouhaha is one more example of Microsoft’s tin ear when it comes to privacy issues. For example, when Microsoft released Windows 10 last year, it introduced a feature called Wi-Fi Sense that raised privacy flags because it allowed the operating system to share your Wi-Fi passwords with others. In fact, it wasn’t really a privacy invader because no automatic sharing occurred, and the power to turn it on or off was in users’ hands. But sometimes perception is reality, and as Microsoft stubbornly defended Wi-Fi Sense, it got a great deal of unnecessary bad press along the way.
Sign up for MIS Asia eNewsletters.