justinkendra - Fotolia

Windows 10 data collection is all in the game

Windows 10 collects a lot of user data but Microsoft says it is all in an effort to deliver the best user experience.

In HBO's critically acclaimed series, The Wire, Omar Little has a saying he uses to justify his crimes: "it's all in the game." Omar's saying refers to the Baltimore drug trade, but it can be applied to the recent outcry against Windows 10 data collection.

Windows 10 sends telemetry, personalization and services, and advertising data back to Microsoft's servers, but that's the tradeoff users must accept if they want Windows 10 features such as Cortana to work to their full potential. And the reality is Apple iOS and Mac OS X, Chrome and Android all collect similar information. Nothing is really completely private: it's all in the game.

What to expect from Windows 10 data collection?

For starters, Windows 10 collects telemetry data, including security settings, memory snapshots, crashes and application usage. In Microsoft's privacy statement the company says Windows 10 also collects data from emails, text messages, contact lists, passwords, user names, IP addresses, website visits, search terms and software use. The OS even tracks where users are with GPS and Wi-Fi hotspots. Cortana also integrates with Bing to tracks users' search histories and communications.

Yikes, right?

It's not quite as bad as it seems. Microsoft does not scan the content of any user communications. It does not use the data to deliver targeted advertising. And all the sensitive data and personal information is tucked away on the backend of Microsoft's servers and anonymized so the company cannot identify the specific users it comes from.

So, why is Microsoft doing this?

Microsoft's defense against Windows 10 privacy concerns is that all the Windows 10 data collection is to optimize the user experience.

For example, all the telemetry data helps Microsoft identify any problems in Windows 10 and fix them so the OS continues to perform reliably. Windows 10 is also chock full of services that come with inherent data collection needs, such as Outlook and Cortana. For programs like these to work properly they need access to user preferences and files. If users want Cortana to be a real personal assistant, it needs access to their calendars, emails and more.

Can you make it stop?

All of the Windows 10 data collection is to optimize the user experience.

When it comes to telemetry data for Windows 10 Enterprise and Education users the answer is yes. There are three different telemetry settings to choose from: Basic, Full and Enhanced. Enhanced is the default setting and sends the most information. Any Windows 10 user can pick through the three options, but Enterprise and Education users can turn off telemetry data collection completely.

Other ways to limit what data the OS collects -- and limit some Windows 10 privacy issues -- include altering privacy settings to disable data sharing or changing Group Policy settings to lock down devices. Users can also adjust their privacy settings to prevent Windows 10 from sending both online and offline search data back to Microsoft.

The biggest problem with limiting the data flow is that Microsoft doesn't make it particularly easy. During the upgrade process, for example, there is a big button that says, "accept default privacy." The choice to customize privacy settings is small and hard to find. Microsoft's privacy policy is also more than 12,000 words long, and it features a jumble of legal jargon that would go over most users' heads. For many, it's a problem that users must actually take action to opt out of the privacy settings.

What's the deal with Wi-Fi Sense?

Wi-Fi Sense takes the hassle out of sharing Wi-Fi passwords. The Wi-Fi owner must simply make the network shareable and Wi-Fi Sense sends an encrypted file to the other person trying to access the network. The other user must be in range and have location services activated for it to work. The other user never sees the Wi-Fi password which is particularly helpful if the Wi-Fi owner uses the same password for other things. Users can unshare their wireless networks anytime, and guest users cannot access other devices on the network, such as a printer. In addition, guests cannot share the network with other users.

Obviously Wi-Fi Sense comes with some privacy concerns of its own in the enterprise because IT admins generally don't want users to grant Wi-Fi access to anybody they feel like. Fortunately if an enterprise uses the 802.1X standard Wi-Fi network Wi-Fi Sense does not work. If an organization doesn't use that standard, admins can simply put _optout in the network name and Wi-Fi Sense ignores that network.

Next Steps

Top 10 Windows 10 features for IT pros

Detailed guide to Windows 10

Should organizations avoid Windows 10?

Dig Deeper on Windows 10