Windows 10: New app lets you see what data Microsoft is collecting
[This article has been updated several times since its initial publication to incorporate changes in Windows 10. Last updated: July 23, 2020]
Over the past several years, I've read countless "privacy guides" for Windows 10. Most are well intentioned, but they invariably take a simplistic approach to privacy: Just turn off every switch in the Privacy section of the Settings app, disable some services, and make a few magical registry tweaks.
If you do that, you're not understanding the privacy landscape, which encompasses far more than just those settings. You're also missing some important additional steps and potentially rendering a Windows 10 device more vulnerable to attack.
Windows 10 is a mix of software and services. With every session, a Windows 10 device exchanges a great deal of information with Microsoft's servers. That's neither unusual nor alarming. Microsoft's chief competitors, Google and Apple, also blend online services into their system software, with the goal of making your life easier and making that software more reliable.
So do other tech companies that you don't necessarily think of as software companies: Amazon, with the Echo. Tesla, with its self-updating, software-driven cars. Your smart thermostat, your home security system, and perhaps even the lock on your front door.
All those devices collect data to perform their assigned job, with additional data collection to identify problems that need attention by software engineers.
There's something profoundly satisfying about a service that anticipates your every move, reminding you when to leave for an appointment to arrive on time, or to pick up flowers for your anniversary tomorrow. Your digital personal assistant, whether it's Siri or Cortana or Alexa or Google, needs to be able to see your calendar and contacts to make that magic happen.
But when that sort of personal attention goes too far, it "crosses the creepy line," to use a phrase that Eric Schmidt probably regrets uttering when he was Google's CEO.
The thing about that line is that it's drawn in a different place for everyone. I know people who are thrilled at the idea that their PC or mobile device is so familiar with their actions that it can anticipate what they'll do next. I know others who would like to build a virtual Faraday cage around their computing hardware so that none of their personal details can escape.
Both of those viewpoints, and everything in between, are perfectly valid. That's why the software and services we use are loaded with switches and dials designed to help you take control of their potential privacy impact.
In this post, I'll walk you through the big privacy questions for Windows 10, with enough context to help you decide which settings are right for you.
Note that this guide assumes you are using Windows 10 on a personal PC or one in your small business. If you are in an enterprise setting, these settings might be under the control of your IT staff. If you are in a regulated industry, you should seek professional assistance to ensure that you're meeting proper standards.
Let's start with the part of your PC that has the biggest impact on your personal privacy.
No one knows more about your online identity than your Internet service provider. Every packet you send or receive from anywhere online goes through their servers. When you travel and connect to Wi-Fi networks that are under the control of others, the owners of those networks can see every connection you make and can intercept their contents.
Regardless of the platform you use, that's why it's important you use encrypted connections for any kind of sensitive communications. Using a virtual private network whenever possible is an excellent best practice.
Even with encrypted connections, your network provider can still gather information about your destinations. Setting up secure DNS over HTTPS is one solution. That option is currently available for Windows Insider builds but should be available for mainstream customers later.
In the initial release of Windows 10, the Wi-Fi Sense feature allowed Windows 10 to share a Wi-Fi password with some of your contacts. That controversial feature has been removed, and the Wi-Fi Sense feature now consists exclusively of an option to connect to paid, open hotspots that have been marked as known and trusted by Microsoft. If you'd prefer never to make those automatic connections, go to Settings > Network & Internet > Wi-Fi and turn the Hotspot 2.0 Networks switch to the Off position.
When you're connected to an untrusted Wi-Fi network, it's important to prevent other devices on that network from making connections to your PC. By default, new Wi-Fi connections are defined as a Public network, which sets the Windows Firewall to reject unsolicited connections from the local network.
To check (and, if necessary, adjust) these settings, go to Settings > Network & Internet > Status and click the connection name.
The settings shown above are appropriate for a trusted Wi-Fi access point in your home or office. For an access point in an airport or coffee shop, use the Public setting and consider disabling the ability to connect automatically.
The result is a digital fingerprint that can be extraordinarily detailed and, unfortunately, outside of your ability to change.
To limit the amount of information that those ad and analytics companies know about you from your web browsing, consider third-party anti-tracking software such as Abine's Blur, which is available for every web browser.
If you use the new Microsoft Edge, tracking prevention features are built into the browser. As an alternative, you can choose from a variety of add-ons designed to block ads and tracking. including Adblock, AdBlock Plus, and Ghostery. If you're using the new Microsoft Edge you can install these extensions from the Microsoft Store, or you can install them from the Chrome Web Store.
In the past, some privacy advocates were suspicious of Ghostery because of its uncomfortably close ties to the online advertising industry. But Evidon, the former owner, sold Ghostery to Cliqz in 2017, and the new owners appear to be more focused on privacy.
Ad-blocking software can also provide some privacy protection as a side-effect of performing its basic function. Here, too, watch out for close ties between some ad-blocking add-ins and the third-party trackers they supposedly protect you from.
Note that none of these steps is unique to Windows 10. Anti-tracking software is typically a browser add-in and works with most popular browsers.
The operating system
With those two big, platform-independent factors out of the way, we can now turn to Windows 10 itself. When you use a Windows 10 device, it is capable of sharing the following types of information with Microsoft's servers:
Windows 10 can determine your location to help with actions like automatically setting your current time zone. It can also record a location history on a per-device basis. Go to Settings > Privacy > Location to control the following:
- Location on/off Use the master switch at the top of this page to disable all location features for all users of the current device.
- Allow apps to access your location If location is on for Windows, you can still turn it off for your user account here.
- Default location Click Set default to open the Maps app and specify the location you want Windows to use when a more precise location is not available.
- Location history Click Clear to erase the saved history for a Windows 10 device.
If location is on, a list at the bottom of the Settings > Privacy > Location page allows you to disable access to that data on a per-app basis.
Cortana and Windows search
If you enable Cortana and sign in with your work account, Windows 10 uploads some info from your devices, such as your calendar, contacts, and location and browsing history, so that Cortana can make personalized recommendations. If you don't want any accounts on your PC to use Cortana, follow the steps in this article to disable the feature completely: Turn off Cortana completely.
Beginning in 2019, Microsoft radically revised the role of Cortana in Windows 10, separating it from Windows Search. Go to Settings > Search to adjust these options, including the ability to search content from any Microsoft cloud services to which you subscribe (Outlook, SharePoint, and OneDrive, for example). You can delete your cloud search history and your local search history from here.
Windows 10 uses some feedback from the way you type, write, and speak to improve performance for you and as a way to improve the overall platform. This isn't keystroke logging; rather, the operating system uses a very small amount of information. A separate feature uses your speech and writing history to make better suggestions in Windows and Cortana.
You can control these options under Settings > Privacy. Click Speech and turn the Online Speech Recognition feature off if you don't want to use it. Then click Inking & Typing Personalization and turn off the Getting To Know You switch so that your typos aren't used to improve things like the built-in spell checker.
Finally, go to Activity History and review the options to store your activity locally or send it to Microsoft. Clear either or both checkboxes if you wish. To clear previously saved information associated with your Microsoft account, scroll down and click the link under the Clear Activity History heading. That takes you to the Microsoft Account Privacy Dashboard, where you can review and clear saved information on the Privacy Dashboard.
Files and settings
When you sign in with a Microsoft account, you have the option to save files to the cloud using OneDrive. Windows 10 also syncs some settings to OneDrive, allowing you to have the same desktop background, saved passwords, and other personalized settings when you sign in with that account on multiple PCs.
If you use a local account, of course, none of your settings are synced. If you use a Microsoft account, you can turn off syncing completely or remove certain settings from the sync list by going to Settings > Accounts > Sync Your Settings.
OneDrive is an opt-in service. If you don't sign in, it does nothing. You can't save files to OneDrive accidentally, and no files are uploaded without your explicit permission, which you can revoke any time. To disable OneDrive for all users on your PC, follow these instructions: Shut down OneDrive completely.
Microsoft, like all modern software companies, uses feedback from its installed base to identify problems and improve performance. In Windows 10, this feedback mechanism produces diagnostics data (aka telemetry) that is uploaded to Microsoft at regular intervals. The data is anonymized and is not used to create a profile of you.
If you want more information about how telemetry works, see Windows 10 telemetry secrets: Where, when, and why Microsoft collects your data.
The default telemetry setting for all consumer and small business versions of Windows 10 is Full, which means that the uploaded data includes some details (also anonymized) about app usage. If you are concerned about possible inadvertent leakage of personal information, I recommend that you go to Settings > Privacy > Diagnostics & Feedback and change the Diagnostic data setting to Basic. You can also turn off the Improve Inking And Typing switch.
Beginning with the April 2018 feature update, Windows 10 includes a Diagnostic Data Viewer that allows you to view the information that is being collected from your device. For more details, see "Windows 10: Microsoft rolls out new privacy tools for telemetry data."
Although the number of subcategories under the Privacy heading in Settings seems daunting, most of them govern access to your information by Windows Store apps. That set of apps includes those that are preinstalled (Mail, Calendar, Groove Music, Photos, and so on) as well as those you acquire from the Store.
Most of the categories offer a single on-off switch at the top, which you can use to disable all access to that feature by all apps. If you leave the feature enabled, you can use a list of apps at the bottom of the page to enable or disable access on a per-app basis.
This capability works the same with the following categories: Camera, Microphone, Notifications, Account Info, Call History, and Radios. The Other Devices category lets apps automatically share and sync info with wireless devices that aren't explicitly paired with your PC. Use the Background Apps category to specify which apps are allowed to work in the background.
If Location is enabled, you have the option to disable location access on a per-app basis and to disable Geofencing.
The Contacts, Calendar, Email, and Messaging categories allow you to control which apps can have access to these features. If you want to share content from an app using email or messaging, this option has to be on for that app. Note that Mail and Calendar, People, and Phone always have access to your contacts; Mail and Calendar are always allowed to access and send email and always have access to your calendar.
Finally, one horribly misunderstood setting is available under Settings > Privacy > General. Advertising ID controls whether Microsoft serves personalized ads to ad-supported apps. If you turn this option off, you still get ads, but they're not personalized. Regardless of the setting, your information is not shared with advertisers.