Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


10:30 AM
Mark Weinstein
Mark Weinstein
Connect Directly
E-Mail vvv

Microsoft's Remarkable Pivot: Windows 10 Abandons Privacy

You can read all you want about Windows 10 powerful new privacy features, but that doesn't mean you have them.

The Windows 10 reviews are pouring in and the general consensus seems to be that it rocks (especially over Windows 8). It’s feature-rich, fun, and best of all, free. So why then is Slate.com calling it a privacy nightmare in dire need of reform? Because most of the powerful privacy settings are turned off by default. Yikes. Forget Clippy ever happened. There’s a new Microsoft sheriff annoying users in town.

The issue comes down to your personal information. Microsoft is acting as if it wants to collect lots of yours, more than it ever has before. And it’s not telling us why. In an Edward Snowden world, that scares people, as well it should. Sure, in certain instances it makes logical sense. Take Cortana for example, your friendly neighborhood personal digital assistant. Just like Apple’s Siri, in order to give you good ideas, Cortana needs to get to know you, your interests, and where you like to hang out. You can play with her settings if you choose, but the onus rests entirely on you. And therein lies the fundamental flaw of Windows 10: everything is on you.

You can read all you want about Windows 10 privacy features, but that doesn’t mean you have them. It’s kind of odd. A company builds powerful privacy into its application but then leaves it up to you to become Sherlock Holmes to find them. Even worse, Microsoft doesn’t highlight this fact. There’s no FYI; no “just in case you’re wondering.” Most people will never know what’s missing or in fact what they’ve got.  

To those who know about the privacy issue and want to resolve it, there’s another mountain to climb: changing the settings. This is not a one-click procedure. If you have the time and patience and want to go all techno-geek, then you can probably get there. If not, you’re kind of screwed. The end result is that everyday people won’t bother. They’ll opt for leaving well enough alone over being mired in some techno-hell. Isn’t that why most of us stick too long with technology, even when we know change would be for the better?

So what was Microsoft thinking? On the one hand, there’s the whole issue of keeping up with the Jones’s. Apple, Facebook, Google, all of Microsoft’s main competitors, collect information about you. Microsoft does too for that matter. But Apple and its CEO Tim Cook, as shown in recent speeches and blogs, suggest they want to change their tune. Microsoft looks like it potentially does too, but it sounds like the wrong song.  

Secondly, as Forrester Research’s Tyler Shields points out, it’s simple addition. Microsoft makes money off of its value-added services. If you offer those services as an opt-in, something that requires action and thought, most people tend to opt-out. If you reverse the equation, then most people are already opted-in and either uninformed about or uninterested in taking the time to reverse the settings.

Here’s what I recommend. Take care of business yourself. First off, start with an easy action item. Turn off Wi-Fi Sense, which is on by default. Wi-Fi Sense connects you to trusted Wi-Fi networks around you that your friends use. Hey, I get it. Not all of us have data plans. Sometimes we exceed our limits. And it’s kind of cool to chill in a room with friends and share the same network. But Wi-Fi Sense automatically shares access with everyone in your Outlook address book as well as your frenemies on Facebook whom you want to make feel small with exaggerations of your high life.

Next, stick with your own local account. Microsoft wants you to create a Microsoft account (formerly known as a Live ID). It’s all part of the wave that companies such as Facebook and Google ride where your whole life sits in a single account. They tell you it’s so easy and convenient, that you can access your stuff on any device. It also means they can lump your data together, making it easier to collect. I don’t trust that idea myself, not without clear protection of data and a transparent privacy policy, which is what I set up at my own social media company, MeWe.

Finally, I would fire Cortana. Take her off everything, except maybe your phone. If she’s on your phone, then minimize what you want her to know. Keep her as a work friend, one who only needs to know one aspect of your life instead of the entire you.

Microsoft is not the first to follow such user-unfriendly practices, nor will they be the last. That’s why we need to continue to demand that companies clearly inform users about the information they collect, how they use it, and where it goes. Only use companies and applications that follow such practices. In these modern times, actions really can speak much louder than words. In this case, yours can impact how Microsoft responds in this instance and others in the future. 

Mark Weinstein is one of the USA's leading social media and privacy experts and CEO of MeWe.com. Mark is a founder of social networking, a leading privacy advocate, and author of the award-winning Habitually Great book series. Mark is revolutionizing online communication at ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Strategist
9/3/2015 | 12:24:59 PM
Pivot This, MSFT
Glad I'm a slave to the Redmond Beast only at work these days, with Linux the primary OS at home, the dust blown off Win7Pro only when I must. Managed to avoid Win8 like I managed to avoid Vista (and Me before that); with luck Win10 will never make it into the house either.
User Rank: Apprentice
9/3/2015 | 8:48:29 AM
Re: Good Advice
I hate W10 for that, now we are the product !
User Rank: Strategist
9/3/2015 | 7:52:06 AM
If it's free
If it's free, then the product is you.
User Rank: Apprentice
9/2/2015 | 11:35:19 AM
Apple's data collection
Apple has never collected all of that data. It isn't that they want to stop. So let's get that right, at least. Google has been the worst, with Facebook second, because they are advertising agencies. Their "products" are just their way of gathering private info and placing it on their properties. Microsoft has mostly been a software company, selling software. But that situation is changing. In their rush to rival Google as a search engine, they had to collect a lot of data as well, in order to pay for it, and still lose hundreds of millions on Bing every year. But with them needing to give Windows away, a major way they're going to make money in the future, is with advertising, which we will be seeing in the OS itself, for the first time, as well as personal data collection that Microsoft can sell. A few years ago, Eric Schmitt, then CEO of Google (now chairman), said in a speech called "creepy", that "Soon, Google will know more about you than you will know about yourself, and will make decisions for you before you know you want to make them." Around the end of 2013 or 2014, Microsoft's Ballmer made the same statement about Microsoft. With Win 10, and now Win 7 and Win 8, we're seeing the truth of that. I don't worry about the pitiful amount of data about us that the NSA collects, which is really just the contacts we make on our phones every month, which is the data we see in our phone bills. I worry about Facebook, Google, Microsoft, Yahoo and others, whose business depends upon their collection of ever more data about us that the NSA can only dream of collecting. And if the NSA, or other law agency wants that data, it's just a warrant away, and maybe not even a warrant away. People would do well to remember that.
User Rank: Ninja
9/2/2015 | 11:30:31 AM
Good Advice
This is good to know. I figured this would be the case in most cases because the ease of use principle is held in almost just as high of a regard with the functionality of the software.

I will definitely be taking off Wifi Sense. But besides that I would just suggest tweaking the other settings within Cortana and Live Account Security. Removing them entirely takes away from the overall functionality of the software and isn't that why we upgrade in the first place?
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...