If I may put on my tinfoil hat for a moment, the description of Basic diagnostic data that appears in Myerson’s post sounds like plain-vanilla telemetry. But check out the description of diagnostic data in the initial privacy setup screen:
Tailored experiences with diagnostic data / Get more relevant tips and recommendations to tailor Microsoft products and services for your needs. Let Microsoft use your diagnostic data to make this work.
It sure sounds like Google-level snooping.
Conclusion: I don’t know what to make of it.
The upshot of Microsoft’s stance on your privacy
Microsoft has never given us a definitive list of what, exactly, is included in Basic diagnostic data. It sounds like it’d be simple enough, but I’ve never seen a list. We have no way of verifying what data is going out—the packets are encrypted, as they should be. On top of all that, we don’t really know which privacy choices lead to what kinds of data heading to the mothership. There’s a lot more than Basic diagnostic data floating around.
Instead of providing a plain, simple list—and a big Off switch—Microsoft could arrange to have an independent auditor take a look at the situation. That seems unlikely to happen now, as the new setup screen has passed muster with the Swiss data protection authority, according to Reuters:
“The FDPIC investigations revealed that data processing in connection with Windows 10 did not conform in every respect with the data protection legislation,” the authority said in a statement. In response, Microsoft made proposals to the commissioner which had been agreed after adjustments by the FDPIC. “The technical implementation of the modifications requested by the FDPIC will be carried out worldwide as part of the two Windows 10 software releases planned for 2017,” the FDPIC said. The Swiss government agency said the agreement with Microsoft meant there was “no need for court proceedings”.
Even the Electronic Freedom Foundation has toned down its initial stab. Nick Heath at TechRepublic quotes Amul Kalia, the author of the original EFF report, as saying:
These are very important and welcome changes when it comes to Windows 10 privacy. I commend the company for listening to user feedback and moving in the right direction. … A big concern for us was the amount of data being collected by Microsoft under each telemetry level and the lack of a way to opt out of it. Though we’d need to examine the concrete details more, today’s announcement shows that Microsoft paid attention.
From a higher-level perspective, Microsoft is frittering away an important competitive advantage by maintaining this secrecy. Clearly, Google snoops far more than Microsoft. Whether Apple snoops as much is open to debate, but Apple has a readily identified privacy technology—Differential Privacy—while Microsoft does not.
Microsoft has a chance, right now, to claim the moral high ground. The chance won’t come again.
Sign up for CIO Asia eNewsletters.