The launch of Windows 10 has resulted in some electronic privacy concerns rising to the surface that have not been widely reported on or understood by most technology users. The extent to which you give Microsoft access to information about your computer use by leaving these various features activated (most are ‘on’ by default) is largely a matter of your individual comfort level with how Microsoft will use the information. While some of the collected data is used to improve Microsoft software by analyzing crashes or malfunctions, much more of it is used to ‘improve user experience’ by tailoring advertising based on user location or previous web browsing habits.
One feature that we strongly recommend users disable is the “Getting to know you” setting, which can be found from the Windows button (formerly the Start button on the bottom left corner of the screen), under Settings, then Privacy, then Speech, inking, and typing. This setting is designed to gather information about your typing and speech patterns to improve search results, among other things. It seems to work by collecting keystrokes and sending them over the network to Microsoft for analysis. This sounds a lot like a key logger. While the connection to Microsoft is surely encrypted, there is still potential for controlled information typed in by a user to be transmitted to a third party (Microsoft), in which case the user loses control of how that data is used or safeguarded.
Below we make some general privacy setting recommendations based on our understanding of how the information is used by Microsoft. These settings are recommendations for users who routinely work with sensitive data and they are a good baseline for all Windows 10 users. Understand that some of these recommendations may limit Windows functionality in the interest of improving privacy and safeguarding personal and university data. Individual organizations and users should carefully consider each setting to determine what is appropriate for your organization.
To find these settings, click on the Windows button, then Settings, then Privacy.
Recommended Privacy Settings
|General||Let apps use my advertising ID for experiences across apps (turning this off will reset your ID)||Off|
|Turn on SmartScreen Filter to check web content (URLs) that Windows Store apps use||On - this helps filter potentially malicious URLs.|
|Sent Microsoft info about how I write to help us improve typing and writing in the future||Off|
|Let websites provide locally relevant content by accessing my language list||Off - unless you have a specific need for this feature.|
|Location||Location||Off - for most users this isn't helpful. If it is for you, select the apps that have access on this panel.|
|Camera||Let apps use my camera||Off - or at least limit to specific apps that might need access.|
|Microphone||Let apps use my microphone||Off - or limit to specific apps.|
|Getting to know you||Disable ("Stop getting to know me" button)|
|Account info||Let apps access my name, picture, and other account info||For each of these settings, we recommend that you carefully consider which individual apps might need to access your information and select apps appropriately. If in doubt, a good rule of thumb is to disallow access until there is a compelling need to allow it|
|Choose apps that can access your account info|
|Contacts||Choose apps that can access your contact|
|Calendar||Choose apps that can access your calendar|
|Messaging||Choose apps that can read or send messages|
|Radios||Let apps control radios|
|Other Devices||Sync with devices||Off - potential for abuse by malicious users within wireless range.|
|Use trusted devices||Off - potential for abuse by malicious users within wireless range.|
|Feedback and diagnostics||Feedback Frequency||Never|
|Diagnostic and usage data||Basic|