It’s another firestorm out there, now that folks have started analyzing the new privacy policies for Windows 10. Many of the criticisms stem from a reading of one particular policy statement, which seems to indicate that Microsoft will normally protect your personal information — except in those cases when it won’t protect your personal information. Here is the new Windows 10 privacy policy:
"We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to protect our customers or enforce the terms governing the use of the services."
In addition, a few people have noted that Cortana, the new personal assistant that works like Siri, can track your location and other preferences. Oh, and then there’s the new “feature” that serves customized ads to you, even when you are playing games.
As is usually the case, some of these concerns are valid and some are coming from users and experts who may not fully understand the topic or who have never directly contacted Microsoft to understand what the policies mean. There’s a sense that people are starting a fight, or that there’s a bone to pick. I’m just as concerned about privacy, and the last thing I want to do is have my personal information tracked and stored. Yet I also hate misinformation. And, thus far, it's all been one-sided.
So I contacted Microsoft to get its side of the story.
[ More on Windows privacy ]
Now, before you read these statements, you should know that Microsoft usually addresses these issues through an official statement, not through one specific person. The company does not like to attribute quotes on policies, and the statements are released through multiple groups and vetted accordingly. I’m including the official statements, but know that these were released to me directly. (Microsoft says these statements may be released to other reporters in the future, however.)
Let’s start with the easy one. I’m not taking sides here, but it’s pretty obvious that Cortana is not going to sell you out for asking her to find divorce lawyers or find an escort. Like most digital agents, you have to agree to release personal information like location and preferences in order for the assistant to actually work. It’s not that surprising that Cortana needs this info. Says Microsoft:
“Customers can always turn Cortana off, putting the customer in control of Cortana. Information customers choose to provide Cortana is stored locally on the device and uploaded to Microsoft’s servers. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use or disclosure. For example, all data sent from Cortana to Microsoft is encrypted in transit and we store the personal information you provide on computer systems that have limited access and are in controlled facilities.”
OK, so that's fairly clear. You can disable the assistant. In terms of the custom ads, again, it is fairly common, especially if you use Google products. First, Microsoft released this statement to me:
“Microsoft does not use or share content of user’s email for purposes of personalized advertising. We do not provide a customer’s email address, emails or other personal information to advertisers. Microsoft does not use what you say in email, chat, video calls or voice mail, or your documents, photos or other personal files to target ads to you.”
There’s a bit of a caveat here. The company does say each computer is assigned a unique ID and that ads will be served accordingly, but you can disable this setting as well. It's a bit surprising that the OS itself serves ads, but we're in an age when a free operating system has found a way to pay for itself (e.g., the Google model).
Now for the big one. The concerns over sharing your personal information with authorities may be completely justifiable. The statement released to me was quite clear:
“Microsoft may share information when required by law or to respond to legal process or lawful requests, including from law enforcement or other government agencies.”
You can find out more information about this particular policy right here. And, to be honest, it's also not that surprising. However, you still have the right to object, you still have the right to express concerns, and you can choose to not use the new OS.
Now, I’m interested in your feedback. I don’t claim to be a security expert. I mainly wanted to give Microsoft the opportunity to defend the new policies, and it has. Do they still seem nefarious ? Are you going to switch to a Mac or Linux?
Post in comments.