Win 10: How much privacy do you have?

IT at my company has begun issuing win10 on the latest laptops. I am very surprised since my company is big and super paranoid about leaking IP.
(They install WAY too much crap on current win7 laptop.)

After discussing this with some friends who are win10 believers I got in a debate over what sort of things Microsoft is mining and how little privacy you have. (I was boasting that I'd be sticking with linux at home because I like privacy)

I started trying to google around for evidence but all I could find was FAQ pages from microsoft and some outdated news articles.


----- Looking for real UP TO DATE evidence; not Microsoft hate and heresay.

  1. Is there a special edition of win10 for businesses that lacks all the telemetry and mining?
  2. What telemetry exactly is still going through when everything is disabled? (just using built in settings, no additional software)

Damn... I think I understand what that's meant to be... but damn that can be abused.

"b. To the extent necessary to provide the Services to you and others, to protect you and the Services, and to improve Microsoft products and services, you grant to Microsoft a worldwide and royalty-free intellectual property license to use Your Content, for example, to make copies of, retain, transmit, reformat, display, and distribute via communication tools Your Content on the Services. If you publish Your Content in areas of the Service where it is available broadly online without restrictions, Your Content may appear in demonstrations or materials that promote the Service. Controls for how Microsoft personalizes advertising are available on the Security & privacy page of the Microsoft account management website. We do not use what you say in email, chat, video calls or voice mail, or your documents, photos or other personal files to target advertising to you. Our advertising policies are covered in detail in the Privacy Statements."

Hmmm... I don't speak legal enough to understand this one fully.

  1. Binding Arbitration and Class Action Waiver if You Live in (or if a Business Your Principal Place of Business is in) the United States.
    We hope we never have a dispute, but if we do, you and we agree to try for 60 days to resolve it informally. If we can’t, you and we agree to binding individual arbitration before the American Arbitration Association (“AAA”) under the Federal Arbitration Act (“FAA”), and not to sue in court in front of a judge or jury. Instead, a neutral arbitrator will decide and the arbitrator’s decision will be final except for a limited right of appeal under the FAA. Class action lawsuits, class-wide arbitrations, private attorney-general actions, and any other proceeding where someone acts in a representative capacity aren’t allowed. Nor is combining individual proceedings without the consent of all parties. “We,” “our,” and “us” includes Microsoft, the device manufacturer, and software installer.
    a. Disputes covered—everything except IP. The term “dispute” is as broad as it can be. It includes any claim or controversy between you and the manufacturer or installer, or you and Microsoft, concerning the software, its price, or this agreement, under any legal theory including contract, warranty, tort, statute, or regulation, except disputes relating to the enforcement or validity of your, your licensors’, our, or our licensors’ intellectual property rights.
  • You accept not to sue Microsoft.
  • AAA will provide a "neutral" arbitrator person which is paid for by Microsoft to decide whether you are in the right, or Microsoft is the right, and will tell you both how you should resolve the conflict, and what they tell you to do is mutually binding between you and Microsoft.

Obviously, this can never be as beneficial to you as a consumer as your ability to just sue and class-sue the fuckers.

Dropbox also did this, what, two years ago?

1 Like

They reserve the right to rifle your system and steal your intellectal property should you chose to use their os. :) My take lol

1 Like

Correct. And if you disagree, they will pay a guy to tell you that you are wrong, and shut to up :) .

Ed Bott would be all for that :) Sign him up.

After a long discussion with them I finally got them to admit ALL of the following....

  1. Privacy is incrementally taken from users by corporations at a rate that users are ok with at each increase.
  2. They are totally fine with where we are now and they would know in the future if their privacy is overstepped.
  3. MS has full access RIGHT NOW to their webcam, mic, and all raw passwords.
  4. They trust microsoft fully with all that data.
  5. Corporations don't do unethical things because they are made of people therefore they "trust MS and google fully"

I'm afraid for them... what should I do? lol.

So not that paranoid then.

If they are using windows, there's no real difference.

Lol. This is the prevalent attitude, though. People thinking someone is too big to fail, when all the facts point to the contrary - it is only a matter of time before any single entity fails.

An important question. Let me ask you a few counter-questions:

  • What can you do?
  • What do you want to do?
  • Why should you do anything at all?
  • Are you in a hurry to do it?

The price of not trusting these entities can be very high short term. The price of trusting them can be very high long term. We don't know the term.

1 Like

What can you do?

I know I can talk/discuss with them. Which I did for about 4 hours this morning.

What do you want to do?

Prevent them from making a mistake.

Why should you do anything at all?

Well, these are my best college budies. I do actually care for them. They are to be groomsmen in my wedding actually.

Are you in a hurry to do it?

Well... win10 is now upon us so the time feels ripe, no?

After discussing at length with them I feel I should say this... I too trade some privacy for convenience. I have an android phone and a gmail account.

That being said, I have a much different mentaility from them. I DO NOT trust MS or Google and take what steps I can to mitigate the loss of privacy.

  • I store my passwords myself in an encrypted txt file using gpg.
  • I don't use cortana or google now.
  • I use duck-duck-go instead of google search.
  • I limit what apps run and and their access on my phone and never give rights to things they don't need. (ghangouts keeps asking for gps data and I deny it.)

So yea, I use the products, but I distrust them like crazy and will absolutely not sacrifice privacy on my OS. It's the bottom layer and doing so voids privacy on all layers above it. They trust and go with the flow because it's comfortable. I'm ever resisting and mitigating. That is the difference.

None. I have absolutely none. But I don't mind either.

I recognize myself in your situation, I feel the same about big companies, and I take similar steps to protect my privacy, or at least make it more difficult for them to invade my privacy.

That said, I don't put too much time into my privacy, "time" being the operative word. I use Epic Browser and Opera with built in VPN:s, I spread my "googling" to multiple search engines, I disable telemetry to the level that I can automate, etc. Yes, I do have a serious VPN too, but I am too lazy to switch it on and off. But of course, google has all my mail, since I've never had the time to set up my own server. You probably have more privacy on Windows 10 than I. And believe it or not, it is my job that prevents me from having a satisfactory level of privacy. At work, we happen to trust the big companies (albeit grudgingly) to a far higher degree than I do in private. And I don't even think that is entirely unreasonable.

The reason I asked you those questions was, I didn't know they were your friends. Trying to convince people at work is usually a big no-no (potentially a career killer), unless done very carefully and over a long span of time - you'd essentially need to operate on the level of influencing the company culture.

Having spoken to your friends, do you think they'd change the OS to Linux if they had a well working browser, or do they need other programs to perform their day-to-day usage? Would they invest themselves into learning other programs, then they could just as well do it on another platform. Same if most of those programs are online.


Because sooner or later, you're going to have to download a "security update" and it's going to find a workaround for your on-system blocks, or even possibly your blocks on your networking hardware (have their telemetry IP's addresses blocked? All they have to do is change those IP addresses.)