Windows 10 Full and Basic Telemetry Data collection information
One of the complaints about Windows 10 ever since the operating system's introduction was that it was not really clear what date Microsoft's Telemetry and data collection services collected, and transferred to the company.
Linked to that was the missing option to turn the collecting off for good -- this is reserved to LTSB Enterprise versions. The only built-in option that users had until now was to set the collecting to basic.
Several privacy tools for Windows 10 come with options to block Microsoft Telemetry servers so that communication won't take place anymore.
Microsoft announced in early 2017 that it would change privacy options in the Windows 10 Creators Update version. One of those changes was a reduction of Telemetry levels from three, to just Basic and Full.
You can switch between the two diagnostic levels by opening the Settings application (Windows-I), navigating to Privacy > Feedback & Diagnostics, and selecting the other option -- Full or Basic -- on the page.
Windows 10 Full and Basic Telemetry
The Feedback & Diagnostics page of the Settings application reveals little information on what is being collected.
Microsoft did publish two articles recently that offer information in great detail on what it collects in basic and full Telemetry modes.
The listings are a hard read, and the basic listing is especially difficult to go through as it is highly technical in nature. The full listing is a bit better, as it is less technical.
Basic Telemetry on Windows 10
If you go through the basic telemetry listing on the Technet site -- linked above -- you will find listed the following information among many, many other entries:
- Operating system name and version, locale.
- Date and time.
- Locally defined, unique ID for device, and device class (e.g. Server or Desktop).
- Various unique user, machine and application identifiers.
- Various information about the system, both in hash form and strings, e.g. OEM manufacturer information, device name, TMP version, active microphones, firmware, networking information, license state, license key, processor, speech settings, storage, display, and more. (see Census listings there).
Full Telemetry on Windows 10
The full Telemetry listing includes information on the basic level, as it is included, and information on data that is only collected if full is enabled. The format is better, as it is less technical in nature.
- Header information: OS name, version, build and locale, User ID, Xbox UserID, Environment (e.g. application ID), diagnostic event name, HTTP header information, device ID (unique), device class, event collection time, diagnostic level.
- Device, Connectivity, and configuration data:
- Device properties: OS, installation type, processor, memory, storage, firmware and battery information, OEM details, hardware chassis type, color and form factor, virtual machine.
- Device capabilities: information about camera, touch and process capabilities, TPM, virtualization hardware, voice, number of displays, DPI and resolution, wireless capabilities, OEM information, advanced camera capture mode.
- Device preferences: User settings, user-provided decice name, domain or cloud joined, domain name hash, MDM settings, Bitlocker, Secure Boot and encryption settings, Windows Update, default app and browser choices, default language settings, app store update settings, Enterprise and commercial ID.
- Device peripherals: information on connected peripherals including names, models, manufacturers, drivers.
- Device network info: Networking information including available SSIDs and BSSIDs, connectivity status, proxy, DHCP and other details, IP address type, hashed IP address, data transfer rates, IMEI or MCCO, and more.
- Product and Service usage:
- App usage: Usage statistics, content searches within app, reading activity, user navigation and interaction with app and Windows features, time of and count of app and compoinent launches, duration, user interaction methods and duration.
- App or product state: Start menu and taskbar pins, app launch state, personalization impressions delivered, user interaction with UI controls or hotspots, User feedback, caret location or position within documents and media files.
- Login properties: Login success, failure, sessions and state.
- Product and Service data:
- Device health and crash data: information about device and software health including crash and hang dumps, system settings, error codes and messages, user generated files, details about abnormal shutdowns, hangs or crashes, crash failure data.
- Device performance and reliability data: performance information, including user interface interaction duration, on/off performance, user input responsiveness, disk footprint, power and battery live, service responsiveness.
- Software Setup and Inventory data:
- Installed applications and install history: Names, IDs, package family names, publisher, type of software, install date, method, install directory, installation type, more.
- Device update information: Update readiness analysis, number of applicable updates, downlad size and source, Windows Update machine ID, Update Server and service URL, and more.
- Content Consumption data:
- Movies: Technical video information, e.g. height or width, encoding, stream instructions, if there is an error, URL for a specific two second chunk of content.
- Music & TV: Service URL for song being downloaded, content type, local media library collection statistics, region mismatch.
- Reading: App accessing content and status, and options used to open a Windows Store Book, language of book, time spent reading, content type and size.
- Photos App: File source data, image & video resolution.
- Browsing, Search and Query data:
- Microsoft browser data: Text typed in address bar and search box, selected for Ask Cortana Search, browser ID, URLs, page title, auto-completed text, service response time.
- On-device file query: kind of query, number of items requested and retrieved, file extension of search result user interacted with, launched item kind, name of process, hash of search scope, state of indices.
- Inking Typing and Speech Utterance data:
- Voice, inking and typing: Type of pen used, pen gestures, palm touch coordinates, input latency, ink strokes written, text of speech recognition results, APP ID, language information.
- Licensing and Purchase data:
- Purchase history: Product and Edition ID, product URI, offer details, date and time, purchase quantity and price, payment type.
- DRM and license rights details, license type, usage session.
Now You: Did you expect this level of data collection?
What if “unique ID for device” work as a root login ID and allows NSA or M$ backdoor access to your PC?
I’m sure the NoSuchAgency Loves the level of detail included in the MS info dumps. Can you imagine the work involved to achieve this level of infiltration on the U.S. populace surreptitiously? Instead, let’s take a different route… look ’em right in the eye while you lie with a straight face, and ram this garbage right down their throats. That’s only for the ones who dare question what you are doing. Don’t forget the massive percentage of the populace who don’t or won’t question what the Mighty MS is doing, or Why? Anyone here who has a relative that got burned by GetWx10 upgrade? Maybe Gramma came downstairs one day and her computer was shit?
All of this is a complete hose-job on the US population, one of the biggest straight-faced lies ever perpetrated on the people of this country. There are always ulterior motives. Don’t take it people, there are alternatives.
No, but the mouse wheel works best here.
https://technet.microsoft.com/itpro/windows/configure/windows-diagnostic-data
Notice that the second column in the tables is titled “Examples”, not “Data collected”. This means that M$ is still being opaque about what information they’re collecting. Nonetheless, go over the list of data that they admit to collecting and you’ll see that they literally provide no privacy whatsoever from what I can see.
I wouldn’t touch Windows 10 with a barge pole. Mandatory background updates and full telemetry, they can…. well… I know that I can’t cuss here but you can imagine where I was going with that.
I’m still using XP on the computer I surf with and will continue to do so until it’s literally no longer possible. And yes, I do back up my data -frequently and on multiple media.
My other, Windows 7 computer is physically offline. No wireless connection, no CAT-5. I don’t update it and use it only to view media and other offline pursuits.
My next computer will be ordered without an operating system installed and I will put one of the Linux distros on it.
I just updated to Creators, and everytime I click on Basic privacy, it somehow manages to change to full.
How do i fix this?
They have hidden the scroll bars in the Settings App in v1703 b15063.13
While your mouse is the upper left corner or center of page changing settings there is no vertical scroll bar.
It is only when the mouse touches the right side does a scroll bar appear.
Most people will click from page to page unaware there are many more settings available to change.
Is there any way to make the scroll bar permanent?
Actually I am happy MS is ruining their business, more people helping with linux now. Keep up the good work MS.
Linux FTW! :)
If everyone start contacting the developers asking them to port/develop for Linux with Ubuntu in mind as standard platform and Vulkan as standard API for gaming. The more people do it the better, developers will realize there is demand for Linux. The moment most developers begin to develop/port softwares and games to Linux is the moment windows begins to lose market share. Developers are the key.
@Canada, The difference is in Linux, if your chosen distro wants to gather data, is that it can be turned off and the whole world can check if the off button really turns things off.
Linux also collects telemetry and all the services you use on the internet.
“So the OS really has a keylogger in it. Great! This is so bad, I’m at a loss for words atually..”
Key-logger, speech-logger and ink-logger are on by default. Don’t panic, everything is encrypted before it’s sent to Microsoft.
“Don’t panic, everything is encrypted before it’s sent to Microsoft.”
The only thing this means, is that the NSA will collect the data as it traverses the Internet, because “encrypted communications are deemed to be suspicious by default and thus kept until deciphered, as was taught to us by the hero Edward Snowden.
Its no wonder that the US government looked the other way while Microsoft was engaging in all of that shady conduct last year to get this software on as many computers as they could.
Hopefully the EU will look at privacy that concentrates on the data custodian’s liability under the law. Break privacy laws and you will be held accountable under criminal law. Get hacked and you will NOT be considered a victim if customer data is made public or if customers suffer financial loss or are prevented from obtaining services, employment or entering into contracts. Introduce meaningful penalties: threatening to throw company executives behind bars works a lot better than fines. Privacy statements can not be considered ‘agreements’ under a EULA.
The basic tenants of law also need to be applied to privacy – when you take something that is stored on personal property, without permission, it is theft. A computer is personal property and the data on a computer is personal property. The OS should not be used to commit burglary.
> Operating system name and version, locale.
None of their fucking business.
> Date and time.
None of their fucking business.
> Locally defined, unique ID for device, and device class (e.g. Server or Desktop).
None of their fucking business.
> Various unique user, machine and application identifiers.
None of their fucking business.
> Various information about the system, both in hash form and strings, e.g. OEM manufacturer information, device name, TMP version, active microphones, firmware, networking information, license state, license key, processor, speech settings, storage, display, and more. (see Census listings there).
None of their fucking business.
So the OS really has a keylogger in it. Great! This is so bad, I’m at a loss for words atually..
Looks like it.
Inking Typing and Speech Utterance data:
Voice, inking and typing: Type of pen used, pen gestures, palm touch coordinates, input latency, ink strokes written, text of speech recognition results, APP ID, language information.
Not really true, if you want to opt-out, use LTSB instead.
And of course there was a lot of data collected in Windows XP, even more personal ones since Windows Media Player and such.
And third… you did not have to ‘buy’ it, it was a long time for nothing.
Seeing as the LTSB is only available on Windows 10 Enterprise how exactly is that relevant to people without a Volume Licensing deal?
Also the data collected since XP could be opted out of, the data collected with Windows 10 is unavoidable even with the Enterprise version.
Too little, too late shall be the cry,
Oh Microsoft, what have you done,
No crocodile tears can deny,
Such a lesson, a painful one.
Indeed, too little, too late. MS was counting on selling all of that data. Now, in the United States, the government is on the verge of letting the ISP’s sell user data – MS get shoved down the food chain. In addition, MS has alienated many of its users and driven them to other operating systems. Yes, I the think the lesson will be a painful one with real tears.
It’s very clear that previous Windows never automatically collected this much data from every user by default. I don’t have issue so much with collecting the data, as I do that it is done so by default and to its full extent which provides the least amount of privacy by default. This too me should not be the default but rather the optional choice. The default of basic data sharing would be satisfactory for Microsoft and give the end user more privacy. Let’s also not ignore the shear amount of data being applied to a persons data cap purely for Microsoft’s benefit. If you have multiple Windows devices set at default, this could amount to something of a issue for some people. Sorry, I don’t buy that this has always been done so its OK.
In general, consumers have to pay M$ a 10-year rental$ or license fee$ to use their Windows software, eg Win 10, on their own paid-for computer hardware and Internet access.
No doubt, the Windows software is owned by M$. But shouldn’t M$ have to request permission from the consumers if M$ wanna collect Telemetry & Data on their computer hardware using their Internet access, in order to profit from selling ads, users’ data, apps, etc.? What’s fair and right.?
An analogy is a wage-earner renting a home from the home-owner for a lease period of 10 years. Can the home-owner just barge into the rental home at any time without permission, eg to use the renter’s furniture, TV, food, Wifi, electricity, water, etc.?
Not a paranoid person but in my opinion for a average user the default should be basic not Full. I understand for a beta tester or developer Full can be useful to Microsoft, but feel that setting Full as default for ever users is a bit intrusive and assumes too much in what a user wants to share. I don’t find Creator does nearly enough to rectify or give better options for users or explain why it needs all this information by default. I just feel this was not disclosed previous for obvious reasons. The only reason Microsoft released it now, is to defend litigation that will come from how Microsoft defaults its privacy settings. At least it can say it is up front with users on disclosure. Although I find it very debatable that Microsoft can defend this data collection as benefiting anyone but itself.
All very well and good, but I find myself disagreeing with you at the very first sentence. Why can’t the default setting be “None” ? That’s the only sane default setting in my opinion.
Comm’ on!
Microsoft is collecting personal data since Windows XP at least.
There was it even harder to deactivate all the ‘spyware’
The difference is Windows 10 is the first version of Windows that makes it all but impossible to opt-out, something most people could opt-out of very easily via a single setting.
Is it just me who was a little confused by the articles description of the basic and full links, the basic link actually gives a field-by-field descriptions of the data collected at that level, it’s the technical details of what data points are sent, the full link is an overview of both full and basic, a layman’s description of what’s collected so to speak.
https://technet.microsoft.com/en-us/itpro/windows/configure/basic-level-windows-diagnostic-events-and-fields