Windows 10 and Privacy

Martin Brinkmann
Jul 30, 2015
Updated • Jul 5, 2017
Windows, Windows 10

This Windows 10 privacy guide is a work in progress. We will add new information and make adjustments once they become available.

When it comes to Windows 10 and privacy, there are lots of things that you need to consider. Probably the best starting point before you even begin to upgrade an existing system or set up Windows 10 on a new one is to read through the Privacy Policy and Service Agreement.

Yes, that is lots of text even if you only read the summaries that Microsoft provides. Please note that the two documents are not exclusive to Windows 10 but apply to Microsoft.

Tip: Check out our comparison of Windows 10 privacy tools. These help you speed up making privacy related changes to the operating system.

You do find "Windows" listed in the privacy statement.

Windows 10 and Privacy

There you find the following key information:

  1. Microsoft creates a unique advertising ID for each user on a device running Windows 10. This can be turned off in the Privacy Settings.
  2. What you say or type may be processed by Microsoft, for instance by the operating system's Cortana service or by providing spelling correction.
  3. Windows supports a location service that allows apps and services, such as Find My Device, to request your location in the world. This can be turned off in the Privacy settings.
  4. Microsoft syncs some Windows settings automatically when you sign in to a Microsoft account. This is done to provide users with a personalized experience across devices. Data that gets synced includes installed apps and their settings, web browser history and favorites, passwords and wireless network names, and addresses of shared printers.
  5. Telemetry data is collected by Microsoft. This includes installed software, configuration data and network and connection data. While some of it can be turned off in the Settings, not all can.

Core Windows 10 Privacy Settings

You find Privacy settings that Microsoft makes available under Settings. The page is surprisingly large and while it provides you with lots of options, does not give you full control over what is collected and submitted.

Open the Privacy settings with a tap on the Windows-key and the selection of Settings when Start opens. If Settings is not listed there, type Settings and hit enter.

Switch to Privacy once the Settings window opens. There you find listed all privacy related settings. Suggests are in brackets)


  1. Let apps use my advertising ID for experiences across apps (turning this off will reset your ID). (Off)
  2. Turn on SmartScreen Filter to check web content (URLs) that Windows Store apps use. (Off, but note that this may reduce security on the system. If you are inexperienced, leave this on.)
  3. Send Microsoft info about how I write to help us improving typing and writing in the future. (Off)
  4. Let websites provide locally relevant content by accessing my language list. (Off)



  1. Turn location on or off. Apps or services that you allow may access location-based data if on. (Off, unless you rely on apps that require it to be on, e.g. the weather app)
  2. Location History. If you have turned location services off, you may want to clear the location history on the device as well.

Camera and Microphone


  1. Let apps use my camera. (Off)
  2. Let apps use my microphone. (Off)

Switch these to off if you don't want apps to use the cam or microphone on your device. You may need it for select services, Cortana for instance or the Skype application.

Speech, inking & typing


  1. Windows and Cortana can get to you know your voice and writing to make better suggestions to you. We'll collect info like contacts, recent calendar events, speech, and handwriting patterns, and typing history. (Off, unless Cortana is used. This will turn off Cortana and dictation).

Account Info

account info

  1. Let apps access my name, picture, and other account info. (Off, unless you require this for select applications. Then leave it on and set permissions per application instead).

Contacts and Calendar


  1. Choose applications that may access your contacts or calendar. There are three by default for the Contacts, and two for the Calendar (the first two): App connector, Mail and Calendar and Windows Shell Experience. (Off, unless required).



  1. Let apps read or send messages. (Off if you are on the desktop and don't require apps to send text or MMS).



  1. Let apps control radios. This enables apps to use radios, such as Bluetooth. (Off, unless you use apps that require this).

Other devices

other devices

  1. Sync with devices. This setting syncs data with Microsoft and other devices you own. If you only use a single device, you may want to disable it. Note that syncing may come in handy when you set up the system anew. (Off)
  2. Let apps use trusted devices. (Off, unless required).

Feedback and Diagnostic

feedback diagnostics

  1. Send your device data to Microsoft. If you are an Insider, you cannot switch from Full(Recommended). If you are not, you may switch the setting to Enhanced or Full. It does not seem possible to turn this off completely.

What is transferred if you switch the setting to Basic is listed in the FAQ (when you click on the learn more link):

Basic information is data that is vital to the operation of Windows. This data helps keep Windows and apps running properly by letting Microsoft know the capabilities of your device, what is installed, and whether Windows is operating correctly. This option also turns on basic error reporting back to Microsoft. If you select this option, we’ll be able to provide updates to Windows (through Windows Update, including malicious software protection by the Malicious Software Removal Tool), but some apps and features may not work correctly or at all.

Background apps

  1. Select which applications may run in the background (Turn off all that you don't require. If you use Mail for instance, you may want it to run in the background while you may not want the same for "Get Office", "Photos" or "Xbox".

Settings > Update & Security > Windows Update

  1. Click advanced options.
  2. Defer Upgrades (Enable, only available in Pro and Enterprise editions)
  3. Select "choose how updates are delivered".
  4. Download Windows updates and apps from other PCs in addition to Microsoft. (Off).

Advanced Windows 10 privacy settings

Changing the Telemetry value using the Group Policy Editor or Windows Registry


This setting is identical to the Feedback & diagnostics setting. There is one difference however which only applies to Enterprise customers. Enterprise customers may turn this off completely, while Home and Pro users may set it to basic only as the lowest level.

To make the change in the Group Policy, do the following:

  1. Tap on the Windows-key, type gpedit.msc and hit enter.
  2. Navigate to Computer Configuration > Administrative Templates > Windows Components > Data Collection (It may be listed as Data Collection and Preview Builds).
  3. Set Allow Telemetry to Off if you are using an Enterprise account, to Basic if you are not.

To make the change using the Windows Registry, do the following:

  1. Tap on the Windows-key, type regedit and hit enter.
  2. Confirm the UAC prompt if it comes up.
  3. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection.
  4. Set the value of AllowTelemetry to 0 if you are on Enterprise, to 1 if you are not.

Use a local account

local account

Windows 10 supports two account types: Microsoft accounts and local accounts. Microsoft accounts are used by default and if you select that option, you sign in to the operating system using your account's credentials (usually email and the password).

You may use a local account instead for day to day activies. This can be arranged in the Settings under Accounts > Your account.

If you use a local account, you will notice that you cannot use certain features of the operating system. Windows Store and certain applications become unavailable for instance, and account data is not synced across devices.

Misc Group Policy Settings

The following settings are provided in the Group Policy Editor.

Computer Configuration > Administrative Templates > Windows Components > OneDrive

  1. Prevent the usage of OneDrive for file storage.

Computer Configuration > Administrative Templates > Windows Components > Online Assistance

  1. Turn off Active Help.

Computer Configuration > Administrative Templates > Windows Components > Search

  1. Allow Cortana.
  2. Allow indexing of encrypted files.
  3. Allow search and Cortana to use location.
  4. Do not allow web search.
  5. Don't search the web or display web results in Search.
  6. Don't search the web or display web results in Search over a metered connection.
  7. Set what information is shared in Search (Switch to Anonymous info)

Computer Configuration > Administrative Templates > Windows Components > Sync Your Settings

  1. Disable all syncing or the synchronization of specific settings, for instance Start, browser or passwords.

Computer Configuration > Administrative Templates > Windows Components > Windows Error Reporting

  1. Configure Error Reporting (do not collection additional files, do not collect additional machine data).
  2. Disable Windows Error Reporting.
  3. Disable logging.
  4. Do not send additional data.

Computer Configuration > Administrative Templates > Windows Components > Windows Update

  1. Configure Automatic Updates (Set to Notify for download and notify for install. May want to set the scheduled install day as well. This allows you to block updates from being installed)
  2. Defer Upgrade (Pro and Enterprise only, may defer upgrades til next upgrade period)
  3. Turn on Software Notifications ("Enhanced notification messages convey the value and promote the installation and use of optional software").
  4. Allow signed updates from an intranet Microsoft update location.

Additional resources of interest

Now You: We need your help to make this guide as complete as possible. Got other tips? Please share them in the comment section below.

Windows 10 and Privacy
Article Name
Windows 10 and Privacy
A complete and comprehensive guide to Windows 10 privacy that includes setting recommendations and detailed explanations.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


  1. Alexander said on March 2, 2021 at 11:15 am

    Indeed the late mr.

  2. DexterIsMyHero said on July 9, 2019 at 6:13 pm

    I opted to purchase Win10 Pro, even though I’m fairly functional with Debian Linux. The first thing I did was go through every setting screen I could find, turning OFF those “phone home and tattle” apps. The trouble is, you turn off to many and suddenly you can’t make backups or do updates.

    I’ve been through this twice now. Couldn’t “Reset” because no Recovery Media. So I had to reinstall the whole thing from a USB stick and start over.

    Has anyone figured out what “denied permission” breaks Backup and Update?
    I see error messages about VSS and VPP services, which seem to be running.

  3. Juan said on August 16, 2016 at 7:16 am

    There is only ONE DEFINITIVE solution to these Win10 nonsense. LINUX. Stuff a Linux box between your internet modem/router and the Win10 boxen and set your desired hosts file IN THE LINUX OS. That way Win10 WON’T BE ABLE TO RESOLVE THOSE ADDRESSES since they are cut off from outside it’s control. you can also install a packet sniffer and packet monitor and keep them running to catch any address change that MS may try to pass through updates to Win10 and adjust the hosts file accordingly.

  4. AD said on March 5, 2016 at 7:17 pm

    CHECK YOUR PRIVACY SETTINGS AGAIN!!!! The privacy settings are being AUTOMATICALLY RESET by Microsoft. I have now disables all data sharing multiple times, but some of them just get turned on again automatically.

    You THINK you’ve disabled all data sharing, but you haven’t. This has to be very clear to everyone. Go into your settings again after another update, or just after restarting your computer, and from time to time you will find that they have been set back to On.

    What they’re counting on is that you won’t check again. That you’ll set it all to Off, and think that’s done. But their user agreement is structured in a way that lets them do that to “give you a better experience.”

    Go ahead and check your settings and see for yourselves.

  5. henry said on August 25, 2015 at 5:02 am

    Has anyone looked at the DNS address that the telemetry / advertising is sent to and tried modifying the Hosts file to redirect that traffic to

    1. Chickpea said on September 24, 2015 at 12:12 am

      You can’t – some of them are apparently hard-coded and it doesn’t use the hosts file to resolve them.

      You might be able to reroute them in your router firewall….

  6. sanmiq said on August 17, 2015 at 4:29 pm

    thanks ,you help me alot. btw you think disabling some of feature . will it make my computer error ?

  7. DonGateley said on August 9, 2015 at 11:40 pm
  8. jak said on August 8, 2015 at 1:24 am

    Windows 10 is the worlds most widely spread virus.
    it logs everything you do, it not only collects information about you from your own computer, it also collects data from all over the internet, every person you e-mail, every purchase you make, every tweet and blog, the list is endless. if its out there it can be linked back to you.

  9. kalmly said on August 6, 2015 at 8:31 pm

    Umm. So – I do my banking, bill paying, and a lot of purchasing online. Wouldn’t that make my bank account and my credit card accounts open to MS?

    1. jak said on August 8, 2015 at 7:50 pm

      sorry about the repeat.
      I didn’t think the first one got through

    2. jak said on August 8, 2015 at 1:30 am


      and they aren’t intercepting the encrypted message they are capturing every keystroke you make, and its no use copying and pasting it. the clipboard is captured as well.
      Nothing you do is private anymore.

    3. jak said on August 8, 2015 at 12:49 am


      And there not intercepting the encrypted message there reading every keystroke you make.
      copying and pasting doesn’t help either they can access the clipboard.

      1. critter said on November 28, 2015 at 7:11 pm

        Dennis Beatty wrote: Wow… People like this exist online… that is scary.”

        Yeah, the shills, apologists, and propagandists for corporate espionage exist online… that is indeed scary.

      2. Dennis Beatty said on August 9, 2015 at 10:35 am

        Wow… People like this exist online… that is scary.

  10. Keith said on August 4, 2015 at 11:04 pm


    2015-08-04 I am not a religious person by any means but really – There are none so blind as those who will not see!

    And as of now – you will allow Windows 10 to see, record, collect, capture, and share as they see fit – everything on your device! (AND IT’S NOT JUST WINDOWS 10 – PLEASE Read all the way through)

    All the recent internet articles claiming how to disable Windows 10 or get around Windows 10 privacy policy are completely missing the point!

    To date all the articles I have seen/read talk about the same things, using the privacy settings to disable certain features to avoid having advertising served to you.

    If advertising is your only concern then you are blind to the inherent dangerous precedent of this change and loss of privacy by using Windows 10.

    The section everyone’s concerned with from Microsoft’s privacy statement is entitled “Reasons We Share Personal Data”, followed by “Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to:”

    WAKE UP PEOPLE — This statement/section has nothing to do with advertising!!!!! YOU CAN”T TURN THIS OFF WITH SETTINGS!!!!

    This is clearly aimed towards legal jargon, i.e. “Comply with”, “protect” this and that, etc., etc.
    Are you kidding me! How can people be so blind!!!! What happened to the 4th Amendment
    The most disturbing part of this statement is the part that says “when we have a good faith belief that doing so is necessary to:” Really!

    The real question is how the hell did Microsoft come to that “good faith belief”. Well it’s now time to open your eyes and wake up! They came to their belief because they read/viewed your files, they know everything about you, and because you agreed to give them this information. They are even so brazenly bold as to tell you how they did it in the same statement.

    It bears repeating, and requires opening your eyes to read, and allowing your mind to understand and comprehend what Microsoft says.

    QUOTE — “we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders),”
    It’s all over the internet and Microsoft themselves are telling you!

    What good are passwords when Microsoft is recording and collecting your typing, they are accessing your data, they are recording your voice, and all of this data is being collected by them in/on their systems.

    Your passwords, and apparently all encryption, is now utterly useless. What good are third party encryption services and programs when Windows copies your typing. It also now appears Bitlocker is a complete waste of time. Other sources on the net are now saying Bitlocker automatically backs up an encryption key to Microsoft’s OneDrive. Really!!

    I don’t personally use OneDrive, never have and will never use it intentionally. But, please remind me again, who has access to OneDrive, and please remind me what did you just agree to???


    Using Windows 8.1, I normally run my machine on a local account. I do not normally use social media. Unfortunately nowadays the only way to post online is to sign in somewhere. So, out of curiosity I signed in to my Microsoft account (something I never do) and clearly this new privacy statement has been applied. I’m on Windows 8.1 and I never agreed to all this crap. This is not part of the current 8.1 privacy statement. But yet there it is in my MSN account statement.

    Admittedly, yes Google and all the social media sites track you and collect your information when you surf online – the difference here is Microsoft clearly has access to and can copy keyboard activity and all of your files as they see fit.

    At the risk of sounding like a foil hat wearing conspiracy theorist – didn’t the Patriot Act expire June 1st, 2015. And yet less than two months later Microsoft releases this crap on the world.

    The DOJ, CIA, NSA, FBI and Homeland Security must be jumping for joy at their latest partners in killing the 1st and 4th amendments. After all since the patriot act is dead who needs a secret subpoenas when you have Microsoft in your pocket.

    All businesses worldwide should now be considering their options carefully. Do you really want Microsoft to have access to all your company data. Remember if you use their Windows 10 software, or maybe you still use windows 7, 8 etc but one of your employees signs on to their MSN account while using a your company machine. You just gave them permission and access to everything in your system.

    PRIVACY IS DEAD – all the social media sites and especially GOOGLE wounded it for the sake of advertising and the all mighty $$$$.

    But apparently we weren’t satisfied with its’ suffering.

    So we all left it up to Microsoft to strike the last blow and finally flat out slaughter it, and sent it straight to Hell.


    1. critter said on November 28, 2015 at 6:51 pm

      ^^This is the saddest aspect of the kit and kaboodle. Logging all keystrokes, access to any file on any drive, etc.. AND may be shared, without warrant or probable cause, with government agencies? Just by agreeing to this nonsense you forfeit your 4th amendment right to be secure — because although microsoft has come into *your home* and onto *your person*, by being a “third party” it has been decided by our corrupt court system that you no longer have protection under the constitution. This is absurdly insane. Since such services have become part of our lives – in our homes and on our persons, these services must be granted the same status as attorney/client privilege so that: by law (and threat of millions of billion dollar lawsuits) Microsoft may not share any information at any time with anyone, especially the Tyranny, or any agency connected with, or acting on behalf of the Tyranny without a search warrant granted by a constitutionally recognized court of jurisdiction upon the foundation of probable cause. And by law, any company providing such services is forbidden opt out or breach the Constitutional Contract without, not merely ticking of a box, but written notarized consent on paper via snail mail. ;-)

    2. Anonymous said on August 6, 2015 at 3:32 pm

      ..drops microphone

  11. DonGateley said on August 4, 2015 at 10:18 pm

    Another comprehensive article on this topic:

  12. DonGateley said on August 4, 2015 at 9:50 am

    The thing that I find most disconcerting is that they are by default (and who knows about otherwise) capturing your typing fingerprint. Once associated with you that can be used to id you with near certainty anywhere on the net that you type under any id whatsoever. It’s as accurate as a real fingerprint. Would you give them your swirls and whorls under any circumstances you can think of?

    Anyone who thinks MS is the only agent that will have access to that is naive indeed.

    1. Dennis Beatty said on August 9, 2015 at 10:33 am

      Fingerprint reading has been a part of Microsoft (and other places like android for example) for quite some time… Can you point me where this has been abused by any company to date?

      1. John said on September 29, 2015 at 2:51 pm

        He means word print.

      2. DonGateley said on August 9, 2015 at 11:34 pm

        Really, Dennis. Were it to be used surreptitiously, why on earth do you think examples would abound or even exist? It is exactly the lack of enforced transparency that concerns me. If one reads their new terms of service they reserve the right to access and use anything in any way they want with no notification it is being used or how. Whether they actually take and use it or not, their latitude to do so without any reporting requirement is far too wide.

      3. Tony said on August 9, 2015 at 9:55 pm

        Dennis, we can’t access their system to know what they are doing….do you want to give me your fingerprint ? I promise I won’t abuse it

  13. Greg said on August 4, 2015 at 8:42 am

    I see a lot of great tips and advice about avoiding, bypassing, or in some way subverting Windows 10 tracking.

    All good advice that I would encourage people to follow, and honestly I hope more major game companies start to code and platform their IP for linux.

    The issue I have that I think and hope most people would agree with is that we should not have to go through all this. Protecting our Privacy from Microsoft should not be this daunting task. Most home users would not have the first clue how to install or use linux, even with a super easy distro like Ubuntu. Most of those same users don’t even have a clue as to just how much information they are giving up to Microsoft.

    Doesn’t it bother anyone that Microsoft is creating every user a unique “Advertising ID”. The term alone should give you the creeps.

    It is utter BS that we are now being forced to choose between convenience and privacy. What Microsoft, and also Google and Apple, are doing would make George Orwell nauseous. You can have fun and have no privacy, or have privacy and no fun. What the H#!! kind of choice is that. Well fine, if I have to make the choice then I choose to give up fun. F&*^ you Microsoft.

    1. Dennis Beatty said on August 9, 2015 at 10:31 am

      “It is utter BS that we are now being forced to choose between convenience and privacy.”

      We are ALWAYS forced to choose… How do you expect a company to provide you the services and convenience many want without having access to the data that it requires to do so? How can Cortana, for example, be able to provide you notifications on upcoming flights or meetings without being able to read that information in the first place Sure, you could manually go through and set up notifications manually, but the convenience of Cortana is that you don’t have to. So to provide that, they need this information.

      They aren’t using this information for nefarious means, spying on what you are doing, selling that information to anyone, etc.

      I think if anyone could do this without that information they would be precognizant, which is even more scary, or they would be instantly rich because companies like Microsoft would love to be able to do all of that without needing to manage that data at great cost…

      1. Anonymous said on November 5, 2015 at 6:29 am

        The program needs the data to operate, the company does not. The data does not need to be sent anywhere for the program to function. This mantra of “How does it work without your data?” is at best misleading, and at worst intentionally nefarious. Programs can very easily be written in such a way that does not involve collection or storage of data after use and still maintain functionality. We have more than enough processing power for that these days.

  14. Bruce Hebrew said on August 3, 2015 at 11:13 pm

    Here’s a tip:
    Dual boot win10 with ubuntu 14.04LTS or 15.04, encrypt your home dir on install.
    Use win10 for gaming only, I’ve found that ubuntu is faster at most anything anyways.
    If you still want to use windows 10 as your main OS use programs like box crypt and vera crypt to make any data MS can fetch useless.
    Use Tor and a VPN, and firefox as your browser.
    Use pgp in emails and get your friends to do so as well (Enigmail for Thunderbird works well for me).

    Several plugins for firefox:
    referer control
    advertising cookie opt out
    ublock origin

    Don’t ever use AES 512 encryption the NSA designed it with a back door, use AES 256 and if you use vera crypt use AES-Twofish-Serpent with the whirlpool 512 algorithm. Any one who tries to break that encryption will try and fail. Make your pgp key RSA 4096. At that point the weak link is your password make it long, personal and avoid camelback and leet speak, use a mixture of leet and non leet, most brute force algorithms will guess leet speak. At that point any back door in win10 is useless because any useful data will be encrypted.

  15. Usual Fool said on August 3, 2015 at 7:27 pm

    Windows has gone the full, systemic-malware route taken by Android – and others — so it seems..
    I’m running 10 on an old laptop for pure curiosity. Of course, 7 remains backed-up for when normality beckons.

  16. jimbobillyjoe said on August 3, 2015 at 6:35 am

    If they’re openly admitting to that much data collection then we should all be terrified at what is going on under the hood. And that’s assuming Win10 will respect your No/Off setting and wont just collect it anyway and simply flag the packets as For NSA Only for what you have turned “off”

    Combine this with the massive amount of bloatware that requires powershell voodoo to get rid of, and Services that you’re locked out of regardless of your account level and I’m giving this Windows a fine Two Finger Salute.

    If I didn’t do so much gaming on this box, I would upgrade Win7 to linux.

    1. Dennis Beatty said on August 9, 2015 at 10:25 am

      “If they’re openly admitting to that much data collection then we should all be terrified at what is going on under the hood.”


      They are being open and giving users the option of turning it all off. I see that as a positive compared to others who do far worse with telling you and without giving you that options. Maybe I’m just not seeing the conspiracies that others are?

  17. Tim said on August 2, 2015 at 4:29 pm

    Microsoft was open about data collection during the technical previews, but were tight-lipped about whether or not that practice would continue once Windows 10 went live. I guess we have our answer. No, thanks Microsoft. I’ll definitely skip Windows 10.

    1. Dennis Beatty said on August 9, 2015 at 10:23 am

      You do realize that anonymous telemetry has been used by Microsoft for several years… including Windows 7, right?

  18. copyitright said on August 1, 2015 at 12:55 am


    “Microsoft Windows 10 Users 14 Million Strong And Counting, “Overwhelmingly Positive”

    source: Forbes

    1. Nobody said on August 1, 2015 at 9:22 pm

      Chyeah. That’s before all the fixes are released and anybody knows better. I thought Windows 8 was great when it first came out. It was new and exciting compared to all the previous versions. After using Windows 8.1, wiping out my hard drive and falling back to the original Windows 8 (before updates were installed again) I realized just how terrible Windows 8 really was compared to Windows 8.1.

  19. Flyer said on August 1, 2015 at 12:48 am

    Hehe it has been expected :D The basic questions is “what else?”. It is one of zillion reasons why it is worth to wait at least a year or so before thinking about installation of Win 10.
    And as usualy this it a must to wasting a time for resolving problems not known before installation. :P
    No, thanks :D

  20. Scott Sanders said on July 31, 2015 at 11:46 pm

    I am having problems understanding what to to with these settings:

    Computer Configuration > Administrative Templates > Windows Components > Windows Error Reporting

    1 Configure Error Reporting (do not collection additional files, do not collect additional machine data).
    2 Disable Windows Error Reporting.
    3 Disable logging.
    4 Do not send additional data.

    If you could put a (disabled) or (enabled) beside each item it would help. Its a bit confusing without it on what to set it to.

    Best Regards
    Scott Sanders

  21. DonGateley said on July 31, 2015 at 10:49 pm
  22. DonGateley said on July 31, 2015 at 10:29 pm

    After the upgrade are you initially booted up in your Microsoft account so that they get a chance at a sync snapshot before you can change settings or does it initially boot up in a local account so that you can change your settings, including sync, before logging into a Microsoft account for things like OneDrive?

    1. Dennis Beatty said on August 9, 2015 at 10:22 am

      You can choose NOT to select ‘express settings’ on initial configuration and instead be taken to the configuration of those settings to set them before the system first starts up.

  23. smaragdus said on July 31, 2015 at 11:43 am

    It shouldn’t be Windows 10 but Windows 1984.

  24. IgHive said on July 31, 2015 at 9:15 am
  25. Anon said on July 31, 2015 at 8:37 am

    A f..king awesome article! Well done!
    I’m just sad that 99% of the idiots who use win10 will have no clue about what’s mentioned in this article (or even don’t care).
    Thanks Martin!

    Note: I’m predicting that win10 will launch visual and fingerprint recognition soon. Then, users’ visual and fingerprints info will be shared with US (and its partners’) law enforcements (I think Apple already does this) to protect our “national security”.

  26. ilev said on July 31, 2015 at 8:09 am

    Start->Settings->Update & Security->Windows Update->Advanced Options->Choose how updates are delivered..

    KB3073930 works with Windows 10 RTM.

  27. DonGateley said on July 31, 2015 at 12:00 am

    How does one upgrade to Windows 10 and turn off sync, or all surveillance, before they have a chance to occur even once?

    If it’s possible to do that with a script, somebody with the know how please write one! I would much rather selectively turn them on if I want them than have to figure out what to turn off.

    1. Dennis Beatty said on August 9, 2015 at 10:20 am

      “How does one upgrade to Windows 10 and turn off sync, or all surveillance, before they have a chance to occur even once?”

      Do not select ‘express settings’ and instead configure them before the OS starts up the first time.

  28. Decent60 said on July 30, 2015 at 9:59 pm

    Funny thing is, under their privacy statement, it has “For more information about data collection and privacy in Windows, go to” which takes you to “”….and I’m still trying to locate a more definitive answer on that from that link but thus far, nothing is popping up.

    This is a bit informational, tho, if you use Cortana:
    “You can turn off Input Personalization at any time. This will stop the data collection for this feature and will delete associated data stored on your device, such as your local user dictionary and your input history. As Cortana uses this data to help understand your input, turning off Input Personalization will also disable Cortana on your device. At, you can also clear data sent to Microsoft, such as your contacts and calendar data, user dictionary, as well as search and browsing history if your device also had Cortana enabled.”

  29. ansar said on July 30, 2015 at 9:38 pm

    Check out Start->Settings->Update & Security->Windows Update->Advanced Options->Choose how updates are delivered

    I set mine to local network only. :)

  30. Oxa said on July 30, 2015 at 9:26 pm

    I’ll be moving to Windows 10 in a couple of months, so just wanted to say thanks for all the great Win10 info.

    1. wybo said on August 1, 2015 at 11:48 am

      I will stick to 8.1 until the end. It is clear that once something is free the snooping increases.

      On top of that the forced updates is a hassle too. Yes they now have a tool to stop updates but is an awkward proces and not as thorough as the freedom one has with win 7/8 updates management.

      1. RMc said on August 31, 2015 at 8:34 pm

        The biggest issue is not what Microsoft might do with the data, but rather the treasure trove that data represents for hackers. Do we really believe that the MS servers are impenetrable? In a sci-fi movie, I might view MS as nefarious, but in reality we only need to read the paper about how criminal and Chinese hackers grab the records of millions. Now they have access to keylogging.

      2. Decent60 said on August 11, 2015 at 5:07 am

        @Dennis Beatty

        Actually that’s false. If it’s with any service that is on Microsoft’s servers, they have full access to it whenever they want. Generally, they use scripts to look for keywords for ads and other things (as it would be very bothersome to manually do it).
        Google made news about it when they (indirectly) got police involved when they discovered “child abuse images” that a guy was emailing to a person. No law enforcement contacted them. Same thing can happen with Microsoft emails or anything that you don’t host yourself.
        Amazon, Google and Dropbox do the same things with their data storage programs.

      3. Dennis Beatty said on August 9, 2015 at 10:19 am

        You do realize that most of this was enabled in 8.1 as well, right?

        A few things. First, telemetry is anonymous. Second, the only time that Microsoft could ‘look at your files’ is when necessary to comply with US law. Telling you that they are doing it is a good thing, instead of just assuming you know that. Finally, the advertising ID can be turned off (previously it couldn’t be).

        Many people just think that ‘they have all my data’, which isn’t really the case. They are accessing data to provide services to you. If you are more concerned about your privacy than these services (and no, MS is not selling this information or using it for nefarious reasons) then you are able to turn off. All of it. You won’t be able to take advantage of things like Cortana or synching your settings across devices, but that is your decision to make freely and MS is making it possible for you to do so.

        The reason that the ‘express settings’ are what they are is because that is what most users are going to want. Anyone concerned about their privacy never use the ‘express settings’ in any OS or application.

    2. Tom Hawack said on July 30, 2015 at 9:51 pm

      Why wait a couple of months if you’re sure right now that you’ll move to Windows 10, if I may ask?
      I’ll be waiting as well, but I have no idea now if I’ll be moving on, then.

      1. Oxa said on July 31, 2015 at 7:44 pm

        1. I don’t have the time to mess around with it right now.
        2. I want to see how things shake out with respect to installation, bugs, etc. Best to learn from other people’s experiences.

  31. Decent60 said on July 30, 2015 at 5:57 pm

    Few things that should be noted that cannot be turned off (unless you don’t use them):
    Your encryption key is backed up to OneDrive
    Microsoft can disclose your data whenever it wants to:
    “We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to protect our customers or enforce the terms governing the use of the services.”


    Another update to the security is that Windows Updates can be torrented to either local computers or those across the internet. Potentially a privacy issue as people can sniff the packets and get the IP of who is sending and who isn’t.
    This can be found in:
    Settings > Update and Security > Windows Update > Advanced Options > Choose how updates are delivered
    To which you can turn it off.
    Not only that it’s a privacy issue but it also uses your internet connection, really with out your permission to do the work of Microsoft on it’s updates. Setting the connection as a “Meter Connection” is Microsoft’s workaround for that if you cannot turn it off.

    1. Simon said on July 30, 2015 at 6:44 pm

      “Your encryption key is backed up to OneDrive”

      With Windows Pro on Desktop, you have the option to print or save the recovery key to file instead. But you could be right with Windows Phones and tablets.

      The bit about Microsoft accessing your personal data (including files in private folders) is particularly worrying though, because this could also include them using the ‘Fetch Files’ feature of OneDrive to give them access to all the files on your local drive too (not just the OneDrive files).

      1. Decent60 said on July 30, 2015 at 9:49 pm


        From what I’ve read/seen, if you are on your Microsoft Account and enable Bitlocker, upon encryption it automatically stores the recovery key on your OneDrive account. Now I haven’t tried this but this was listed on several tech sites, stating different sources.
        If you use a local account, obviously that’s not possible to use OneDrive.

  32. hirobo2 said on July 30, 2015 at 5:43 pm

    You know, the reason why Win10’s deafault theme is bland and confusing to read, especially in the new settings app is b/c they want to discourage you from messing with the default settings, which are privacy intrusive!

  33. yoav said on July 30, 2015 at 3:50 pm

    This is nuts. They might as well have a camera installed as well, constantly pointed at the user.

    1. George P. Burdell said on July 30, 2015 at 7:20 pm

      They already have a camera in your face. See:

      P.S. You need a shave.

      P.P.S. Ha, ha, just kidding!

      P.P.P.S. A few layers of duct tape over the lens will help reassure you if those software fixes are not enough.

      1. yoav said on July 30, 2015 at 8:29 pm

        Thanks, I really do need a shave!

  34. gadcdf said on July 30, 2015 at 2:40 pm


    I think you should also mention Wi-Fi Sense in the context of an article on Windows 10 and Privacy.

    I realise that you have a separate article on Wi-Fi Sense, but having your password widely distributed is also a privacy issue in my book, and it would be good to also have it mentioned in this article – at least with a reference for completeness sake.


    1. KittyCat said on August 6, 2015 at 12:53 am

      Your password is never distributed. Furthermore, it asks you if you’d like to grant access to a network before the access is actually ever granted.

    2. Martin Brinkmann said on July 30, 2015 at 7:30 pm

      It is only distributed if you choose to share, correct?

      1. Bobby said on July 30, 2015 at 11:17 pm

        It is turned ON by default.

  35. Nathan said on July 30, 2015 at 2:34 pm

    I find myself skeptical/paranoid as to how effective would turning this features off be. Wouldn’t Microsoft be able to still harvest all that private data from any Windows 10 machine regardless of the user preferences? To be fair, if you really care about privacy, you should probably switch to any version of Linux. Windows has backdoors for the NSA.

    1. Shamus said on July 31, 2015 at 10:15 am

      For what little it may be worth, I made the switch to Linux Mint about 18 months ago (when support for WinXP ended). There’s more than a few things that are more difficult on a Linux machine than a Windows box (such as adding drives or mapping network drives) but that’s just how it is. Some things (the initial setup is easier and faster and updates are easier, (no restarts required). It’s a trade off. Linux isn’t “better” than Windows but given the privacy issues that plague Windows and that f**cking awful User Access Control, Linux Mint is what I’ve settled for.

      1. G said on September 2, 2015 at 3:23 am

        [imo; flames > /dev/null]
        I don’t think it’s that linux is harder to use, it’s that it’s different to windows. Both in the way that things are done, the layout of the filesystem .. right down to the path separator being ‘/’ over ‘\’
        At one point windows was new to everyone and we had lots of stuff to learn to use it well – linux is the same. New system, new learning curve.

        When I first switched to a *nix system it felt alien, even using Ubuntu pr Mint required me to read up on how and why linux did stuff a different way.

        But to be honest, with the exception of many games running only on windows, I’ve yet to require anything that can’t be easily done on linux that I required of windows. Your mapping network drives example, if I understand correctly – to mount samba shares on boot? That can be done with a one line addition to /etc/fstab for example.

        With so many variations of *nix out there I tend to think that there is one for any kind of user. LFS being the extreme DIY right the way to something like Ubuntu which does everything windows does out of the box .. only better .. complete with GUIs to configure everything.

        If steamos manages to get the kind of support for linux gaming that windows currently enjoys I’d certainly never touch windows again.

    2. loki said on July 31, 2015 at 2:55 am

      Do you remember this?
      “NSA Helping Microsoft With Windows 7 Security”
      And this was before … you know … the big revelations. I remember how one of my friends was saying: “I hope this will end all those XP security problems …” :))

  36. Pete said on July 30, 2015 at 2:34 pm

    What a nightmare. This is the final nail in the coffin. No more Windows for me in the future*. I’m going to run 8.1 until my machine dies or gets replaced, or if I get accustomed to Linux Mint really fast. *For some win games the free insider windows, with fake account, dual boot will suffice.

    1. Max_x2 said on October 20, 2015 at 10:20 pm

      You cold also go the Xen way, although i think your hardware has to support it.

  37. null said on July 30, 2015 at 12:32 pm

    you can configure them all you want but many of the group policies are not applicable for win 10

  38. Joker said on July 30, 2015 at 12:19 pm

    Even people who buy new licenses are subject to these surveillance-tactics. Unbelievable. And they say Google is bad.

    1. Someone said on August 30, 2015 at 5:38 pm

      And the worst thing is that you don’t even know if it really turns anything off at all. It could work out the same way the infamous Do Not Track header. Every browser supports it, but all advertisers ignore it. Who knows if these settings really do anything at all? They may simply do nothing and no matter what you do all your data gets sent to microsoft. Its possible. Who cares about privacy policies if nobody ever finds out? You may even not be able to find where your data goes and how. It may all be masked as a simple Update Check. Who knows? We don’t have the source code. We can’t check it. We can’t find security problems. We can’t even fix them.

    2. Tom Hawack said on July 30, 2015 at 2:16 pm

      I was thinking the same thing. Google, Facebook, Twitter and other little brothers require no fee, when a Microsoft OS’s license is not free (to put it mildly). These privacy issues of the New Microsoft participate in my decision to postpone Windows 10 install and could even lead me to move to another OS once (or before) Windows 7 end of lifetime. I wonder if Microsoft would have adopted this position if Ballmer had stayed in the office.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.