New data privacy controls are available for Microsoft users on the web and more Microsoft privacy tools will be...
coming to future editions of Windows 10.
The current iteration of the Microsoft privacy tools are aimed at "providing clear choices and easy-to-use tools that put you in control of how your information is collected and used," according to Terry Myerson, executive vice president for the Windows and devices group at Microsoft. The first set of tools has been released as a web-based data privacy dashboard with more controls planned for future versions of Windows 10. Windows 10 had drawn criticism over its privacy policies and data collection in the past.
Myerson wrote in a blog post that Microsoft wants to be transparent about the data it collects on users, so the dashboard will allow customers to "see and control your activity data from Microsoft including location, search, browsing, and Cortana Notebook data across multiple Microsoft services."
Bil Harmer, strategist in the office of the CISO at Zscaler, the cloud cybersecurity company based in San Jose, Calif., said the new Microsoft privacy dashboard is "straightforward, easy to understand and the controls are simple to use," but noted not all Microsoft services were part of the dashboard.
"They include the main sections of their suite -- Skype, Office, Xbox are all accessible -- but they don't have full integration. For example, clicking on Skype will just send you to Skype and leave you there and clicking Office Trust Center will send you to the help page of the Office Trust Center," Harmer told SearchSecurity via email. "While not ideal, this setup is better than nothing as it reminds you that you have different places to deal with privacy for each of the components."
Rebecca Herold, CEO of The Privacy Professor, said these tools are a "good step forward to support privacy transparency," but said Microsoft and others could go further.
"Of course all tech companies are long overdue for clear, understandable and meaningful end-user privacy controls. It would have been good to have seen something like this years ago," Herold told SearchSecurity. "But now that they started getting more proactive, it would be good to see them ramp up their efforts. More use of encryption, two-factor authentication and consumer-related logs access would be a great next step ... hopefully sooner rather than later."
Jeremiah Grossman, chief of security strategy at SentinelOne, the cybersecurity company based in Palo Alto, Calif., praised Microsoft's attempts to offer users a way to balance data privacy concerns with personalization options, but worried that Microsoft privacy policies may change without warning.
"Everyone must assume any data collected by Microsoft, and similarly by others, is effectively gone. At the end of the day, people will not be in control over their data for the most part, will not know if it's stolen or sold or if it has been used in a manner that they are uncomfortable with," Grossman told SearchSecurity. "Of course, everyone will appreciate whatever control they're given, but that's certainly not the end of the story -- as the story can be rewritten at any time."
Learn more about Microsoft privacy, data privacy and Privacy Shield.
Get info solving four common Windows 10 problems.