Pavel Ignatov - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

Microsoft privacy tools give users control over data collection

New Microsoft privacy tools will give users control over the data collected on the web and within Windows. Experts hope the tools will offer data privacy transparency.

New data privacy controls are available for Microsoft users on the web and more Microsoft privacy tools will be coming to future editions of Windows 10.

The current iteration of the Microsoft privacy tools are aimed at "providing clear choices and easy-to-use tools that put you in control of how your information is collected and used," according to Terry Myerson, executive vice president for the Windows and devices group at Microsoft. The first set of tools has been released as a web-based data privacy dashboard with more controls planned for future versions of Windows 10. Windows 10 had drawn criticism over its privacy policies and data collection in the past.

Myerson wrote in a blog post that Microsoft wants to be transparent about the data it collects on users, so the dashboard will allow customers to "see and control your activity data from Microsoft including location, search, browsing, and Cortana Notebook data across multiple Microsoft services."

Bil Harmer, strategist in the office of the CISO at Zscaler, the cloud cybersecurity company based in San Jose, Calif., said the new Microsoft privacy dashboard is "straightforward, easy to understand and the controls are simple to use," but noted not all Microsoft services were part of the dashboard.

"They include the main sections of their suite -- Skype, Office, Xbox are all accessible -- but they don't have full integration. For example, clicking on Skype will just send you to  Skype and leave you there and clicking Office Trust Center will send you to the help page of the Office Trust Center," Harmer told SearchSecurity via email. "While not ideal, this setup is better than nothing as it reminds you that you have different places to deal with privacy for each of the components."

Rebecca Herold, CEO of The Privacy Professor, said these tools are a "good step forward to support privacy transparency," but said Microsoft and others could go further.

"Of course all tech companies are long overdue for clear, understandable and meaningful end-user privacy controls. It would have been good to have seen something like this years ago," Herold told SearchSecurity. "But now that they started getting more proactive, it would be good to see them ramp up their efforts. More use of encryption, two-factor authentication and consumer-related logs access would be a great next step ... hopefully sooner rather than later."

Jeremiah Grossman, chief of security strategy at SentinelOne, the cybersecurity company based in Palo Alto, Calif., praised Microsoft's attempts to offer users a way to balance data privacy concerns with personalization options, but worried that Microsoft privacy policies may change without warning.

"Everyone must assume any data collected by Microsoft, and similarly by others, is effectively gone. At the end of the day, people will not be in control over their data for the most part, will not know if it's stolen or sold or if it has been used in a manner that they are uncomfortable with," Grossman told SearchSecurity. "Of course, everyone will appreciate whatever control they're given, but that's certainly not the end of the story -- as the story can be rewritten at any time."

Next Steps

Learn more about Microsoft privacy, data privacy and Privacy Shield.

Find out how Microsoft privacy and cloud security policies were clarified.

Get info solving four common Windows 10 problems

Dig Deeper on Data privacy issues and compliance

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

What do you think of the data privacy tools and how Microsoft privacy policies can be controlled by users?
This is a great proactive move by MS, indicative of what is going to happen in the near future with consumer data privacy. We will either be fully transparent and allow the consumer to control their digital footprint at their discretion, or we will face a flood of regulations that limit commerce and make the consumer harder to do business with. As an entrepreneur who is releasing a consumer data control platform in Q1'17, we applaud any and all efforts such as this to ensure the consumer is fully in control of their digital footprint.
Michael - It is nice to see Microsoft beginning to take a more proactive role with Data Privacy given their footprint and resources, they could make a significant contribution to this "underdefined area," Privacy as well as Cindy's comments that if this is not handled in a transparent and scaleable manner, commerce with individual consumers will be negatively impacted.  That said, I also agree with Jeremiah Grossman's comments completely that "at the end of the day, people will not be in control over their data for the most part, and will not know if it's stolen or sold or if it has been used in a manner that they are uncomfortable with," which is everyone's growing concerns in the connected world we are entering into.
Trust is everything in this failing company
How long before we actually have these protections? And please God tell me someone out there is working on a way to stop NVIDIA's unlawful data collection.

When their program files state "<get_every_known_document_type> and "<get_every_known_file_format> (it's been awhile since I read them might not have the last underscores) nothing is offlimits. When the shadowplay.dll shows that they are uploading every file I create in PhotoShop, that's theft. When the GUSA.dat file (before they encrypted it 4 months after I sent them one complaining and demanding answers) showed that they were "recording" and "streaming" everything you did. Unlike Microsoft's webcache files (which until November contained a direct path to every file you created, transferred from another device, or so much as opened in plain english) Nvidias' files are over written after I believe 500kbs or Mbs.

I do have pre-encrypted files that show this.
Sorry meant Nvidia's program files are programmed to overwrite after a certain size, unlike Microsoft's. Nvidia's files also say "bypass windows firewall" isn't windows firewall still the core of all third party vendors? 

I have video of a blocked Nvidia NV_Backend still sending out data, I have several videos of this. I am not a gamer just a designer... I have well over a years worth of video that shows NvBackend uploading my data, in one setting alone I filmed this pretty much unstoppable force uploading over 3Gbs.

I also have over a years worth of printspooler sending out data, even though I don't even have a printer. So is ANYONE out there working on stopping them? When you think of of all the people from all walks of life, home users, schools, business, and government with Nvidia graphics cards, and their program files also stating that they are uploading our files to Russia, China, Germany, Indonesia and a few other countries... Meanwhile our top officials blame theft of intellectual property on some of these countries.. What do you think Nvidia is doing? Probably handing it over to them in exchange for an undeclared paycheck!