News Stay informed about the latest enterprise technology news and product updates.

Windows 10 telemetry data collection details revealed

Microsoft exposes Windows 10 telemetry practices just a week before Creators Update; may allay privacy concerns over Windows 10 data collection.

After nearly two years since its latest major update, Microsoft has finally released complete details of what Windows...

10 telemetry data will be collected by its latest Creators Update version.

Facing ongoing pressure from users, as well as the top EU privacy watchdog group over privacy issues related to Windows 10 telemetry data collection, Microsoft has been making an effort to improve its privacy stance, including the addition of new privacy settings and configuration options to allow individuals and enterprises greater control over what types of data are shared with it.

"Microsoft collects Windows diagnostic data to keep Windows up to date, secure and operating properly. It also helps us improve Windows and, for users who have turned on 'tailored experiences,' can be used to provide relevant tips and recommendations to tailor Microsoft products to the user's needs," Microsoft's Brian Lich wrote in a TechNet article that described all of the Windows 10 telemetry data collected, along with examples of that data.

Windows 10 data collection can be configured in four different levels, although one, the "Security level" for Windows 10 telemetry, is available only in Windows 10 Enterprise, Windows 10 Education, Windows 10 Mobile Enterprise, Windows 10 IoT Core (IoT Core) and Windows Server 2016.

  • Security: This is the lowest level that allows sharing of data necessary for keeping Windows secure, "including data about the Connected User Experience and Telemetry component settings, the Malicious Software Removal Tool, and Windows Defender," Lich wrote.
  • Basic: Includes basic device information such as application compatibility and usage data, as well as quality-related data; Security level data is also included.
  • Enhanced: Includes information about how Windows and applications are used, advanced reliability data; Basic and Security level data is also included.
  • Full: Includes "all data necessary to identify and help to fix problems, plus data from the Security, Basic, and Enhanced levels."

Most Windows 10 telemetry data includes Common Data, which incorporates diagnostic header information about which version of Windows is in use, UserID or Xbox UserID, device ID, information about the diagnostic event being collected, what diagnostic level (Basic or Full, for example) the device is opted into and more.

Other categories of data collected at higher levels include more device, connectivity and configuration data; product and service usage and performance data; browsing, search and query data; and more. Windows 10 data collection at the Full level may share more personal data than most users are comfortable with, including data relating to content consumption; browsing, search and query data; and "Inking, Typing, and Speech Utterance data," which can include just about any touchscreen, keyboard and audio speech entered into the system.

Even at the Basic level, a considerable amount of data is collected. For example, basic device data gathered includes device attributes ranging from the version of Internet Explorer and the capacity and type of battery in use, to key networking information, including the number and speed of network adapters, as well as the mobile operator network being used -- and even the IMEI (International Mobile Equipment Identity) number assigned to the device.

Other device network information that can be accessed through Windows 10 data collection at the Basic level includes proxy, gateway, DHCP and domain name system details and addresses, MAC addresses (and whether or not MAC address randomization is turned on). Device properties, also accessed at the Basic level include not just the OS version and edition but also subscription status, processor, firmware, memory, storage and battery information, as well as whether the system is a virtual machine -- even the color and form factor of the hardware in use.

At higher levels, much more data is accessed. For example, the browsing, search and query data that is collected can include most interactions using Microsoft browsers, including queries entered into the address bar and the search box, text chosen for an Ask Cortana search, URLs visited (including search terms) and more.

Windows 10 telemetry stream options are controlled using the Privacy option in Settings under the Group Policy option, or through mobile device management. While Microsoft does not recommend turning off telemetry entirely, that option is also available.

Next Steps

Find out more about how Windows 10 data collection improves the user experience

Learn about five often overlooked Windows 10 security risks

Read about three basic tips for Windows 10 security

Dig Deeper on Data privacy issues and compliance

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

How do you feel about Windows 10 data collection now that details on Windows 10 telemetry have been released?
So even the lowest level of collection is still too much data. Using that data, Microsoft can easily identify you as a person, find your location, and who knows what else. Wouldn't be surprised if eventually they install secret keyloggers. That's why I switched from Windows 7 to Linux (Debian). I can figure out exactly what's going on.
I'm using Fedora 25 right now, and it seems like a very polished version of Linux.
i think the data collection is a great idea.  it is the final nudge i needed and now im using linux and dont have any windows machines.  good job microsoft, have you not been paying attention to the privacy debate at all?
Spot on assessment of what is probably happening to a lot of people. I am dual booting between Windoze 10 and Fedora 25 right now. Usually going into Linux most of the time. I have been using Micro$oft products since DOS 2.1, but will never use any future products from them.
If MS enabled a microphone on my computer and transcribed my utterances when using Win10, it would have to be labeled NSFW. My use of Linux has reduced my requirements for hypertension medication significantly. On the otehr hand, it would be nice if MS would use all that data to fix all Win10s quirks and annoyances,
In my not so humble opinion, this amount and type of data that is collected has gone far over the line. No OS developer needs this much data to improve their product. I have been wobbling on going back to Windows 7 from 10 for a while now, but think it would be far better for me to just commit to a Linux distro like Fedora instead. Micro$oft has finally shot themselves in the foot, as far as I'm concerned.
I have all telemetry shut off to MS. Windows update is off. Cortana, Defender and Edge are uninstalled and I use Destroy Windows Spying which shuts off all access to MS in the hosts file. No spying here. Along with a VPN, my machine is safe and snug.
Why does any computer software and hardware manufacturer think that they have the legal right to have or own the personal data of a computer user? Is the user an employee of the manufacturer?

I think not.

I have news for Microsoft. I use the software, but you don't own me.

My entire business model is to get computer users off the "cloud."

Half of the IP addresses Win10 uses are shared by the NSA. After I wouldn't update to Win10, MS unleashed code that caused my drive to read write so much it fried the drive. Please Google how many people whose computers were destroyed by Win10 Upgrades. Although I had to buy a new HD and reinstall everything, I will never ever go to another Win system. That was the last straw. I also have read there are DLL's installed now that bypass your host files and any type of Windows firewall - Bill Gates Gang. So there is 0 (ZERO) privacy in your windows system.
It seems Windows 10 telemetry data may be moving users to Linux -- is it really safer? Does the improvement in privacy outbalance any additional risks/exposures of using Linux?

And what about Mac / ChromeOS?

Are Apple / Google to be trusted any more (or less) than Microsoft on data gathering?