Microsoft’s Windows 10 security improvements have had people become critical of the company’s network security efforts. Users have become concerned about corporate spying. According to Microsoft, they are not collecting users’ personal data. Instead, they anonymize file data that is used to enhance the comprehensive experience of users and Windows functionality. The company has also promised to release more updates to the operating system more regularly and that telemetric data will be used to understand how people are actually using Windows and the applications.
More data means more security for Microsoft. They use the data to toughen up their threat protection. The collected information is used to improve different components in Windows Defender. It employs real-time protection to scan everything that is downloaded or run on the PC. Then the information from these scans gets sent back to Microsoft to be used as protection enhancements for everyone.
Basic, Enhanced, and Full are the three levels of telemetry that administrators can choose from in Privacy Option Settings. Full is set as a default for both Home and Pro. Enhanced is set as a default for both Enterprise and Education. Basic is the least level of telemetry a user can choose. Through group policies though, not via Settings, Enterprise and Education editions have the option for the fourth level of telemetry called Security. This level sends the least data back to Microsoft and is available to admins only. It collects enough technical data about Windows’s Connected User Experience and Telemetry component settings, the Malicious Software Removal Tool (MSRT), and Windows Defender to maintain the security of Windows, Windows Server, and System Center.
Microsoft claims that they try to avoid gathering personal information, but it can still happen. One example would be crash dumps that can hold contents of a certain document that was in memory at the time of the crash.
Windows 10 telemetry does not intentionally collect functional data like a user’s location. The application may collect said data, but not the Windows 10 operating system.
In terms of privacy, IT organizations can generally find a telemetry level they’re comfortable with without sacrificing Windows’ core security.