Windows 10 is under attack over default settings which users say compromise their privacy, just days after the operating system’s successful launch saw more than 14 million installs in the first 24 hours.
Hundreds of commenters on sites such as Hacker News and Reddit have criticised default settings that send personal information to Microsoft, use bandwidth to upload data to other computers running the operating system, share Wi-Fi passwords with online friends and remove the ability to opt out of security updates.
Many of the complaints relate to the new personalised adverts embedded inWindows 10. When the OS is installed, Microsoft assigns the user a unique advertising ID, which it ties to the email address registered with the company. That email address is also associated with a raft of other services, such as the company’s productivity and communication programs, as well as app downloads and cloud-storage uploads.
Using that information, Microsoft is able to personalise ads to the user, during both web surfing and, for newer apps downloaded from the Windows Store, app usage. Microsoft itself is leading the way on that front, even turning the in-built version of Solitaire (the card game that has been a staple of Windows installations since 1990’s Windows 3.0) into a freemium game, complete with unskippable video adverts.
Elsewhere, Windows 10 also harvests user information in order to teach the built-in personal digital assistant Cortana, Microsoft’s answer to Siri. To enable Cortana, the company says, it “collects and uses various types of data, such as your device location, data from your calendar, the apps you use, data from your emails and text messages, who you call, your contacts and how often you interact with them on your device”.
Users are given the option to opt out of most of the data collection, but critics say that that isn’t enough. Alec Meer, of gaming website Rock Paper Shotgun, says: “Microsoft simply aren’t making it clear enough that they’re doing this, how it might affect you and how to opt out – despite chest-thumping, we’re-all-chums-here talk about how ‘real transparency starts with straightforward terms and policies that people can clearly understand’.
“There is no world in which 45 pages of policy documents and opt-out settings split across 13 different Settings screens and an external website constitutes ‘real transparency’.”
Others have criticised the company for a seeming get-out clause in its terms of service, which allow it to share user data based on nothing more than a “good faith” belief that doing so is required to comply with law enforcement, “protect our customers”, secure the company’s services, or “protect the rights or property of Microsoft”.
The European digital rights organisation (EDRi) sums up the company’s 45 pages of terms and conditions by saying: “Microsoft basically grants itself very broad rights to collect everything you do, say and write with and on your devices in order to sell more targeted advertising or to sell your data to third parties.”
In many ways, however, Windows 10 is merely moving closer towards what has become the new normal thanks to mobile operating systems. Both Siri and Google Now require access to the user’s personal information to personalise responses, while both Apple and Google offer developers the ability to deliver personalised ads to users based on information such as app installs.
And some of the criticised settings may turn out to be a net positive for all concerned. Users have attacked Windows 10 for only offering two settings when it comes to Windows Update: either install and restart immediately, or install and ask permission to restart. The option to not install updates does not appear to be present on the base version of the OS. But that decision chimes with the advice of security experts, who say that the number one thing for staying safe online is to install every security update immediately.