Updated A feature introduced in the April 2018 Update of Windows 10 may have set off a privacy landmine within the bowels of Redmond as users have discovered that their data was still flowing into the intestines of the Windows giant, even with the thing apparently turned off.
In what is likely to be more cock-up than conspiracy, it appears that Microsoft is continuing to collect data on recent user activities even when the user has explicitly said NO, DAMMIT!
First noted in an increasingly shouty thread over on Reddit, the issue is related to Activity History, which is needed to make the much-vaunted and little-used Timeline feature work in Windows 10.
Introduced in what had previously been regarded as one of Microsoft’s flakiest updates – prior to the glory of the October 2018 Update, of course – Timeline allows users to go back through apps as well as websites to get back to what they were doing at a given point.
Use a Microsoft account, and a user can view this over multiple PCs and mobile devices (as long you are signed in with that same Microsoft account). The key setting is that “Send my activity history to Microsoft” check box. Uncheck it and you’d be forgiven for thinking your activity would not be sent Redmondwards. Right?
Except, er, the slurping appears to be carrying on unabated.
The Redditors reported that if one takes a look at the Activity History in the Privacy Dashboard lurking within their account, apps and sites are still showing up.
The fellows over at How To Geek have speculated the issue may be something to do with Windows’ default diagnostic setting, which is set to Full and will send back app and history unless changed to Basic. Of course, Windows Insiders have no option but to accept Full, although a bit of slurping is likely to be the least of their problems.
A thread at TenForums has also provided a guide to turning the thing off, ranging from tinkering with Group Policies through to diving headlong into the Registry. Neither are options likely to appeal to users who would expect that clearing the “Send data” box would stop data being sent.
Deliberate slurpage, or a case of poor QAand one team not talking to the other aside, it isn’t a great look for Microsoft and users are muttering about potential legal action. Privacy lawyers will certainly be taking a close look – after all, the gang at Redmond are already under scrutiny for harvesting data and telemetry from lucky users of Windows 10.
Google has been on the receiving end of a sueball for slurping location data from user’s phones and providing an over-complicated way to turn off the “feature”.
It is all a bit of a mess and has left users unsure of what is being collected and when. We have contacted Microsoft to find out how it plans to deal with the situation (ideally before 2018’s privacy bogeyman, GDPR, makes an appearance) and will update if a response is forthcoming. ®
Update 13 December 16.45UTC
Microsoft got in touch to insist it is committed to privacy and transparency, but admitted there is indeed a bit of naming problem, with “Activity History” cropping up in both Windows 10 and the Microsoft Privacy dashboard.
Marisa Rogers, Privacy Officer at the software giant, told us: “We are working to address this naming issue in a future update.”
The slurpage collection is of course for your benefit and Rogers added that users have “controls to manage your data.”
Customers who viewed this item also viewed
Breaking down the Marriott data breach
Hackers Data Breach Equifax For 76 Days Before Being Discovered
The 21 biggest data breaches of 2018
Quora Website Data Breach Hits 100 Million Users
Facebook exposed up to 6.8 million users’ private photos to developers in latest data leak
Windows 10’s Built-in Antivirus Is Getting A Massive Upgrade
Goodbye to Edge: Microsoft is building a new, faster browser