Windows 10's 'built-in keylogger'? Ha ha, says Microsoft – no, it just monitors your typing
YOU said it was OK when you installed that Technical Preview
Don't want Microsoft tracking you online and collecting data on your computing habits? Then you probably shouldn't install the Windows 10 Technical Preview, Redmond says.
Turns out these Chicken Littles were right – sort of – but according to Microsoft they should have known about the data collection from the get-go, because they agreed to it.
"With Windows 10, we're kicking off the largest ever open collaborative development effort that will change the way we build and deliver Windows," a Redmond spokesperson told El Reg in an emailed statement. "Users who join the Windows Insider Program and opt-in to the Windows 10 Technical Preview are choosing to provide data and feedback that will help shape the best Windows experience for our customers."
And sure enough, although Microsoft isn't providing detailed information about what it's monitoring and how, the red flags for privacy freaks are all there in the legalese everyone breezed through before downloading the preview.
That explicitly includes "personal information," the terms go on to say, and Microsoft might even contact program members with additional information that is personalized just for them.
The program's Privacy Statement gives a few hints about what kind of stuff Microsoft is looking for. Redmond reserves the right to collect such info as, "your name, email address, preferences and interests; browsing, search and file history; phone call and SMS data; device configuration and sensor data; and application usage."
The Technical Preview also phones home with data about the files you open and "performance or usage information," including what program features you use most often and how long the system takes to respond to clicks.
And then there's this gem, which is the one that got everyone moaning about keyloggers:
[When you] enter text, we may collect typed characters and use them for purposes such as improving autocomplete and spellcheck features.
Microsoft hasn't said just how many of those typed characters it might collect or how often, but this is in fact something that the Windows 10 Technical Preview might do.
Does this mean Microsoft is planning to use Windows 10 to swipe everyone's online banking passwords? The chances are slim to none – although if you do your online banking on a prerelease test version of Windows with an experimental build of Internet Explorer, you deserve what you get.
Microsoft does, however, seem to be getting more aggressive about the kind of user experience data collection it has been building into prerelease versions of its flagship products for several years now. (Remember all the user data that Redmond said went into crafting the Office Ribbon UI? Where do you suppose it came from?)
How much of this data-collection the shipping version of Windows 10 will do remains to be seen.
"As we get closer to a final product, we will continue to share information through our terms of service and privacy statement about how customer data is collected and used, as well as what choices and controls are available," Microsoft told The Reg.
For now, though, bear in mind that when you fire up the Windows 10 Technical Preview, you are definitely being watched. But you knew that. ®
- Internet Explorer
- Microsoft 365
- Microsoft Build
- Microsoft Edge
- Microsoft Office
- Microsoft Surface
- Microsoft Teams
- Office 365
- Patch Tuesday
- Privacy Sandbox
- SQL Server
- Visual Studio
- Visual Studio Code
- Windows 11
- Windows 7
- Windows 8
- Windows Server
- Windows Server 2003
- Windows Server 2008
- Windows Server 2012
- Windows Server 2013
- Windows Server 2016
- Windows XP
- Xbox 360