Skip to main content

One thing Microsoft didn't discuss: Windows 11 privacy

Windows 11 Haxxor
Windows 11 Haxxor (Image credit: Windows Central)

One of the recent and more interesting marketing pivots Apple has done in recent years has been to bang the drum about privacy. I'm not naive enough to think Apple actually cares about its customer's privacy, but it is an incredibly powerful marketing tool either way. By attacking ad-driven business models and hard-baking privacy tools into iOS, Apple preys upon people's fears that Android isn't secure, and isn't private. By proxy, Apple is claiming that iOS and iPhone is the solution, against a backdrop of companies like Facebook, who play fast and loose with customer data.

Even if Apple is exploiting the fears for cynical reasons, the end results for the user are still a good thing. In our heavily connected, heavily surveilled world, anxiety about government and big tech overreach is at a fever pitch. And Microsoft has increasingly fallen on the wrong side of this argument.

At the Windows 11 event yesterday, Microsoft had an opportunity to meet some of these concerns, founded or not. Yet, it chose not to. As more and more of us become aware of how our data is being used and abused, Microsoft's marketing department effectively gave Apple another tool to attack Windows.

Android apps, forced Microsoft accounts, telemetry, oh my

Windows 11 Android Store

Source: Microsoft (Image credit: Source: Microsoft)

I realize I'm playing into Apple's messaging by writing this article, but for the average privacy-concerned user, there are plenty of reasons to be skeptical about Windows 11 already. Microsoft has already been criticized extensively for the amount of data Windows 10 feeds back to the company, and it looks as though Windows 11 will continue the trend.

In Microsoft's Windows 11 blog post, the word "privacy" doesn't appear once in the copy, which doesn't exactly bode well for its messaging. Windows 11 will force users to use a Microsoft Account in its free Home Edition, which already speaks of a business model where your data is the monetization engine. Even if you're using the world's best VPN, it's not exactly going to protect your data from going directly to Microsoft if you're signed in. Apple has been keen to highlight how "free" services like Facebook are free only because you are the product being sold, and Windows 11 doesn't do anything to waylay these fears.

Source: TwitterTwitter users weigh in on Windows 11 privacy matters. (Image credit: Source: Twitter)

Microsoft is also enlisting another doubted tech giant, Amazon, to bring Android apps to Windows 11. Amazon is under heavy scrutiny already for the way it treats its workers among other things, but combining this with Android adds another layer of concern. Android is oft-painted as an insecure, privacy-apathetic platform. True or not, the prospect of an Amazon-fronted Android subsystem in Windows 11 compounds data fears.

Will Amazon start using my Windows 11 habits and browsing history to target psychologically exploitative ads at me? Will installing TikTok on Windows 11 give it access to my file system and contacts? Will Microsoft Teams shell integration be used to build a profile on me and my friends? It might seem paranoid, but these are legitimate questions that Microsoft hasn't addressed.

You need only jump into any random Twitter or Reddit thread to find examples of people worried about Windows 11 in a privacy context. If the fears are unfounded, Microsoft hasn't done a good job of waylaying them. But that's just it — are the fears founded?

Does Windows 11's privacy tools go far enough?

Microsoft Account Privacy

Source: Microsoft (Image credit: Source: Microsoft)

Since Windows 11 will essentially require a Microsoft account for most users, data harvesting is part of the package. Microsoft always says this is to enhance the user experience, and on the face of it that certainly seems to be true. In Windows 11, you'll be able to continue editing cloud files per its algorithmically populated "Recommended" section in the new Start Menu. Your browser history will sync between Edge on PC and Edge on mobile, as it already does. Your Skype and Teams conversations will sync as you'd expect too, and your Windows 11 features will migrate to new PCs if you upgrade.

Microsoft provides a privacy dashboard on its account website to help you manage your search and browser history, as well as the information Cortana has on you (for all three people who actually use it). You can clear your location history, and manage your app data too.

Microsoft Privacy Settings

Source: Windows Central You can manage your privacy settings via the Windows 10 settings, but does it need to default to on? Why isn't there a "reject all" setting? I feel like this could be made a lot easier to use. (Image credit: Source: Windows Central)

I'd argue that this dashboard doesn't go far enough in terms of letting you manage all of your privacy settings from a single place. Some of these have to be toggled using the Windows 10 settings menu, and can't be blocked via the web privacy dashboard. Digging through each individual setting to figure out which privacy settings do what is relatively complicated, and the privacy section in the Windows 10 settings menu doesn't even include everything you'd need to properly manage it.

A large amount of the features and apps in Windows 10 already dial home to Redmond, feeding diagnostics data and other information to the company. I've written before about how telemetry over old-fashioned QA has sucked the human touch out of Microsoft's design practices, but that's another matter entirely. Is Microsoft's harvesting of this data justified? Is it really necessary? Does it enhance the end-user experience? If so, how? Otherwise, it just feels like more bloat that can be used for marketing purposes.

A changing digital landscape

Source: Daniel Rubino / Windows Central (Image credit: Source: Daniel Rubino / Windows Central)

Windows 11 in some ways is the anti-Apple OS. Microsoft used words like "democratization" and "creator sovereignty" to describe its approach to development on the platform. Microsoft will take an unprecedented 0% cut from its app store for companies bringing in their own monetization vehicles, while matching the Epic Game Store's industry-leading 12% for games. On iOS, Apple takes a rather huge cut from its creators and developers, on top of its already lucrative hardware margins.

Privacy advocacy should be the default position, especially in a world where companies like Facebook have willfully failed repeatedly to protect customer data.

Apple shouts about privacy to paint itself as some kind of hero, but the way it price gouges its devs, selectively enforces its monetization rules, and stifles competition by banning services like Xbox Game Pass speak in opposition. Whether Apple is exploiting privacy fears cynically for marketing or not is irrelevant: Privacy advocacy should be the default position, especially in a world where companies like Facebook have willfully failed repeatedly to protect customer data, with minimal penalties or consequences.

Microsoft and Apple should stand shoulder to shoulder on privacy. I think Microsoft's inability to address privacy yesterday was either worryingly tone deaf, or worryingly intentional. If I were Microsoft's marketing department, I would take a look at how to address this potential concern before Apple or other competitors start exploiting it before Windows 11 even gets a chance to get out of the gate.

On a personal level, I'm completely apathetic to privacy stuff at this point. I've been using all of these apps and services for years, to the point where I've just sleepwalked into acceptance of a life without digital privacy. I don't really have anything to hide, but to some degree it's beside the point — it's a moral, human rights issue.

Jez Corden is a Senior Editor for Windows Central, focusing primarily on all things Xbox and gaming. Jez is known for breaking exclusive news and analysis as relates to the Microsoft ecosystem while being powered by caffeine. Follow on Twitter @JezCorden and listen to his Xbox Two podcast, all about, you guessed it, Xbox!

21 Comments
  • "Microsoft always says this is to enhance the user experience, and on the face of it that certainly seems to be true." Really?
    'cause I've NEVER seen my user experience being improved, despite the data harvesting.
    In fact, if anything, I've seen it being made worse and worse. Even the useless Feedback Hub doesn't produce a single result. "Apple shouts about privacy to paint itself as some kind of hero, but the way it price gouges its devs, selectively enforces its monetization rules, and stifles competition by banning services like Xbox Game Pass speak in opposition." True.
    On the other hand, Microsoft has been trying to shove their services down Windows users as well and I don't see much complaints about it. They shove a ton of ads into their console's UI, they shoved a weather and propaganda tool in the taskbar without asking, they plaster banners in the settings app to try to get you to use Edge AND that sh*tshow known as Bing; they built the Xbox Game bar into the OS even if I'm ready to bet most Windows users don't use it or want it), they try to sell you the Microsoft 365 rip-off whenever you set up your computer and often even after that because a huge "Get even more out of Windows" banner is constantly showing up on the Settings app...I mean, Apple's not a Saint...but Microsoft can't throw stones at them.
    Specially when one controls less than 20% of the computers worldwide and the rest pretty much belongs to Microsoft.
  • i guess they data harvested that people don't want to be able to move the taskbar..?
  • "'cause I've NEVER seen my user experience being improved"
    No offense, but going by your comments here for the last 5 years or so, you seem to be against almost everything Microsoft has done and in the minority of users. Just because Microsoft doesn't bend to your will does no mean it is not using telemetry to improve it for others.
  • Thank you. I have always find people to be always open to Apple and very critical to Microsoft even if they are doing lots of good stuff better than anyone.
  • Thank you. I've been coming to this site for a long time and no matter what, without fail, I can count on every article I read to have a negative comment from DJCBS. Every. Single. One. It's almost impressive the dedication he has to posting negative comments on every article.
  • If i was that much against the OS, I would have switched.
    (What i did, I ditched Android for iOS despite beeing not a fan of apple).
  • Thank you. For the observation.
  • "They shove a ton of ads into their console's UI, they shoved a weather and propaganda tool in the taskbar without asking", I do not see any ads in the console ui on my Windows 10 devices. Regarding the weather tool, that seems pretty normal for an OS to ship with. "they built the Xbox Game bar into the OS", an option to record seems pretty handy to me, even for non-gamers. Its the same as MacOS coming with Apple bloatware, both can be useful for some and useless for others. ""Get even more out of Windows" banner is constantly showing up on the Settings app", you can turn this off easily.
  • If you have an Xbox, it has ads in the dashboard. They're (at the moment) gaming specific but still annoying since one presumably paid for the console, so why are they then subjected to ads baked into the dashboard. Ad's they can't turn off.
  • Good to note these concerns. Although as you say in W10 at least most of the call backs to Redmond can be turned off if you choose. What is the OOBE experience for W11? Certainly for W10 OOBE there is a page that lets you turn off a lot of the reports back. Might be good to include a bit about that experience for W11 if those same options are available
  • Shall we expect another MS event before w11 public release? They actually did something bigger in this OS but seems not prepared until now.
  • I care about privacy. That said, I don't particularly mind MS getting my usage info. They are not an ad-driven company in terms of where their revenue and profits come from. This means that when they collect my data, it's to improve their products, which they sell for money. Apple and MS appear to me to be safe with my data. This is very different from Twitter, Facebook, and Google whose business models are dependent on selling their users' data to their paying customers. With those companies and others I don't recognize, I'm much more cautious what data I let them get on me.
  • That is a good point and another thing that gets to often glanced over with articles like this is how well is the data protected / encrypted? Like with Facebook we have seen quite a few times where data has leaked to third parties, while Microsoft, Google and Apple seem to at least protect the data better (though I would prefer to only send diagnostic telemetry of course).
  • LinkedIn, Outlook.com, OneDrive, Bing are ad-driven or partially ad-driven. Those are huge portions of Microsoft. Windows is not ad-driven by itself but it is not clear that it can stand not to be ad-driven for consumers in the future and it is at least partially ad-driven at the moment by promoting those services.
  • That ad revenue pales in comparison from that compared to google (8 vs 150 billion), came across this video recently that clearly shows it (at 2:57): https://youtu.be/LTbmEA0nEyc?t=177 Considering MS is a behemoth, this is peanuts for them.
  • It is hard to go into extensive research and explanation, but basically you miss many things:
    - you use only Bing revenue, LinkedIn revenue is at least as big and there other ad revenues mentioned above that are much smaller but could add up to 1 billion more. So Microsoft's ad revenue is still significantly smaller but not THAT smaller
    - as Microsoft has paid 20+ billions for LinkedIn it seems that it is seriously interested in ad businesses, that is by far its largest acquisition ever.
    - technically by having the access to both personal (LinkedIn) and activity (Bing, Outlook, OneDrive) data, Microsoft is in a position to collect much more data about users than its competitors.
    - even Google frequently discusses on the limitations it puts on the data collection and tools people may use to further limit this. The only two companies that collect data and are silent about this are Microsoft and Facebook. At this point it is reasonable to assume that Google collects overall more data than Microsoft for various reasons. But saying that Microsoft is completely harmless and reliable is far from true. It would be more correct to say that it is 'nearly there'.
  • I'm sorry this article does feed into the privacy scare. Yes MS should be more open to their privacy processes (without you having to dig for the info) but imo they are really good and well documented. Fundamentally it boils down to this MS takes the data that you chose send to them (yes it's a choice and you have a full array of options you can disable during the OOBE both during initial install and after feature updates which the author neglected to mention), it already is depersonalized, and sends it through the vortex which further strips out any data that is specific to the machine such as file paths, the usernames, etc. and discards it. The only real data they see is mainly heuristic and trend data. Now this does change when you try to do online troubleshooting (and it warns you) it will send diagnostic data to MS but this still stripped down data only used for troubleshooting purposes and is generally depersonalized it also gets deleted as soon as the troubleshooting is over. Now you may be wondering why Microsoft is pulling all this data? 90% of it is to protect users it goes to the threat intelligence team to find malicious issues and fix them before they become a thing. It also is used to track problems and bugs with the software and get teams working on fixes asap. This is a general development practice for devops processes and pretty much every app or service out in the world nowadays does the same thing (yes Apple included no matter what they say). It is to help find issues and get them fixed pronto before the end user reports them. Honesty if you want privacy this day and age the only way it's going to happen is if you put on your tinfoil hat and go live in the woods without any connection to the internet whatsoever. One problem I find about this site is that yes they do a great job reporting stuff coming, high level articles, or simple how tos, but the don't get into the weeds on things they report and it gives the user the wrong impression sometimes especially with articles like this. I know they talk to ms engineers I've seen them at Ignite and such but sometimes deep diving into things helps explain them better and can turn an article from click bait to something actually informative. I know you all are smart people at WC do a bit better with stuff like this (Also create an enterprise section for enterprise/business MS news)
  • "Even if you're using the world's best VPN, it's not exactly going to protect your data from going directly to Microsoft if you're signed in. Apple has been keen to highlight how "free" services like Facebook are free only because you are the product being sold, and Windows 11 doesn't do anything to waylay these fears."
    , I think you mention here that Apple also requires an online account for ipads etc, so the same could be said about Apple here. I do not really mind an online account since you can just make a dummy one either way. Also what Annullator here above said.
  • I wish you were more specific but your concerns. Why throw out your worries when you could go find out for sure? Then tell us! I'm not so worried about Microsoft scrapping data because they are first an enterprise company, and no big company would put up with such stuff. I could be wrong, but enterprises have the money ability and interest in strong progress privacy, stability and security.
  • I understand the fear, with privacy a huge thing nowadays, especially after all the scandals (ahem Facebook).
    But Microsoft is literally not an ad driven company. All most all of their income is from business services, Windows, hardware ect.
    Last time I looked, 80 % of Google’s income came from advertisement, aka all your personal data being sold. These fears of Microsoft collecting user data are not justified lol.
  • No privacy at all
    It is everywhere and no way to keep your data private anymore, yet is doable but for pro users, normal ones would not go throw all the setups and tricks to keep them away. Anyway, most of us not doing anything bad really, but it is a human right which we deserve and you never know when someone will use it badly against you.