Windows 10 users and administrators have only one option when it comes to setting up the operating system. Previous versions of Windows 10 shipped with two – Express and Custom – but Microsoft changed the experience in Windows 10 version 1703.
This means that it is no longer required to hunt down the “custom” link during setup to get more control, and customize some of the privacy options that Microsoft added as options to the Windows 10 setup process.
The following screens are captures of Windows 10 version 1709 – The Fall Creators Update. Note that Microsoft changed the setup experience in that version, and that the screens will have different options when you install an earlier version of Windows 10.
Setup provides Windows users with control over two privacy related options.
The most important part of setup from a privacy perspective is the privacy settings screen of the setup. It lists important privacy options that are enabled by default. You may disable those during setup, or after setup when you open the Privacy hub of the Settings application.
Note that you may disable only a limited number of privacy related options during setup or first run; the privacy hub lists way more options, and it is highly suggested that you go through the listing there at least once to configure each setting accordingly.
One chapter of this book walks you through all the preferences that you find there.
The second option that users get during setup or first run is that they may set up a Microsoft account or a local account (Microsoft calls it offline account during setup) for use on the system.
This is important as well, as features may be limited to a certain account type.
Note that the following pages concentrate on privacy options only. Most screens of the setup are self-explanatory and are not related to privacy.
The Account setup page gives you two options:
- Use a Microsoft Account
- Use a local (offline) account.
I suggest you check out the comparison here (coming soon) for detailed information on local accounts and Microsoft accounts.
The core differences between local accounts and Microsoft accounts are the following ones:
- Local accounts are active on a single machine only.
- A Microsoft account may be used on multiple devices.
- Some account preferences may be synced across devices if a Microsoft account is used to sign in. This includes themes, language preferences, passwords, or Internet Explorer settings. This is enabled by default.
• Some features on Windows 10 require a Microsoft Account. This is the case for OneDrive for instance, the default file synchronization service.
- You can reset the Microsoft Account password online.
- A Microsoft Account is no longer required to download (free) Store applications if you use Windows 10 Pro or Enterprise. You still need a Microsoft account to download Store apps on Windows 10 Home.
- You may use a Microsoft account to sign up and use other Microsoft company products, especially online products.
Generally speaking, a Microsoft Account is more convenient in some regards, but it does link the account to the device and comes with data synchronization enabled by default.
Cortana is a digital personal assistant that Microsoft introduced in Windows 10. You may communicate with Cortana using speech or text, and may use it for a variety of purposes.
Some of these include running searches, setting up reminders, getting answers to direct questions (What’s the weather), reserving tables, composing emails, and a lot more.
Cortana requires access to data for that, and Microsoft “collects and uses information” for that purposes.
.. including your location and location history, contacts, voice input, speech patterns, searching history, relationships, calendar details, email, content and communication history from text messages, instant messages and apps, and other information on your device. In Microsoft Edge, Cortana uses your browsing history.
You may select the “no” option on the setup page to deny Cortana’s permissions request. You may change what Cortana is allowed to do later on as well.
The Services setup page lists all privacy related settings and descriptions of the setup process. They are enabled by default, and just some of the privacy settings that Windows 10 ships with.
Please note that you can change the status of any of the services listed on the page later on as well.
This setting determines whether applications and Windows may request access to the location of the device for functionality. Two apps that make use of location are the weather application, and Maps.
Location data is sent to Microsoft and used to improve location services according to the description. Microsoft may share location data with trusted partners for that.
- Microsoft’s location service provides location information to Windows devices using a combination of global positioning service (GPS), nearby wireless access points, cell towers, and your IP address, depending on the capabilities of your device.
- Turning on Location enables certain apps, services, and Windows features to ask for permission to access and use your location data to deliver location-aware services at as precise a level as your device supports. When your location is used by a location-aware app or service, your location information and recent location history is stored on your device and sent to Microsoft in a de-identified format to improve location services.
- In addition, if you are logged in with your Microsoft account, your last known good location information is saved to the cloud and available to other apps or services using your Microsoft account across devices. If your device cannot obtain a good location on its own (like for example in a building or basement), it can use your last known good location stored in the cloud.
- You can turn off location access and clear your device’s location history at any time in Start > Settings > Privacy > Location.
- If you have a portable device, such as a laptop, turning on location will also enable the Find my Device feature, which uses your location data to help you find your device if you lose it. For this feature to work, you must log into Windows with your Microsoft Account. You can turn this off at any time in Start > Settings > Update & Security > Find my Device.
Diagnostic data is sent to Microsoft. This includes information on browser, application and feature use, inking and typing data, and more.
Check the Telemetry articles (coming soon) for detailed information on what gets collected and sent to Microsoft. This feature cannot be turned off, but you can switch from full to basic Telemetry during setup.
- Diagnostic data helps identify and troubleshoot problems, and keep the device up to data and secure.
- The data is transmitted to Microsoft, and stored with one or multiple unique identifiers that Microsoft uses to recognize individual users or devices.
- There are two levels of diagnostic that can be set during setup: full or basic.
- Basic data is data that is vital to the operation of Windows. It provides Microsoft with information on the device’s capabilities, installed software, and if Windows operates correctly.
- Full data includes all Basic data, and information on app and browser usage, feature usage, how long apps are used, which services you use to sign in to apps, or how often Windows Help and Support is used. The memory state of the device is transferred to Microsoft at the full data level. Microsoft notes that any identifying information is removed from the typed and handwritten input data.
- Microsoft uses the data to improve products and services for all Windows users. It won’t use the data to personalize Microsoft products or services, unless you allow Microsoft to do so.
- You can adjust the diagnostic data level in Start > Settings > Privacy > Feedback & diagnostics
Windows 10 may use an advertising ID, a unique identifier, to personalize advertisement on the operating system.
Advertisement is based on application usage if the setting is enabled. If you turn it off, ads are still displayed but they are not personalized anymore using the advertising ID.
- Windows generates a unique advertising ID for each user on a device. This ID may be used by application developers and advertising networks for personalized advertisement.
- You can turn this off in Start > Settings > Privacy at any time.
Cortana, the digital assistant requires speech recognition if you want to use voice commands and interact with Cortana using voice. Similarly, Store apps may also support voice recognition and require it as well.
Voice input data is sent to Microsoft to help improve speech services. If you turn this off, you cannot communicate with Cortana or other applications using voice. This does not impact the functionality of connected microphones though.
- Windows provides both a device based speech recognition feature (available through the Windows Speech Recognition desktop app), and a cloud based speech recognition service that was introduced alongside Cortana in those markets and regions where Cortana is available.
- Turning on the Speech recognition setting allows Microsoft to collect and use your voice recordings to provide you with cloud-based speech recognition services in Cortana, supported Store apps, and over time in other parts of Windows.
- Microsoft collects information from the user dictionary as part of the service. The user dictionary stores unique words like names you write, which help users type and ink more accurately.
- Both the voice data and the user dictionary are used by Microsoft to improve the ability to correctly recognize user speech.
- You can turn off this feature at any time in Start > Settings > Privacy > Speech, inking & typing.
Tailored experiences with diagnostic data
Microsoft may use diagnostic data to display tips and recommendations to users.
- Microsoft will use some diagnostic data to “personalize your experiences with Windows and other products and services”. This includes, according to Microsoft, suggestions on how to customize and optimize Windows: and recommendations and offers of Windows features and supported apps, services, hardware, and peripherals.
- This feature powers campaigns that suggest apps to users that do things better than others, according to Microsoft. Chrome or Firefox users may get Edge recommended to them for instance.
- Microsoft may also suggest trying OneDrive for storage, or purchase more space on OneDrive, or give Office 365 a try.
◦ Full includes additional information, e.g. the use of browsers or applications.
- Tailored experiences won’t use crash, speech, typing, or inking input data for personalization.
- You can turn this off in Start > Settings > Privacy > Feedback & diagnostics.