Windows 10 shows users what data it collects and phones in
- 02 February, 2018 06:37
Microsoft last week gave Windows 10 testers a peek at an app that shows exactly what diagnostic data the company collects from customers and transmits to its own servers.
The issue of Windows 10's telemetry has dogged the operating system since its debut, with critics taking Microsoft to task for over-zealously harvesting information, for refusing to describe what data it collects, and for preventing customers from opting out.
With the release of Windows Insider build 17083 on Jan. 24, Microsoft addressed the criticism about transparency by putting an app, named "Diagnostic Data Viewer," into the hands of beta participants.
"The Diagnostic Data Viewer is a Windows app that lets you review the diagnostic data your device is sending to Microsoft, grouping the info into simple categories based on how it's used by Microsoft," wrote Dona Sarkar, a software engineer in the company's Windows and Devices group, and the spokeswoman for the Insiders program. Although currently available only to Insiders, the viewer is scheduled to appear in the next Windows 10 feature upgrade, set to launch in March or perhaps early April, and likely identified in Microsoft's yymm format as 1803.
The Diagnostic Data Viewer could be downloaded from the Microsoft Store, the authorized source of Universal Windows Platform (UWP) apps. Only those running Windows 10 build 17083 or later were able to successfully install the app.
According to Sarkar, the viewer shows "the exact data uploaded to Microsoft" and lets users search for specific diagnostic events as well as filter the events for one or more broad categories, such as "Product and Service Usage" or "Software Setup and Inventory." In the brief documentation on the app, Microsoft recommends that users turn off the viewer when they're done examining the data, as the act of collection can consume up to 1GB of storage space on the device.
Microsoft's introduction of the Diagnostic Data Viewer was an expansion of the April 2017 move that revealed more about what information Windows 10 collects. Before that, in January 2017, Microsoft made minor concessions, saying it would reduce what was collected when users selected the "Basic" setting.
But it's highly unlikely that the new app signals Microsoft will yield to its customer critics, said Michael Cherry, an analyst at Directions on Microsoft. Instead, Cherry argued, it was probably prompted by the company's continued discussions with European Union (EU) member states' officials about the impending General Data Protection Regulation (GDPR), which goes into force in May.
Under GDPR, companies must obtain explicit consent from their customers for any use of personalized information, Cherry added. "You have to give full and complete disclosure of what you're collecting, and how long you're collecting it for," he said. "And people have to opt in. That's still not a part of Windows 10."
Microsoft's motivation can be traced to GDPR and its demands, Cherry went on. "There has been no market resistance [to Windows 10's data collection] or legislation here about it, so it's reasonable to conclude that it's due to the GDPR. But whether it's sufficient will be up to them [the EU member states' data protection agencies]."
Cherry expects Microsoft to fiercely defend its telemetry practices, even as the company makes incremental concessions on secondary fronts, because the data is crucial to how Microsoft now services Windows. "Because so many people are relying on Windows Defender as their antivirus, [Microsoft] needs a certain amount of telemetry to keep that and security updates working," Cherry said. "They need to know that the latest antivirus signature has been applied. [And on security updates] they need to know how many people have applied a patch."
January's news that most processors contained vulnerabilities - identified using the nicknames "Meltdown" and "Spectre" - was a perfect example. Last weekend, after Intel had warned customers, including end users, to stop deploying firmware updates for one of the Spectre flaws, Microsoft followed suit, and issued an emergency update that disabled a previous patch for the same Spectre bug. Microsoft would be very interested in knowing how many systems had had that out-of-band patch applied to them, and diagnostic data would show the company exactly that.
"They would want to know how big the [Spectre patch] exposure was," Cherry said.
Telemetry also plays a critical part in how Microsoft rolls out each Windows 10 feature update, the twice-annual refresh that adds new functionality and may change the operating system's user interface (UI) and/or user experience (UX). "They also need telemetry for the new release cadence. We know they throttle the releases," said Cherry, referring to the practice of initially issuing an update to a small number of devices, usually those equipped with the latest drivers.
Microsoft uses diagnostic data to identify problems; it then makes fixes and expands the pool of potential recipients. "They take a long time before [a release] goes out to every machine," Cherry pointed out.
That said, Cherry praised Microsoft for pulling back more of the curtain with the Data Diagnostic Viewer. "It does change the telemetry debate," Cherry said. "Before, we were totally blind about what was collected. So, this is a step in the right direction.
"But while I feel Microsoft is moving in the right direction, it's still insufficient," Cherry asserted. Microsoft may be revealing more about diagnostic data collecting, but it does so grudgingly. "It's not quite one step forward and two steps back, but it's not a full step forward either," he said.
"I don't deny that collecting information about how the operating system fails doesn't lead to improvements in the OS," said Cherry. "I understand why they collect data. But why do they have to collect so much?"
And that's not something the Diagnostic Data Viewer can explain.