So far, so good. If the early reports prove accurate, it appears that the rollout of Microsoft's (NASDAQ:MSFT) new Windows 10 operating system (OS) has been a success. This shouldn't come as much of a surprise given that Windows 10 is a free upgrade for existing Windows 7 and 8.1 OS owners, and has been met by mostly positive reviews from users and industry pundits alike.
As with any new OS introduction, there have been some hiccups along the way, and there will likely be a few more as users continue to board the Windows 10 train. That's to be expected.
However, the scuttlebutt making the tech industry rounds suggesting that Microsoft may be surreptitiously collecting user data, despite disabling features, would open up a whole new can of worms as privacy concerns grow. Microsoft need look no further than the search giant formally known as Google (NASDAQ:GOOG) (NASDAQ:GOOGL)-- now Alphabet -- for a first-hand look at privacy-breach backlash.
What's the big deal?
Microsoft had already felt some user angst relating to privacy thanks to its Windows 10 default settings. For example, as is often the case with operating systems, unless a user specifically turns off automated updates, Microsoft's default settings will download new, and ostensibly improved, "features to Bing search, such as new visual layouts, styles and search code." This is more of a nuisance for folks not interested in updates or new features, rather than a security issue.
However, the tech gurus at Ars Technica recently completed some testing that it claims demonstrates Windows 10 sends and receives usage information even after specific features have been disabled. For example, if a Windows 10 user disables Cortana, most would assume that would put an end to the back-and-forth with Microsoft -- at least as it pertains to Cortana-related information. Turns out, maybe not.
A little more disturbing was the testing of Microsoft's OneDrive cloud-storage solution. Even after disabling its cloud-storage service, research indicated Microsoft has a dedicated server that appears to utilize OneDrive and other services to transmit Windows 10 data usage.
Microsoft notes that: "No query or search usage data is sent to Microsoft, in accordance with the customer's chosen privacy settings. This also applies to searching offline for items such as apps, files and settings on the device." And that appears to be the case. However, perhaps most disturbing -- at least until Microsoft truly clears the user security air -- is that the testing noted that a Windows 10 device ID is included when the web is accessed for information, even after disabling the feature.
Does it really matter?
Google's ongoing security concerns, including attention from government regulatory bodies from around the world, would seem to indicate that Microsoft has little to worry about regarding Windows 10 and security, either real or imagined. Despite years of ongoing consternation from both users and governments, Google seems little phased by its security "flaws." Data security questions certainly haven't hurt Google's stock price.
Google has long tracked users' online activities. In large part, its ability to amass and utilize all that data is why Android is so valuable, despite Google giving it away. Perhaps tracking and using consumer data has simply become a fact of life in a digital world we've come to accept, like it or not. Google and Microsoft are hardly the only companies tracking and using "secure" data.
As Ars Technica researchers point out, much of the data traffic from Windows 10 -- whether a service has been disabled or not -- is fairly tame. And based on the estimated 53 million Windows 10 downloads Microsoft already has enjoyed just three weeks after its introduction -- earning it nearly 5% of the OS market -- security isn't top of mind -- yet.
Microsoft should consider clarifying a few of the results from Ars Technica's Windows 10 testing, particularly those with a "suspicious appearance." These include sharing a device's ID via the Internet despite a user disabling the connectivity feature.