Security

Windows 10 user data collected by Microsoft must be protected at all costs

New tools from Microsoft reveal what data the company collects from Windows 10 users. But the question remains: What is Microsoft doing to protect that data once it has it?

gintas77istock-848873704.jpg

Image: iStock/gintas77

For enterprises operating in the modern business world, data—more than mere currency—is their most valuable commodity. Every business transaction, every measurement, every communication generates data that enterprises can collect, collate, and analyze to reveal patterns and information that produce more opportunities and eventually more profits. We are living in the data economy era.

Of course, this free-flowing collecting and sharing of data raises red flags with regard to privacy. What data is being collected, how it is used, and who has access to it are all valid questions that enterprises should be able to answer, but often can't or, even worse, won't.

To reduce some of the criticism it has received in the past, Microsoft announced in January 2018 that it was releasing a new Windows Diagnostic Data Viewer and Privacy Dashboard with the next version of Windows 10. Members of the Windows Insider program can check out the Windows Diagnostic Data Viewer in preview mode now.

While we can acknowledge the benefits of Microsoft's effort to add transparency to the data it collects on Windows 10 users, in the grand scheme of things, reducing data privacy concerns is not going to be nearly as important over time as protecting data from unauthorized access.

SEE: Data Protection Policy (Tech Pro Research)

Protection versus privacy

Don't get me wrong. Microsoft's providing tools that show what data the company is collecting from Windows 10 users and how it's using that data to "improve" the operating system is helpful and should be embraced and encouraged. However, for all intents and purposes, we have sacrificed our expectations of privacy for the convenience of an up-to-date, and safe as it can be, Windows 10 operating system. More transparency with regard to that loss of privacy will be helpful.

aprivacy-2-1024x812.jpg

Image: Microsoft News

The more important question we should be asking Microsoft is what it's doing to protect our data from malicious and unauthorized access by individuals and organizations with criminal intent. Every enterprise collecting data, regardless of whether it is classified as sensitive, has an obligation and a responsibility to protect that data. Weak excuses about costs or resources or whatever else when a data breach happens should not, and will not, be tolerated.

Nowhere in Microsoft's blog post announcing these new tools does it mention what protection measures are being taken to safeguard this data. In fact, the post uses what it calls Data Privacy Day as the backdrop for the announcement—only that is not the whole story.

Sponsored by the Council of Europe, January 28th is an annual event known as Data Protection Day. According to the website, on this date, governments, parliaments, national data protection bodies, and other actors carry out activities to raise awareness about the rights to personal data protection and privacy. Privacy Day, on the other hand, is the terminology used outside Europe for this event, which is a shame since protection carries much more gravitas.

SEE: IT pro's guide to effective patch management (free TechRepublic PDF)

Bottom line

While Microsoft's announcement of new tools to help users, admins, and enterprises track what data the company collects regarding Windows 10 usage is good news, it does not go far enough. Regardless of whether we wanted to, the concept that our data is private has been forfeited for the sake of convenience.

Microsoft, and every other enterprise for that matter, has an obligation to protect every scrap of data collected from users. Some transparency tools to explain what procedures, protocols, and resources are being applied to data protection would be appreciated. We have a right to know.

Also read...

Your thoughts

Europe seems to be focused on protecting data. Should the rest of the world follow its lead? Share your thoughts and opinions with your peers at TechRepublic in the discussion thread below.

About Mark Kaelin

Mark W. Kaelin has been writing and editing stories about the IT industry, gadgets, finance, accounting, and tech-life for more than 25 years. Most recently, he has been a regular contributor to BreakingModern.com, aNewDomain.net, and TechRepublic.

Editor's Picks

Free Newsletters, In your Inbox