• Does Windows snooping break data privacy laws?

    Posted on March 14, 2016 at 10:34 CDT by Comment in the Forums

    I received a very well-considered question from DB:

    Mr. Leonhard,

    I just read your article about the forced Windows 10 update on InfoWorld. I also see that you have published other work on Windows 10. I have a question that I have been unable to get answered, even after asking Microsoft directly. I’m hoping you can assist me.

    I am a college instructor. As such, I am bound by college policy and federal law to maintain the privacy and security of my students’ personal and educational data. This includes obvious things like their home addresses and phone numbers, but it also includes their grades, communication about missed classes and even which classes they are currently taking.

    I use my personal computers to log into my college email, my learning management system (where grades are recorded) and to create my own files for assignments, projects, and general record keeping that is the constant side-task of any teacher. My college runs Windows 7 on campus currently. I have multiple laptops running multiple OSs but I am reluctant to upgrade to Windows 10 because I have not yet been assured that Microsoft will not collect data from my daily usage that could compromise my adherence to FERPA (the HIPAA laws for education).

    I’ve read plenty of articles that describe Microsoft’s data collection ranging from benign to outrageous, so I posted directly to their own forums asking if Windows 10 collects data that violates FERPA. I received a response, however the technician seemed to think I was asking about firewalls and malware. Even after restating my question, no response from Microsoft was forthcoming.

    I do have access to the enterprise version of Windows 10 and I know some things can be disabled, but then I read something about data still being sent, despite disabling anything and everything to do with this process. Can you help me figure out if I can actually safely and securely use Windows 10 when I am dealing with student data?

    Thank you for your time.

    My response:

    I’ve seen lots of evidence that Microsoft is snooping more in Win10 than it was in Win7 — and I’ve seen ancillary evidence that it’s snooping more in Win7 than it used to.

    But the people who report on the traffic between Windows and Microsoft’s servers suffer from one manifest flaw: They have no idea what’s being sent. Microsoft encrypts the data, and nobody’s been able to decode it.
    That’s good, mind you. Any harvested data flowing from your computer to the outside world should be encrypted.
    Even though the data’s going out, I’ve seen no evidence that it’s being misused. And I certainly haven’t seen any evidence that it’s being used in a way that would violate HIPAA (or FERPA).
    Can I guarantee that Microsoft’s methods don’t break the law? No. But it seems highly unlikely.
    Windows News , ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.