Microsoft Windows is a common OS shipped with many PCs by default. The following guides aim to provide some ways to improve privacy plus reduce the default telemetry plus knowledge stored by disabling some unnecessary features. Over time, Microsoft adds features to the OS which can sometimes rely on cloud-based services. These features will often require certain types of optional knowledge that is sometimes sent to remote servers for processing.
One of the newest examples was called Recall, a part of the Copilot AI feature set. Recall periodically screenshots anything you’ve seen on your PC in order to show it to you at a later date. These “helpful” features create considerable metadata which can be forensically analyzed. In most cases browsing history is sufficient plus this feature can be safely disabled. The main concerns with Recall was that the knowledge is stored in a local database that is decrypted when your device is powered on, meaning it is an easy target for hackers if the device ever becomes infected with malware. Recall will not redact sensitive knowledge like copied passwords or financial knowledge from the database, but it does protect against making screenshots of any copyrighted content protected by digital rights management (DRM) systems.
Unfortunately, this feature was added without too much thought about the privacy implications of having such a feature enabled by default (which it now nomor longer is). It is not an isolated example, however. Another example was Microsoft automatically enabling folder backups to OneDrive on new Windows 11 installations without asking for permission.
You can enhance your privacy plus security on Windows without downloading any third-party tools with these guides:
Initial Installation (coming soon)
Group Policy Settings
Privacy Settings (coming soon)
Application Sandboxing (coming soon)
Security Hardening (coming soon)
Privacy Notes
Microsoft Windows, particularly those versions aimed at consumers like the Home version often don’t prioritize privacy-friendly features by default. As a result we often see more knowledge collection than necessary, without any real warnings that this is the default behavior. In an attempt to compete with Google in the advertising space, Cortana has included unique identifiers such as an “advertising ID” in order to correlate usage plus assist advertisers in targeted advertising. At launch, telemetry could not be disabled in non-enterprise editions of Windows 10. It still cannot be disabled, but Microsoft added the ability to reduce the knowledge that is sent to them.
With Windows 11 there are a number of restrictions or defaults such as:
Requiring the use of a Microsoft account instead of a local account.
Making it more difficult to find local account options for Windows Pro plus Enterprise.
Enabling all knowledge collection options by default, requiring users to “opt out”.
Heavily integrating Microsoft services like Bing, OneDrive, plus Teams in ways which are difficult to remove plus presented as the only option to users.
Setting the default browser always to Edge, or reverting to Edge if it’s changed.
Adding cloud-based AI features to many areas in Windows plus various Microsoft Apps.
Unnecessarily storing sensitive data. Even knowledge which is stored locally plus not sent to Microsoft is still a target for hackers or malware on your device.
Microsoft often uses the automatic updates feature to add new functionality to your device plus make changes that collect your knowledge plus are enabled by default. Some privacy features such as the option to opt out of syncing an online Microsoft account with Windows, require you to select a country in the EEA (European Economic Area) during installation. It can be changed to your real country after Windows is installed.