"Send typing and inking data to Microsoft to improve the recognition and suggestion platform"
"Typing data" sounds like keylogging. If it's what it sounds like, that's really emphatically not okay; that would include all passwords and the contents of all emails sent.
Would someone with actual knowledge care to chime in and say what data is actually sent? If it turns out that Windows 10 really is sending keystrokes to Microsoft by default, it seems likely to cause a significant backlash from Microsoft's business and government customers.
Based on the wording, it sounds like it's autocomplete data — "I suggested this for what they typed or handwrote, but they chose this instead."
If so, it probably wouldn't include passwords (since password fields intentionally disable this kind of feature), and it shouldn't include the full contents of emails, just telemetry on how they were typed.
But Microsoft really ought to have explanations so we don't have to guess, and they ought to know that. I'm assuming this is on their itinerary and the documentation department is just lagging.
While it would be a little reassuring to find out what Windows 10 is currently sending, you should note that as the privacy agreement sounds like keylogging, Microsoft are claiming the right to start keylogging even if they don't quite do that now.
Also, enterprise editions of Windows apparently have more opt-outs... regular editions cannot opt out of all data collection. (sorry, can't find the page that I read this on)
IE and other browsers configured to use Bing have done this for a while. I discovered it while packet sniffing for something else and seeing HTTP requests for the things I was typing in the Address Bar.
I can't say I'm surprised, though saddened, to see this elsewhere in the OS.
Anything that uses web-supported auto-complete (your browsers, for one, regardless of search engine) must do this. There's literally no other way to ask the internet "What are the possible endings/meanings of what I've typed" without providing what you've typed, letter by letter.
Text correction doesn't require hitting the web, but learning about how people make typos does require some targeted data collection (typing followed by deletion and retyping, likely)
It's important to remember that it doesn't matter what MS is doing today. What matters is what the force-updated version will do in the future. Or did everybody forget that you cannot prevent updates in this version?
Think about this... If more things forced auto-updates, we might not have been forced to support ie6 for so damn long. It's a trade off. Instant security patches, instant support for new standards, etc, all without having to worry about all of those users who just will not press that "update" button. Sounds like a pretty decent plan to me.
I would be fairly surprised if Microsoft didn't re-display TOS after each update, so feel free to keep an eye out. If you really really care about this kind of thing, then I might suggest avoiding products that are tightly integrated with private entities as a general rule.
Instant security patches, instant support for new standards, etc
...as well as instantly "brick" a significant number of machines out there. At least the user has a chance of correlating something breaking with a recent update if he/she explicitly did so. MS have screwed up Windows updates before, and I don't believe they'll suddenly start getting it perfect now.
> I would be fairly surprised if Microsoft didn't re-display TOS after each update, so feel free to keep an eye out.
And my options as a user are then what exactly? Accept the new TOS or have the device rendered unusable and lose access to all my data? That's definitely the basis for an unbiased, informed decision.
I wager what that means is if you hand-write and then type the same text, Windows will/can send the typed & hand-written version to a server, where it can be used to improve the handwriting recognition, either for that specific user or for everybody everywhere.
The problem is there's no like "more info" icon you can click to get an explanation of what it means.
"Typing data" sounds like keylogging. If it's what it sounds like, that's really emphatically not okay; that would include all passwords and the contents of all emails sent.
Would someone with actual knowledge care to chime in and say what data is actually sent? If it turns out that Windows 10 really is sending keystrokes to Microsoft by default, it seems likely to cause a significant backlash from Microsoft's business and government customers.