3 steps to stop Windows 10 from invading your privacy

France has lodged official complaints against Microsoft due to security flaws in the Windows 10 operating system. The French government alleges three privacy violations:

  • the Windows Store collects data on the apps users download and time spent on each one without permission;
  • Windows 10 installs an advertising identifier by default, which allows Microsoft to monitor browsing and target users with ads;
  • the Windows Store authentication, which allows users to set a 4-digit PIN in lieu of a password, does not restrict the number of attempts to enter the correct code.

While France’s order to fix these security issues is new, the issues themselves are not. Users have complained about these exact problems since the operating system was released. Because Microsoft has a vested financial interest in the monitoring app behavior and targeting users with ads, these issues were not addressed earlier. As a result, some developers and companies released their own fixes, free for the world to take advantage of.

These fixes primarily target advertising IDs used to target users with ads, telemetry data that’s sent to Microsoft to identify security and reliability issues as part of the Consumer Experience Improvement Program, and the WiFi Sense feature that shares passwords between users. They also patch up a slew of other concerns, but these are the biggest ones when discussing Windows 10.

The fixes, combined with other existing methods of protecting privacy, can work in unison to keep every Windows 10 user’s data private.

1. Windows 10 anti-spying

oando shutup10 2
Our favorite utility for controlling Windows 10 is O&O ShutUp10, a free anti-spying tool from O&O Software. Of the tools we tested, ShutUp10 gives the most granular level of control over security and privacy-related functions built into Windows 10. The layout looks great and is a breeze to use, with simple on/off switch for dozens of categorized functions. Clicking on a function drops down a field of text that explains, in layman’s terms, what the function does.

If you just want a quick one-step solution, clicking the “Actions” dropdown menu allows you to apply all the recommended protections, all the recommended and limited settings, or all the settings. O&O will remind users to create a restore point should anything go awry as a result, which can be done from within the app. For multiple computers, users can import and export the settings to be used by other PCs.

Other than patching up those pesky privacy and security gaps, ShutUp10 also allows you to easily control a range of other Windows 10 settings that one would normally have to dig through several disparate menus to find. These include things like notifications, synchronization, Cortana, Bing, location services, and Windows updates.

ShutUp10 does not need to be installed. Just run the executable file, make the changes you want, then close it. The changes will remain in effect unless you alter them. When the program is started again, it will alert you to any settings that have been modified.

If for some reason ShutUp10 doesn’t jive with you, another solid option is Spybot Anti-beacon. Spybot’s free solution works with Windows 7, 8, 8.1, and 10. It doesn’t have quite the array of options as ShutUp10 and lacks the detailed explanation of each setting, but it certainly gets the job done.

2. Firewall control

tinywall settings
Windows 10 comes with a built-in firewall, but actually using it can be a tedious pain and many programs are allowed through by default. That’s where TinyWall comes in. Rather than installing a whole new firewall, TinyWall presents a lightweight solution for easily managing the existing Windows Firewall. Once installed, almost every program is blocked by default. That includes executables that Windows 10 might use to collect information and send back to Microsoft such as Cortana, Bing search, and error reporting processes among others. Only the applications you use can connect to the internet, nothing else.

It might sound annoying to enable programs to access the internet one by one, but TinyWall makes it easy. We especially liked the option to whitelist by window, in which the user simply enables the function on TinyWall from the system tray, then clicks on an open application window to add it to the whitelist. Programs can also be whitelisted by executable and process.

Besides covering up the security holes in Windows 10, TinyWall helps prevent malware, spyware, and adware from running on your machine. It comes with an “Autolearn” feature that’s recommended for freshly installed operating systems that are 100 percent malware free. Autolearn allows traffic by default and remembers which applications used the network, then block everything else.

TinyWall doesn’t require the user to know anything about DLLs or ports. It’s free of advertisements and pop-ups.

If you don’t like TinyWall or Windows Firewall, another popular option is Comodo Free Firewall. This adds a whole new firewall to your PC.

3. VPN

It goes without saying that anyone concerned about privacy should have a VPN installed on their PC. By encrypting all incoming and outgoing internet traffic and routing it through a remote server, VPNs protect both the contents of that traffic and the identity of the person looking at it. Windows 10 users in particular have three key reasons to employ a VPN service:

  • Should any information slip through the above two tools and be received by Microsoft, it would not be decipherable.
  • Microsoft is known to have complied with the NSA’s bulk surveillance programs.
  • Windows 10 sends DNS requests in parallel to all available resources at once, including the local network and ISP

That last point is meant to improve web surfing speed, but in reality it means more entities can see your DNS requests, which include data about what websites you visit.

We’ve compiled a list of the best VPNs for Windows 10 here. They are based outside the US, have minimal logging policies, and protect from DNS leaks.

With these three tools in place, you should be able to thwart any attempt by Windows to send information back to Microsoft. Take a look at our list of more than 75 free privacy tools for more advice on protecting your privacy.

Bonus: Don’t use express settings when upgrading to Windows 10

If you’re setting up Windows 10 for the first time on a device, take the time to customize the settings instead of just using the Express setup.

The “Use Express Settings” option automatically opts you in to all of Microsoft’s data collection and behavior tracking.

Click the less emphasized option to “Customize settings” and turn off all those so-called “Personalization” features. These include sending typing and speech data to Microsoft, using your advertising ID to target you with ads, and letting Skype into your address book. Turn off “Find my device and don’t allow Windows apps to request your location or location history.

When Windows presents you with Connectivity and Error Reporting settings, toggle off the options to automatically connect to suggested open hotspots and networks shared by your contacts. Also turn off the option to send diagnostic info to Microsoft, which allows the company to collect detailed information about your PC and the content on it.

In the last page of settings, you can change Browser, protection and update settings. The first option to turn off SmartScreen only affects Microsoft Edge and doesn’t deal with data collection, so it’s fine to leave that on. Turn off page prediction and updates from other PCs.