Windows 10's 'built-in keylogger'? Ha ha, says Microsoft – no, it just monitors your typing

Don't want Microsoft tracking you online and collecting data on your computing habits? Then you probably shouldn't install the Windows 10 Technical Preview, Redmond says.

The interwebs were abuzz on Monday over concerns about the Terms of Use and Privacy Policy of Microsoft's newly released, not-even-beta-yet OS, with some sites going as far as to claim that Windows 10 comes with a "built-in keylogger" to watch users' every move.
Turns out these Chicken Littles were right – sort of – but according to Microsoft they should have known about the data collection from the get-go, because they agreed to it.

"With Windows 10, we're kicking off the largest ever open collaborative development effort that will change the way we build and deliver Windows," a Redmond spokesperson told El Reg in an emailed statement. "Users who join the Windows Insider Program and opt-in to the Windows 10 Technical Preview are choosing to provide data and feedback that will help shape the best Windows experience for our customers."

And sure enough, although Microsoft isn't providing detailed information about what it's monitoring and how, the red flags for privacy freaks are all there in the legalese everyone breezed through before downloading the preview.

According to the Windows Insider Program's Terms of Use, "The purpose of the Program is to ... provide Microsoft with feedback and detailed usage data about all activities occurring on those devices so that Microsoft and its partners can improve their products and services."

That explicitly includes "personal information," the terms go on to say, and Microsoft might even contact program members with additional information that is personalized just for them.

The program's Privacy Statement gives a few hints about what kind of stuff Microsoft is looking for. Redmond reserves the right to collect such info as, "your name, email address, preferences and interests; browsing, search and file history; phone call and SMS data; device configuration and sensor data; and application usage."

The Technical Preview also phones home with data about the files you open and "performance or usage information," including what program features you use most often and how long the system takes to respond to clicks.

And then there's this gem, which is the one that got everyone moaning about keyloggers:

[When you] enter text, we may collect typed characters and use them for purposes such as improving autocomplete and spellcheck features.

Microsoft hasn't said just how many of those typed characters it might collect or how often, but this is in fact something that the Windows 10 Technical Preview might do.

Does this mean Microsoft is planning to use Windows 10 to swipe everyone's online banking passwords? The chances are slim to none – although if you do your online banking on a prerelease test version of Windows with an experimental build of Internet Explorer, you deserve what you get.

Microsoft does, however, seem to be getting more aggressive about the kind of user experience data collection it has been building into prerelease versions of its flagship products for several years now. (Remember all the user data that Redmond said went into crafting the Office Ribbon UI? Where do you suppose it came from?)

How much of this data-collection the shipping version of Windows 10 will do remains to be seen.

"As we get closer to a final product, we will continue to share information through our terms of service and privacy statement about how customer data is collected and used, as well as what choices and controls are available," Microsoft told The Reg.

For now, though, bear in mind that when you fire up the Windows 10 Technical Preview, you are definitely being watched. But you knew that