Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
- Microsoft collects diagnostic data, aka telemetry, from every Windows PC.
- Some Windows customers are convinced, without evidence, that this is a form of spying.
- If you're concerned, you can use a free utility to inspect this data for yourself.
When Windows 10 was released in 2015, it was immediately controversial, with critics zeroing in on one feature in particular: telemetry.
I spent many months in those early days reading one article after another on the subject that read, in retrospect, like entries from the diary of a mad conspiracy theorist. As I wrote at the time, those critics believed that Windows 10 was “basically a 1984 telescreen come to life. They are convinced that with Windows 10 Microsoft has built a spying apparatus not seen since the height of the Cold War, scraping up every detail of your life and feeding it back to Redmond.”
Also by Ed Bott: Microsoft has lost its way
I vividly recall interrupting a vacation in South America on my birthday in 2015 for a one-on-one phone call with a senior Microsoft executive to discuss Windows 10 telemetry. They were as unhappy as I was about the situation.
What was most obvious about those early critiques was the complete lack of any grounding in data.
When I got back home from that vacation, I installed network monitoring tools to collect and analyze that telemetry data for myself. I wrote up my findings in Windows 10 telemetry secrets: Where, when, and why Microsoft collects your data. And I followed that up with Is Windows 10 telemetry a threat to your personal privacy? and No, Microsoft is not spying on you with Windows 10.
Over the past 10 years, privacy agencies for governments, especially in the European Union, have scrutinized Microsoft's behavior closely. Back in 2017, the Dutch Data Protection Authority found that Microsoft's telemetry settings were in breach of local privacy laws because they failed to obtain informed consent from users. Over the next two years, Microsoft made a series of changes that eventually satisfied those Dutch authorities. There was never an allegation that personal information was being improperly collected or used.
And in all that time, I have not seen a single privacy-focused advocacy group or third-party security firm conduct any study showing that the collection of telemetry data in Windows has a deleterious effect on privacy. Not one.
Also: Why encrypted backups may fail in an AI-driven ransomware era
But you know what? More than a decade later, people are still spreading those conspiracy theories. Microsoft is spying on you! Redmond is collecting mountains of personal data and using it for … advertising, I guess? And the rise of AI means that there are even bigger rabbit holes to go down.
Anyway, it's 2026. Windows 11 is five years old. There are verifiable answers to all the questions you might have about Windows telemetry, but very few people have gone to the trouble of finding those answers. Let's do something about that.
Telemetry is an informal name for what Microsoft officially calls diagnostic data. The most current description of the technology appears on this page: Diagnostics, feedback, and privacy in Windows.
On unmanaged PCs — those found in homes and small offices that are not part of an enterprise network — the baseline level of diagnostic data is set to the Required level and cannot be disabled through supported means. (There are third-party tools that claim to be able to do this.)
Microsoft describes this as “the minimum level of diagnostic data needed to help keep your device reliable, secure, and operating normally.”
A second level of diagnostic data is called Optional. When you set up a new PC, this level is on by default. A switch that's available as part of the Out of Box Experience (OOBE) lets you turn this setting off so only Required data is collected.
The option to send Optional diagnostic data is turned on by default.
Screenshot by Ed Bott/ZDNET
At any time after setup, you can change this setting by going to Settings > Privacy & security > Diagnostics & feedback. If you want to make sure that only Required data is sent, turn the “Send optional diagnostic data” switch to Off.
What's in the Required diagnostic data?
The most important category of data collected here is what makes Windows Update possible. The diagnostic data includes:
- Basic error information
- Information about the device and any applications and drivers installed
- Logs about the performance of the update process itself
- Data about performance of updates
- Data about devices that have had upgrade failures
In addition, that data is used for what Microsoft calls “product improvement.” Let's go to the documentation:
Microsoft uses Required diagnostic data for product improvement in the context of keeping your Windows device up to date and secure; problem-solving; accessibility; reliability; performance; enhancing existing Windows features; compatibility of apps, drivers, and other utilities; privacy; and energy efficiency.
Microsoft uses Required diagnostic data for this purpose as follows:
– Information about customers' devices, peripherals, and settings (and their configurations) is used to prioritize product improvements by determining which improvements will have the greatest positive impact to the most Windows customers.
– Information about which apps are installed on devices is used to prioritize app-compatibility testing and feature improvements for the most popular apps.
Microsoft maintains an exhaustive and extremely specific list of diagnostic data collected when the system is set to Required. You'll find it in this article: Windows 11, versions 25H2 and 24H2 required diagnostic data events and fields.
Here's a list of the major categories under which this data is organized.
- Appraiser
- Code Integrity
- Common data extensions
- Common data fields
- Component-based servicing events
- Deployment
- DISM
- DxgKernelTelemetry
- Fault Reporting
- Feature quality
- Feature update
- Hang Reporting
- Inventory
- Kernel
- Microsoft Edge
- Migration
- OneSettings
- OOBE
- Privacy consent logging
- Setup
- Update Assistant
- Update
- Windows Error Reporting
- Windows Hardware Error Architecture
- Windows Store
- Windows Update Delivery Optimization
- Windows Update
- Winlogon
I've reviewed that article carefully and can't find anything that appears to be a privacy risk or is outside the specific bounds Microsoft defines in its documentation. I encourage you to read that article and see if you can find anything that I might have missed.
What's in the Optional diagnostic data?
Microsoft's official explanation of what's in the Optional category is somewhat vague:
Optional diagnostic data includes additional details about your device and its settings, capabilities, and device health. Optional diagnostic data may also include information about the websites you browse, device activity (sometimes referred to as usage), and enhanced error reporting. … If you choose to send optional diagnostic data, Microsoft may use or combine Windows diagnostic data with data from other Microsoft products to help keep Windows and those products secure and up to date, troubleshoot problems, and make product improvements.
For a detailed list of events and fields in the Optional category, see Optional diagnostic data for Windows 11 and Windows 10. That list includes the following major categories:
- Common data extensions
- Device, Connectivity, and Configuration data
- Product and Service Usage data
- Product and Service Performance data
- Software Setup and Inventory data
- Browsing History data
- Inking Typing and Speech Utterance data
In theory, that extra data makes it possible to do more detailed troubleshooting about crashes and errors. But that's also the part where people start to get antsy about privacy. The websites you browse? The apps you use? It's completely understandable that you might not want that data shared. That's especially true when you read this part:
Optional diagnostic data can also include the memory state of your device when a system or app crash occurs (which may unintentionally include parts of a file you were using when a problem occurred).
If you work with sensitive documents or you're in an industry governed by legal compliance requirements, you want to turn that Optional switch to the Off position.
A few additional factors are worth noting here.
Also: 11 ways to delete or hide yourself from the internet – and protect your privacy
First, there's a good chance that not all of that data is being collected from your PC. Microsoft says it collects some Optional data from only a small percentage of devices — a process called “sampling.”
In addition, Microsoft says it uses a limited amount of the Optional data for advertising purposes, and then only if you enable the “Tailored experiences” option. Specifically, you might see “suggestions on how to customize and optimize Windows, as well as ads and recommendations for Microsoft and third-party products and services, features, apps, and hardware.”
Microsoft says that it does not use the content of crash dumps, websites you browse, speech, typing, or inking input data for personalization or advertising.
Can Windows users inspect the diagnostic data that's being sent to Microsoft?
When I wrote my original articles on this subject in 2015 and 2016, I had to do a lot of low-level work using network monitoring tools to try to figure out exactly what was going on. At the time, there was almost no documentation, and there was no tool for inspecting the data that was going from a Windows 10 PC to Microsoft's servers.
Since then, Microsoft has provided a steady stream of documentation, including an extremely detailed Windows Privacy Guide for IT and compliance professionals.
In 2018, Microsoft introduced a tool called the Diagnostic Data Viewer, which allows you to inspect the telemetry data in detail; that app has been steadily improved over the past decade and also includes details about error reports.
Here's a sample:
Use the Diagnostic Data Viewer to see what's being sent to Microsoft
Screenshot by Ed Bott/ZDNET
To install the tool, go to Settings > Privacy & security > Diagnostics & feedback and turn on the Diagnostic Data Viewer. If this is the first time you're using it, you'll need to install the app from the Microsoft Store.
Go ahead and try it for yourself. The output is dense and might be intimidating if you don't have a technical background. But I'd be happy to hear from anyone who looks through that data and finds what they consider a serious privacy issue.
The bottom line
In its most recent quarterly earnings call, Microsoft reported that there are now more than a billion monthly active Windows 11 users. They work with an essentially infinite combination of hardware and third-party software, and there is no practical way to test even a tiny fraction of those devices in a lab before shipping updates.
Also: Copilot quietly grabs your data from other Microsoft products now – here's how to opt out
As a result, the feedback loop between Microsoft's developers and the billion-plus PCs running Windows is essential to keep the ecosystem from falling over.
Allow me to repeat something I wrote 10 years ago:
We expect personalized services. We expect relevant search results. We expect the devices we use daily to get smarter and more useful over time. We expect them to understand us despite our accents when we use speech-enabled features. We expect bugs in software and services to be fixed yesterday.
All of those goals require that customers willingly share information with the companies providing those services, with a corresponding commitment from the recipient of that data to guard it carefully and use it only for its intended purposes.
The Required data Microsoft collects really is essential, and asking for a way to turn it off completely isn't practical. But privacy-focused customers should make sure that Optional diagnostic data collection is turned off.
Personally, I wish Microsoft would make the Optional data collection truly opt-in, by including a step in the OOBE that stops and asks the user to choose Yes or No, with neither option selected by default. I'm not holding my breath that that will happen any time soon.
