Share via

Cloud-delivered protection

Anonymous
2017-12-18T07:17:20+00:00

Hello all!  I was curious as to what personal information is collected about me, if I turn on the 'cloud-delivered protection' in Windows defender security center?  I have read the 'privacy statement' multiple times.  I have already 'removed', if you will, any and all allowed shareable content.  I guess my question boils down to: Will any additional private data be submitted?  If I activate the 'cloud-delivered protection', will it automatically turn on some of the aforementioned settings I have intentionally turned off? 

Also, the Windows defender security center (Under the virus & threat protection settings tab) says that the cloud-delivered protection "Works best with Automatic sample submission turned on".  I have zero intentions of turning the automatic sample submission on.  

It is my understanding, from their 'privacy statement', that Windows will get my data with or without my consent, if they really want it.  I would really appreciate any feedback from those who have enabled this 'cloud-delivered protection', and if any of their settings have been automatically changed by Windows?

Any advice will be good advice.

Thank you for your time and attention.

Derek

Moved from: Windows / Windows 10 / Windows settings

Windows for home | Windows 10 | Security and privacy

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

Answer accepted by question author

Rob Koch 25,885 Reputation points Volunteer Moderator
2017-12-18T21:47:22+00:00

Actually Derek, I think that Microsoft's Privacy Statement is clearer about all of this in their Privacy Statement than you might perceive.

However, I'm not certain if that's an issue with interpretation or merely not having read the portions specific to Windows Defender itself, which are found within the Product-specific details section for Windows - Security and Safety Features.

In the excerpt I've included at the end below, I've highlighted the pertinent portions either by underlining or using bold text.  Note that the underlined sections indicate what it will do by default.  However, also note that in the case of an actual file upload, the bolded text portion will always apply.

So as this states; "If a report is likely to contain personal data, the report is not sent automatically, and you'll be prompted before it is sent."

Windows Defender makes this determination based upon whether the file is an executable only file type, since others which might contain data such as Office files, though these may also contain macros which are executable as well, would of course prompt you before sending these personal types of files.

Since neither of the underlined portions actually sends an entire file without considering first whether it might contain personal data, but rather only information about the file including a "hash" and other identifying items like file name, file system location and any certificates it contains,  you'll always have control over whether any actual data you've personally created is sent.

In fact, since all of these decisions and actions other than your own are occurring on machines, no human will typically ever even see most of these uploaded files.  Instead they are automatically uploaded to servers where they are examined by the Artificial Intelligence programs in the "Cloud", which compare these to the many thousands of other samples Microsoft is receiving daily.  Only if your specific file happened to be singled out by these algorithms as something highly exceptional (from a potential malware standpoint) is a human ever likely to view them at all.

To better understand what I mean, brief through the "Machine learning, behavioral analysis, and other evolutions" section of this Antivirus evolved – Windows Security blogarticle about Windows Defender.  You'll see from the numbers mentioned in that section that the greatest quantity of threats are handled automatically either on the local client or within "the Microsoft Intelligent Security Graph (ISG), which is informed by trillions of signals from billions of sources".

So unless a particular file was requested that contained truly personal data, which might compromise me either financially or personally, I'd never truly be concerned with responding to a request to upload most files, even some of those containing less important data.

Rob

"Windows Defender SmartScreen. Windows Defender SmartScreen helps protect you when using our services by checking downloaded files and web content for malicious software, potentially unsafe web content, and other threats to you or your device. When checking a file, data about that file is sent to Microsoft, including the file name, a hash of the file's contents, the download location, and the file's digital certificates. If Windows Defender SmartScreen identifies the file as unknown or potentially unsafe, you will see a warning prior to opening the file. When checking web content, data about the content and your device is sent to Microsoft, including the full web address of the content. If Windows Defender SmartScreen detects that content is potentially unsafe, you will see a warning in place of the content. Windows Defender SmartScreen can be turned on or off in Settings.

Windows Defender Antivirus. Windows Defender Antivirus looks for malware and other unwanted software on your device. Windows Defender Antivirus is automatically turned on to help protect your device if no other antimalware software is actively protecting your device. If Windows Defender Antivirus is turned on, it will monitor the security status of your device. When Windows Defender Antivirus is turned on, or is running because Limited Periodic Scanning is enabled, it will automatically send reports to Microsoft that contain data about suspected malware and other unwanted software, and it may also send files that could contain malware. If a report is likely to contain personal data, the report is not sent automatically, and you'll be prompted before it is sent. You can configure Windows Defender Antivirus not to send reports and suspected malware to Microsoft."

Was this answer helpful?

4 people found this answer helpful.
0 comments

Answer accepted by question author

Anonymous
2017-12-18T13:40:14+00:00

Only thing the 'cloud' might do is upload something that appears suspicious for further analysis  - things that do computing things they haven't seen in the wild.   Show me some chemist text and I'll say, yep, looks like some chemistry thingies.  It painful for me trying to remember how to spell acetaminophen & just trying to write the word caffeine makes me nervous.

Recall only one downloaded & appeared instantly suspect - was in a zip package that never was unzipped.   CCleaner that made the news a while back.   Rare here to discover computer virus -  my virus mostly would come delivered by the us postal service & fedex sneezing on my paper mail and package deliveries.

Was this answer helpful?

3 people found this answer helpful.
0 comments

8 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2017-12-21T08:27:16+00:00

    I have absolutely no problem with long posts.  I have a literal 'thirst for knowledge', and it doesn't matter to me if a post is a single sentence long, or ten (10) pages long.  I have been trained and conditioned my entire life to be as thorough and detailed as possible, especially with by extensive background in chemistry and mathematics,  (Everyone around me constantly tells me to tone it down).  But old habits die hard, I'm afraid. 

    And to see others that are analytically minded applying the same techniques, i.e. thoroughly detailed, and providing very useful knowledge to novices and 'moderate' users, that have not yet attained the rank of 'expert'.  Knowledge is knowledge.  And I can't get enough if it.

    I really like your forethought of not only writing and responding to a specific question at hand, but also writing, within the same body, to anyone else who might have the same question, or at least a variation, of the initial question proposed. 

    It makes me happy and joyful beyond belief, that some complete strangers can come together and help one another out.  Using past life experiences to unselfishly help another human being. 

    Words cannot accurately describe how thankful I am.

    Derek

    Was this answer helpful?

    4 people found this answer helpful.
    0 comments
  2. Rob Koch 25,885 Reputation points Volunteer Moderator
    2017-12-21T07:54:53+00:00

    Actually Derek, you've just described the reason I got into helping in first the original newsgroups and then the earliest forums as these became available from Microsoft.  I realized that I had a relatively deep understanding of not only how Microsoft's products worked, but also its Internet based communications infrastructure.

    Since it was obvious this was going to become an important factor in understanding not only the technical details, but also the direction that Microsoft was heading in the future, I realized that many would need help navigating what would clearly become a huge and often confusing set of overlapping information sources.

    I still had no idea how huge a task it would truly be though, since the massive change in just the last decade has meant the migration of these forums alone between at least 3 major systems.  First aligned with their developer network products for the original OneCare paid Antivirus, then moved to an intermediate system when Microsoft Security Essentials first became a beta and eventually to these "Answers" forums (see the URL above) which were eventually renamed to the Community you see today.  And that's just the evolution of a single product family line of security products for consumers.

    That's why when you see a post by me, it will often be overly long and explanatory, since I'm writing it as much for the later readers who'll come to find it, often via a disconnected Internet search that drops them into the thread from a completely disjointed location.  This may seem self-aggrandizing until you learn that even the oldest threads from that long defunct OneCare product still remain available to the world in a locked archive form.

    https://social.microsoft.com/Forums/en-US/home?category=windowsliveonecare

    Rob

    Was this answer helpful?

    2 people found this answer helpful.
    0 comments
  3. Anonymous
    2017-12-18T07:55:31+00:00

    Microsoft doesn't seem to be in that game as much as google is & Microsoft seems to really keep it to themselves anyhow.  Its all for advertising purposes anyhow.  Don't know what you feel the need to hide from Microsoft employees but Microsoft can be help liable for their actions.

    Was this answer helpful?

    1 person found this answer helpful.
    0 comments