Concerns arise about data collection in Windows 7 and 8

While some folks are concerned about the privacy implications of upgrading to Windows 10, it appears that at least some of the "spy features" in Windows 10 are also present in Windows 7 and 8. ARS Technica writes today that a couple of months ago, a non-security update for both Windows 7 and 8 added a new Windows service called Diagnostics Tracking.

The purpose of this service is to increase the amount of data the Customer Experience Improvement Program (CEIP) can collect on your PC in order to better diagnose problems. Furthermore, it also enables the collecting of data for third-party applications that use the Application insights service, which provides developers with information about performance issues, crashes, and other problems of their apps running on your PC.

Separate from this, another update, 3075249, enhanced the User Account Control (UAC) feature to enable it to collect more information from the elevation prompts.

The concern with the new Diagnostic Tracking service is much the same as with Windows 10's tracking: it's not clear what's being sent, and there are concerns that it can't be readily controlled. The traffic to Microsoft's servers is encrypted, sent over HTTPS, so it can't be easily examined. While the knowledge based articles describing the new service list the DNS names of the servers that the service connects to, there are reports that the service ignores the system HOSTS file. As such, a traditional and simple method for redirecting the traffic doesn't work.

As ARS Technica points out, what's lacking in Windows right now is some sort of global privacy control so users can easily fine tune these features.