New known privacy risks with Microsoft Office ProPlus Enterprise


Our government customers are very angry with Microsoft, but I think this is nothing new as we know such problems with Windows 10.
I have to analyze this problem and advise our customers.

According to the Dutch organization that did the research for the Dutch government, we have the following infos:

-  Microsoft systematically and extensively collects data about the individual use of Word, Excel, PowerPoint and Outlook. Secretly, without informing the people. According to the Dutch organization, it is hard to find what Microsfoft collects as the data is encrypted.
-  Microsoft sends telemetry data to its own servers in the United States.

This is what I found that we can do for our customer:
- Disable Manage the privacy of data monitored by telemetry in Office
- Ban the use of Connected Services
- Not to use SharePoint Oneline
- Block OneDrive
- Lock web version of Office 365

My questions:
1) Did you deal with this case? If yes, what will Microsoft collect?
2) Is it enough to Manage the privacy of data monitored by telemetry in Office ?
3) Do I still have to go through the Report from  ?

LVL 19
*** Hopeleonie ***IT ManagerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
Is it enough to Manage the privacy of data monitored by telemetry in Office ?

From what I have gleaned at Microsoft MVP Global Summits, yes this suffices.

None of the data is personally identifiable.

If you are not happy with the above, you can report it as well.
Daniel PineaultPresident / Owner CARDA Consultants Inc.Commented:
This isn't hidden, it is in the EULA.  The issue is people agree to the EULA without ever reading or understanding what they are agreeing to.  Companies seem to go out of their way to create so complex EULAs that no one dare try and read it.  When I copied MS' into Word, I believe it was 48 pages long.  Completely absurd!  It is apparent they just want people to blindly agree, which I'm sure 99% do just that.

MS is no better or worse than Apple, Google, FaceBook, ... they all do it (and some are much more invasive!).  Data = $$$.

There are numerous alternatives to get away from MS if you are truly concerned (LINUX, MAC, OpenOffice, LibreOffice, ...).

I, myself, did not upgrade to Win10 because of this very issue, and now am even happier that I didn't considering the never ending issues with Win10 and Office 2016/2019/365.  Things have changed, we're no longer living in the 80's, data collection is done everywhere.  It is now a part of life.  Sad but true.
*** Hopeleonie ***IT ManagerAuthor Commented:
Is there any tool to check Microsoft Office privacy settings?
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

1) Did you deal with this case? If yes, what will Microsoft collect?
You cannot tell since the transmitted data is encrypted.

2) Is it enough to Manage the privacy of data monitored by telemetry in Office ?
Imagine you have a webcam that has an activity LED. Imagine you turn it off using a software switch. The activity LED will not flash anymore, but can you really be sure it is not recording?

3) Do I still have to go through the Report from  ?
I'll give you something better. The german BSI has investigated on telemetry data collecting. They and the BMWI have notified enterprises recently that work with restricted data (Verschlusssachen), that "BSI geht insgesamt davon aus, dass VS-NfD mit Windows 10 mit vertretbarem Aufwand nur in einer Umgebung ohne direkten Internetzugang verarbeitet werden kann, d. h. wenn direkte Verbindungen vom Client ins Internet nachhaltig unterbunden werden."

BSI assumes that VS-NfD (german equivalent to NATO restricted) can only be processed with Windows 10 at a reasonable cost in an environment without direct Internet access, that means, if direct connections from the client to the Internet are permanently prevented.

Interesting, eh? So have fun isolating your environment from the internet.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Daniel PineaultPresident / Owner CARDA Consultants Inc.Commented:
The issue is that all of the available information is vague, so no one truly knows what is being collect, little alone how it is being used.  MS is not being transparent, but then neither are the other companies.

With verbage like "Some of the software features send or receive information when using those features", "you agree that Microsoft may collect, use, and disclose the information", ...  But you have to go digging and have a few hours to read through everything

The following post explains the real issue with Windows 10 beyond the never ending updates that keep breaking things.
JohnBusiness Consultant (Owner)Commented:
Is there any tool to check Microsoft Office privacy settings?    <-- You need to go through the overall privacy settings.

Start, Settings, Privacy  and work through all the settings.

The data is aggregated and encrypted so there is not any personal danger to you.
Amazon, Google, and Facebook as well as others of that ilk, make their money by selling personally identifiable information to people who say they want to sell you stuff.

Microsoft claims to collect the non-personally identifiable information so that it can better understand how customers in general use the Office products.  I don't know that there have been any instances where people have exposed some other nefarious use of this data.  You are asked when you install office to agree or not agree to send info to Microsoft so although the agreement is obscure, it is there.

The problem with putting stuff in EULA's is that the customer has no option.  They can refuse to sign the EULA and not be able to use the product they paid for or they can sign it, hand over their first born, and hope for the best.  People are finally waking up to this being  a problem and lobbying their governments to stop the practice.  This is especially a problem with phone apps.  The only reason a game app needs to collect your geo data and contact list is because they intend to sell the info and to be marketable, it must be personally identifiable.  That's why I don't install games or ANY "freeware" EVER on my phone or computer.  NOTHING is free and anyone who believes that software is "free" is just plain stupid.

I remind you all to read 1984.  Big Brother is watching you!  He appears to be benign in the case of Microsoft but I'm not so sure about the others.

My boss gave me a Dot for Christmas the year before last.  I opened it Christmas eve while we were opening other presents.  The grandchildren entered my email but we lost interest because it didn't seem to do anything.  Two days later when I got online again, I was getting adds for items that the girls got for Christmas.  I powered off Alexa and put her back in the box and into a closet.  I elected to not be spied upon in my own home.
*** Hopeleonie ***IT ManagerAuthor Commented:
Thanks a lot
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 10

From novice to tech pro — start learning today.