Skip to content

Telemetry

Telemetry

This section will show you how to drastically cut down on the amount of telemetry in Windows. For more information on telemetry, visit the OPSEC section of this site.

The amount of data that MS collects through Windows is beyond ridiculous. What started as telemetry that could be used to improve the OS has turned nearly into spying. The German Federal Office for Information Security did a look at how invasive this stuff is by looking at the number of “entities” getting data depending on the telemetry level selected.

They said that at security level, the number was 4, at the basic level, the number was 410, at the enhanced level, the number was 418, and at the full level, the number was 422. You’ll learn more about these levels in this section. Something to note was this was on Windows 10 build 1607 LTSB, which is a much more cut down version of Windows. I haven’t found the newest number for Windows 11, but it’s likely much more.

If you look at guides like BSI SiSyPHuS or DISA STIGs, you’ll notice that a requirement for government computers is to turn off as much of the MS telemetry as possible. The amount of data MS collects is simply not acceptable for government computers and it shouldn't be acceptable for home users either.

While you can’t completely block this stuff, I’ll show you how you can shut much of it off. I’m not an absolutist regarding this and would never tell someone to switch to Linux. Some people don’t have the time, interest, or the ability to learn Linux. Windows also isn’t as bad as the haters make it out to be. The telemetry is the biggest complaint myself and many others have with it. You also shouldn’t try to hide (in a digital sense) in fear just because of stuff like this. I would suggest you read the OPSEC section if you haven't already.

With that being said, let’s get started. The methods to reduce telemetry in Windows are convoluted and you’ll have to find something that you’re willing to deal with and it will also depend on the version you have. Windows 11 and the latest versions of Windows 10 are a nuisance to reduce telemetry. The old versions of 10 were a breeze to configure. Also, Windows Home is the worst for telemetry. Pro is better as you not only have Group Policy to work with, you can lower the amount of data being sent.

Debloat Windows

Software Solutions

I’m going to start by saying that if you want to use a piece of software to cut down on telemetry, it should be well known and open source. I’m going to avoid legal hassle and not mention any names, but there are pieces of software out there that are closed source and claim to reduce spying. The issue is that no one can see what’s going on in the software and for something that should only be making group policy changes and changing some registry keys, why the hell does it need to be closed source?

One of the best solutions to close down Windows spying is to use a firewall like Simplewall. Check out the firewall tab for more info, as it has a breakdown of how to use the software. This is an excellent solution as you can prevent MS services from being able to connect to the internet and it has an IP blocklist built in with known MS IPs.

The other option is to use a debloat tool. You can potentially run into some issues if you start deleting Windows services, i.e. you won’t be able to play Halo if you uninstall the Xbox app, but this works pretty well for getting rid of spying. There are multiple options, but the best one I’ve found is by Chris Titus Tech. He has a YouTube channel and explains how to use the tool. There’s an option to disable telemetry. Nothing is 100% able to stop the issue, but running that tool can definitely help.

Group Policy

As long as you have Windows Pro, you’ll be able to go to Group Policy to make some changes. To go to the telemetry section, navigate to Local Computer Policies -> Computer Configuration -> Administrative Templates -> Windows Components -> Data Collection and Preview Builds.

If you consult with DISA STIGS, the only thing that gets changed for US government computers is “Allow Diagnostic Data” and “Limit optional diagnostic data for Desktop Analytics.” There’s a lot of other options here that you can configure to cut down on telemetry more, but these two will cut a lot out.

Open up the allow diagnostic data page. When you select enabled, there will be three options, which are diagnostic data off, send required data, and send optional data. You can only turn the data off on Enterprise, Education, and Server editions. You can set it to required data only on Pro editions, and Home editions will always send optional data, even if you try to select otherwise.

In earlier versions of Windows 10, this used to be just one option instead of the pile of options in the later versions of 10 and in 11. They were called by the names of things like Basic, Security, etc, like what was mentioned above.

Note

If you turn off diagnostic data, Smart App Control will be disabled and cannot be turned back on. This security feature was added in 22H2. If you want to keep it on, you will have to let MS collect data.

Next, open up the limit optional diagnostic data page. Just select enabled, then select disable desktop analytics collection. Just setting these two options will help alleviate the telemetry.

If you combine Group Policy changes with something like Simplewall and/or Chris Titus Tech’s tool, you can massively reduce the spying in Windows. It’ll be at a level that’s not what I would consider to be an issue. Keep in mind that many governments run Windows and process classified info on their computers. This is info that would cause catastrophic damage and maybe even wars if it got released. If Windows telemetry was such a security threat, govs wouldn’t use it and would just switch everything over to something like RHEL. You can’t fully stop it from running, so a small amount isn’t a big deal.

I don’t recommend sweating small stuff like having a little bit of telemetry left. Again, refer to the OPSEC section to see why it’s one of the smaller issues to worry about. At the end of the day, MS uses it for targeted advertising, which is a big money maker that most big businesses are using.