Microsoft collecting diagnostic data is not new — but it became far more visible (and controversial) with Windows 10. From enterprise IT teams to privacy-focused end users, concerns have centred around what data is collected, how transparent Microsoft is about it, and how much control users actually have.
To Microsoft’s credit, pressure from regulators, enterprises, and privacy advocates has resulted in significantly improved transparency. Windows 10 now includes built-in tools that allow users to view, export, and delete diagnostic data collected about their device.
For IT professionals, this isn’t just a privacy discussion — it affects compliance, endpoint governance, user trust, and regulatory exposure.
What Is Windows 10 Diagnostic Data (Really)?
Let’s clear up a common misconception right away:
Windows diagnostic data is not the same as spyware or keylogging.
Microsoft divides diagnostic data into two broad categories:
1. Required (Basic) Diagnostic Data
This is the minimum telemetry required for Windows to function safely and reliably. It includes:
- Device hardware configuration (CPU, RAM, storage, firmware)
- OS version and build
- Driver versions
- Error reports (e.g. failed updates, crashes)
- Basic app reliability metrics
This data helps Microsoft:
- Identify widespread crashes
- Fix driver compatibility issues
- Prevent bad updates from rolling out further
You cannot fully disable required diagnostic data — even in enterprise editions — but it is intentionally limited.
2. Optional (Full) Diagnostic Data
Optional data goes deeper and may include:
- How specific apps are used (launch frequency, features used)
- Performance metrics tied to user activity
- Browser and app interaction telemetry
- Feature usage trends
Importantly, this data is pseudonymised, not directly tied to personal identity — but from a privacy and compliance standpoint, it still matters.
As an IT admin, this is often where policy decisions are made.
Why Microsoft Collects This Data (From an Ops Perspective)
From real-world experience managing Windows environments at scale, diagnostic data exists for three practical reasons:
- Stability at scale – Microsoft supports billions of devices with wildly different hardware
- Safer updates – Telemetry identifies breaking changes early
- Product direction – Feature adoption guides development priorities
That said, the concern isn’t whether telemetry is useful — it’s whether users and organisations can control it.
Viewing the Data
In order to see what kind of diagnostic data is being sent to Microsoft, first click the Start button, then click the Settings cog on the left.
Click on “Privacy.”
On the left sidebar click “Diagnostics and feedback.”
There are a number of Options here you may want to look at changing at a later on. For now we’re going to look at the data viewer.
Scroll down until you see “Diagnostic data viewer” and activate the switch. Please note that you will need at least 1GB of disk space in order to perform this action.
Windows will ask you to install the data viewer. Once this is installed, you can click “Diagnostic Data Viewer” to take a peek into what Windows is logging on your computer.
Unfortunately, the data from the Data Viewer isn’t presented in the most readable format! Despite this, you can still see every minute detail that’s being logged and sent to Microsoft to help them improve Windows 10.
If you’d like to make a backup of these logs, you can do so by clicking the three bars at the top left, then clicking “Export Data.”
What You’ll See in the Diagnostic Data Viewer
This is where expectations need to be managed.
The Diagnostic Data Viewer is:
- Extremely detailed
- Highly technical
- Not user-friendly
Data is presented as structured logs and JSON-like entries, including:
- Event timestamps
- Component names
- Hardware identifiers
- Error codes
- Feature flags
From an IT perspective, this is actually useful — it closely resembles backend telemetry logs used in enterprise monitoring systems.
Exporting Diagnostic Data
You can export diagnostic logs by:
- Clicking the menu icon (three bars)
- Selecting Export data
This is useful for:
- Compliance audits
- Internal privacy reviews
- Understanding telemetry scope before policy decisions
How to Delete Diagnostic Data in Windows 10
If you don’t like what you see and want to delete the data, you can do so by going back to the Privacy screen and clicking “Delete” under “Delete diagnostic data.”
If you want to keep tabs on what data is being collected, the options at the top of this window let you know what is currently being logged. “Basic” keeps logs on only essential system data, while “Full” keeps tabs on the websites that you visit and how you use your computer. If you’d rather not have Microsoft track everything you do, be sure to switch this to “Basic” to only give the bare minimum to Microsoft.
Controlling Diagnostic Data Collection (Best Practice)
At the top of the Diagnostics & feedback screen, you’ll see options for data collection level.
Diagnostic Data Options
- Required diagnostic data
Minimum data necessary for Windows to function correctly. - Optional diagnostic data
Expanded telemetry for feature usage and analytics.
For privacy-conscious users and many business environments, Required only is the recommended setting.
Enterprise and IT Admin Considerations
For IT professionals managing fleets of Windows devices, diagnostic data has broader implications.
Compliance and Regulation
Regulations such as:
- GDPR
- ISO 27001
- SOC 2
- Australian Privacy Principles (APPs)
often require:
- Transparency
- Data minimisation
- User awareness
Windows diagnostic settings are now commonly reviewed during security audits.
Group Policy and MDM Control
In managed environments, diagnostic data levels can be controlled via:
- Group Policy
- Microsoft Intune
- Endpoint Manager
- Registry settings (advanced use only)
This ensures:
- Consistent telemetry levels
- Reduced risk of misconfiguration
- Centralised compliance enforcement
Common Misconceptions (From the Field)
“Microsoft records keystrokes and passwords.”
→ False. Credential material is explicitly excluded.
“Disabling telemetry breaks Windows.”
→ Partially true. Disabling required data can cause update and support issues.
“Full diagnostic data means spying.”
→ Not exactly. It’s telemetry, not surveillance — but control still matters.
Should You Disable Diagnostic Data Completely?
In practice:
- Home users → Required only
- Small business → Required only
- Enterprises → Policy-driven, often Required only unless support requires more
Complete elimination is unrealistic, but minimisation and transparency are achievable.
Final Thoughts: Privacy Without Paranoia
Windows 10 diagnostic data collection isn’t inherently malicious — but blind trust isn’t healthy either.
The important shift is this:
Microsoft now gives users and IT professionals visibility and control, not just vague assurances.
From an IT perspective, the Diagnostic Data Viewer is a welcome step toward accountability. It allows informed decisions instead of fear-based assumptions.
Privacy isn’t about disabling everything — it’s about understanding what’s collected, why it’s collected, and how to manage it responsibly.
And in modern IT, that understanding is no longer optional.
From my early days on the helpdesk through roles as a service desk manager, systems administrator, and network engineer, I’ve spent more than 25 years in the IT world. As I transition into cyber security, my goal is to make tech a little less confusing by sharing what I’ve learned and helping others wherever I can.