Skip to Content

Telemetry and privacy

Ce que votre système actuel chuchote sur vous à son créateur 🤫

TL;DR:

Overview

  • Nearly all operating systems (Windows, macOS, Linux) send telemetry data. The amount collected and how it is used varies greatly.
  • The more telemetry is used for advertising, the more detailed the profiling becomes and the higher the risks.

Who collects what

  • Windows: collects a lot by default and is hard to disable completely; it is used to improve the product and display advertising (Xbox Game Bar, Start menu suggestions).
  • macOS and iOS: mostly opt‑in, anonymised collection focused on quality; little advertising and no selling of data.
  • Android: large and frequent collection, even when the phone is idle; this is at the heart of Google’s advertising model.
  • Linux (Debian, Ubuntu, Fedora): by default very little or no telemetry; Ubuntu sends a small anonymous report.

Monetisation

  • Windows: product improvement, partner metrics and advertising slots.
  • Apple: revenue mainly from hardware and paid services; advertising is limited and internal.
  • Google/Android: targeted advertising—telemetry fuels user profiling.
  • Linux: service/support based models, no monetisation of user data.

Key risks

  • Profiling and implicit tracking, including approximate location.
  • Unintentional leaks via crash reports or memory dumps.
  • For organisations: exposure of the technical environment and risks to compliance and sovereignty.

Québec and Canada

  • Bill 25 and PIPEDA require valid consent, data minimisation, transparency and assessments for transfers outside Québec. Telemetry that goes to the United States must be assessed and contractually controlled.

Choose based on privacy

  • For the general public prioritising privacy: iPhone or Linux on the desktop.
  • If you need the Microsoft ecosystem: choose Windows Pro/Enterprise with telemetry set to the minimum and well‑configured group policies.
  • Android: limit Google’s reach as much as possible, adjust settings, and consider less connected variants if you can.

Quick useful settings

  • Windows: set Diagnostics to Basic, disable the advertising ID and personalised experiences, and use a local account if possible.
  • macOS/iOS: keep Analytics turned off and disable personalised ads.
  • Android: refuse the sending of usage and diagnostic information, reset the advertising ID, and limit permissions and Google services.
  • Ubuntu: untick sending statistics during installation; keep crash reports on a case‑by‑case basis.
  • Debian/Fedora: already restrained by default.

Takeaway message

Your operating system is also a data contract. For a Québec and Canadian audience, aligning your choice of OS and settings with Bill 25 and PIPEDA isn’t just prudent—it’s strategic.

Understanding telemetry in modern operating systems

Telemetry refers to all of the technical and usage data that an operating system automatically sends back to its vendor. These data can include information on hardware, installed applications, system errors and more, and are intended to improve the software and user experience. However, this collection raises questions about privacy and data control, especially when operating systems are tightly coupled with advertising‑based business models.

In this article we examine telemetry in the leading consumer operating systems: Microsoft Windows, Apple macOS and iOS, Google Android and the Linux distributions Debian, Ubuntu and Fedora. We outline the different practices, levels of collection, monetisation models and legal implications for users and organisations in Québec and Canada.

Microsoft Windows: ubiquitous, service‑oriented telemetry

Windows 10 and Windows 11 collect a substantial amount of diagnostic and usage data by default. Microsoft justifies this telemetry as necessary to ensure system security and quality, offer personalised services and better understand user behaviour.

In practice, even a fresh installation of Windows communicates frequently with external servers. A 2023 analysis showed that a brand‑new Windows 11 PC (never used for browsing) nevertheless contacts dozens of domains in the background (Microsoft, Bing, Akamai, etc.) for updates, synchronisation or advertising.

Windows gathers information such as hardware configuration, system version, connected devices, installed applications and their frequency of use, as well as error and diagnostic logs. These data are used to improve the system and feed features like Microsoft Defender SmartScreen or Windows Update.

Microsoft has defined several telemetry levels (called diagnostic data in Windows settings): Basic, Enhanced, Full, etc. In theory only the Basic (minimal) level is required to maintain Windows’ security and operation, but some services enforce higher levels.

As for monetisation, Microsoft claims not to “sell” Windows telemetry data to third parties. The information is mainly used to improve services, develop products and display contextual ads within the Microsoft ecosystem (Xbox Game Bar, suggestions in the Start menu, etc.).

From a privacy perspective, Windows telemetry drew strong criticism when Windows 10 was released. Privacy‑conscious users note that the system sends data by default with no real option to turn it off completely (except in enterprise versions) and that the purpose of the processing is sometimes unclear.

Finally, one particular risk should be highlighted: at the Full diagnostic level, Windows can collect memory dumps and detailed logs during a system crash. These files may include fragments of open documents or sensitive data if the system crashes during use.

Apple (macOS and iOS): a privacy‑focused model (but not free of collection)

In recent years Apple has built an image as a privacy champion, with the slogan “What happens on your iPhone, stays on your iPhone”.

At installation or during a major update, Apple explicitly asks whether the user wants to share analytics data with Apple (diagnostics and usage) and with application developers (App Analytics). These options are turned off by default.

Apple also ensures granular user control: at any time you can disable the sending of analytics data from the settings (Privacy > Analytics & Improvements). Shared data are anonymised and Apple uses differential privacy techniques to prevent re‑identification.

It is important to note that even without “system” telemetry enabled, some Apple services still send data as part of their operation. For example, macOS checks application certificates online (Gatekeeper) and iOS contacts servers for approximate location in case of an emergency call.

On the monetisation side, Apple’s business model is mainly centred on selling premium hardware and paid services (iCloud, Apple Music, etc.) rather than advertising. The company does run an internal ad network (Apple Search Ads) targeting searches in the App Store, but stresses that targeting is based on segments rather than personal identifiers.

In summary, Apple positions its OS as privacy‑respecting: telemetry is limited, transparent and mainly oriented towards product improvement, with no direct commercial exploitation of user data.

Android (Google): intensive data collection in the service of advertising

Android, Google’s mobile operating system, is the most emblematic example of monetisation through data. Most Android devices in the world run the “Google” version of Android, equipped with Google Play services that allow access to the Play Store and most consumer apps.

This business model is based on free software for manufacturers and users, funded by targeted advertising and Google’s online services. Unsurprisingly, Android collects a huge amount of data almost continuously, from power‑on and even when idle (regular pings to Google servers).

Academic research has quantified this collection. A 2021 study by Trinity College Dublin compared the volume of data an iPhone sends to Apple with that sent by an Android phone to Google. The result: on average Android sends about twenty times more data than iOS, even without interacting with the device.

What are these data that Android collects? According to the study and Google documentation, the system sends: unique identifiers for the device (IMEI, serial number, Android/Google ID) and the SIM card; the system version and installed security patches; crash reports and app usage statistics; the IP address and information about the Wi‑Fi or cellular network for approximate location; and the list of installed apps and their interactions (opening, closing, notifications, etc.).

The advertising exploitation of these data is at the heart of the Android/Google model. Google aggregates the information collected to create an advertising profile of the user: interests deduced from web and app activity, approximate location, socio‑demographic data, etc. Advertisers then use this profile to target their ads via Google Ads, YouTube Ads and so on.

It is important to emphasise that Google generally combines Android telemetry with data from other Google services used (Google Search, Gmail, YouTube, etc.) when the user is logged in. This makes the profile even richer and personalises services but increases centralisation and potential intrusion.

Google justifies this intensive collection by stating, similar to Microsoft, that it is made up of “data necessary for the proper functioning of services”. Following the study mentioned, a spokesperson pointed out that many measurements compared different things (network calls vs. packet size) and that the collection serves to ensure system compatibility, security and reliability.

Unlike Apple, it is difficult for an average user to completely escape telemetry on Android. Some settings exist: for example, under the phone’s Google settings (Settings > Google > Account services) you can disable “Usage and diagnostics”. It is also possible to reset the advertising ID from the Google Ads settings. But fully disabling telemetry often requires root access or installing a “de‑Googled” ROM (LineageOS, GrapheneOS), which is reserved for advanced users.

All this means that privacy risk is greatest with Android/Google. The user is finely profiled and their mobile activities are largely transparent to Google. On the other hand, the ecosystem is rich and convenient (Gmail, Maps, Play Store, etc.). It is a constant trade‑off between convenience and data protection.

Linux (Debian, Ubuntu, Fedora): the open, minimal data alternative

Unlike the systems above developed by large commercial companies, GNU/Linux systems are mostly open source and driven by communities or companies with a different business model. Telemetry is much less present, often disabled by default.

  • Debian (one of the most popular distributions and the base for many others) is a non‑profit community project. By default, Debian does not send any personal or usage data to its developers. There is a “popularity‑contest” (popcon) programme that anonymously sends package usage statistics to help prioritise maintenance, but it is completely opt‑in.
  • Ubuntu (a commercial distribution maintained by Canonical and derived from Debian) long followed the same line as Debian by sending nothing by default. However, in 2018 (Ubuntu 18.04 LTS) Canonical introduced an optional installation report that sends hardware fingerprints and language preferences. Crash reports (apport) are also offered on an opt‑in basis to help developers fix bugs.

It should be remembered that Ubuntu has drawn criticism in the past, notably with the online search feature integrated into Unity (in versions 12.10–15.04). At the time, a local search in the dashboard sent queries to Amazon and other partners, leading to accusations of spying and a rebuke from the Free Software Foundation. Canonical removed this feature and committed to transparency.

As far as monetisation is concerned, data collected by Ubuntu are not sold to third parties or used for individual advertising targeting. Canonical uses it to guide its technical efforts (hardware support, default language, etc.) and improve the user experience. However there is an affiliate partnership with Amazon, and the distribution sometimes promotes Canonical services (paid support, Ubuntu Pro).

  • Fedora (a community distribution sponsored by Red Hat/IBM) has historically not enabled telemetry either. However, recent discussions within the Fedora project aim to introduce minimal, anonymous collection, notably to measure the number of installations and guide development. The Fedora community stresses that collection will not be mandatory and that opt‑in will prevail.

Currently (Fedora 38/39), nothing is automatically sent to the Fedora Project without consent. Fedora, like Debian, only offers optional crash reports via ABRT (automatic bug reporting tool) to help fix bugs.

In summary for Linux: the popular consumer distributions differ somewhat in their approach but remain restrained in data collection. Debian does not collect anything without explicit user consent; Ubuntu is limited to a few anonymous statistics with the option to opt out; Fedora is discussing minimal but always optional collection. None of these systems has a commercial interest in storing or reselling your data.

For a user or organisation that is very concerned about privacy, the Linux ecosystem is often recommended precisely because there is no hidden or profit‑driven telemetry. However, you should allow for an adjustment period and check software compatibility.

Telemetry‑related risks for individuals and organisations

The collection of telemetry data by operating systems is not without consequence. Even though these data are often intended to improve the user experience, they can also be exploited in other ways or fall into the wrong hands.

For individual users

  • Invasion of privacy and anonymity: every data point sent, even seemingly harmless ones (e.g. the list of your apps or the duration of device use), contributes to building a digital profile. This profile can reveal your interests, habits and sometimes your approximate location.
  • Surveillance and traceability: telemetry combined with other data can form the basis for wider surveillance. This doesn’t necessarily refer to the system vendor but potential third parties who might gain access to these data flows (e.g., through a security breach or legal warrant).
  • Manipulation and the attention economy: once the user is profiled by the data, they can be more targeted by content that influences their behaviour. For example, Windows uses telemetry to display suggestions in the Start menu, and Android to serve personalised ads through Google Ads. Beyond ads, this can modify the interface to capture attention (notifications, highlights).
  • Unforeseen personal data leaks: although big companies promise security, no one is safe from a data breach. If an OS’s telemetry servers were compromised, sensitive information could potentially be exposed.
  • Feeling of trust or technological alienation: at a more subjective level, knowing that your OS is constantly “reporting back” data can create a sense of alienation or distrust of technology.

For organisations (businesses, institutions, public bodies)

The risks associated with telemetry are amplified in a professional or institutional context, where privacy, legal compliance and security issues are critical.

  • Confidentiality of corporate data: an organisation often handles sensitive data (business plans, customer data, trade secrets, medical information, etc.). If the system sends technical information in the background, it could reveal details about the infrastructure, installed applications or even user names.
  • Regulatory compliance and data sovereignty: in Canada and particularly Québec, personal information laws require organisations to protect data and control its use. Telemetry sent outside the province or abroad may contravene these obligations if it is not controlled.
  • IT security risks: any outgoing communication from your systems can potentially be exploited. In the case of telemetry, one can imagine scenarios where an attacker poses as an update service or intercepts the connection, compromising the confidentiality and integrity of the data.
  • Financial and legal impact: if a company or institution were to experience a data leak via telemetry, the financial consequences could be heavy (loss of intellectual property, legal action, regulatory fines, etc.).

In short, for an organisation, OS telemetry is an element that must not be neglected in digital risk analysis. While it can bring benefits (e.g., Microsoft Defender SmartScreen — enhanced security), it must be controlled and contractually managed, particularly when auditing vendors.

Legal framework in Québec and Canada: consent, Bill 25, PIPEDA, etc.

Canadian and Québec privacy laws are evolving to better regulate this type of digital data collection. How do Windows, Apple, Google and Linux comply?

PIPEDA – Federal Personal Information Protection and Electronic Documents Act

At the federal level, the Personal Information Protection and Electronic Documents Act (PIPEDA) applies to private‑sector organisations in the context of commercial activities. This law requires that the collection of personal information be reasonable, with the informed consent of the individuals concerned, and that organisations take steps to protect these data.

In the context of OS telemetry, one may ask whether technical data (such as hardware type, app usage) are considered personal information under the law. PIPEDA defines personal information as any information about an identifiable individual. If the device ID or IP address can be tied to a person, the collection must meet principles of accountability and limitation.

PIPEDA also requires data security. OS vendors must protect the information they collect. To date, there has been no notable security breach in Canada involving a massive leak of telemetry data from Windows, Apple or Google, but caution is warranted.

It should be noted that a federal bill (Bill C-27, 2022 Digital Charter Implementation Act) aims to modernise PIPEDA into a Consumer Privacy Protection Act; it would introduce heavier penalties and a private right of action in the event of a violation.

The Québec reality and Bill 25

Since 2021/2023 Québec has a strengthened legal framework with the adoption of Bill 25 (formerly Bill 64). This law modernises the two provincial personal information protection acts (Act Respecting the Protection of Personal Information in the Private Sector and Act Respecting Access to Documents Held by Public Bodies). It imposes increased obligations on businesses and public bodies.

  • Explicit and informed consent: Bill 25 requires that consent to the collection of personal information be “manifest, free, informed and given for specific purposes”. If the data are sensitive, it must be obtained separately. This forces companies to clarify the reasons for telemetry and offer an opt‑out.
  • Processing of sensitive information: the law introduces the concept of sensitive personal information (e.g., medical information, biometrics, political opinions, etc.). If such data are collected, explicit consent and enhanced protection are required.
  • Communication outside Québec & cloud hosting: as mentioned, Bill 25 requires an assessment before sending personal data outside the province. It also requires companies to ensure adequate protection of the data when using cloud services (analyse contractual clauses, control transfers, etc.).
  • Individual rights: Bill 25 strengthens the rights of access and rectification. An individual may ask a company to provide all the personal information it has about them. They may also request the destruction or de‑identification of these data. In addition, companies must notify any breach of confidentiality that poses a serious risk of harm.
  • Accountability and penalties: Bill 25 introduces the obligation to appoint a data protection officer in each company, conduct risk assessments, and the Commission d’accès à l’information can now impose higher fines (up to several million dollars for serious cases).

In practice, how are these companies reacting or preparing? Apple and Microsoft already have a strong culture of compliance (if only to comply with the European GDPR, which is very similar in spirit to Bill 25). Google has stated that it wants to be compliant but remains under scrutiny given its advertising model. The Linux distributions, driven by communities or companies like Canonical or Red Hat, are more flexible: the user is in control and can configure telemetry.

Takeaway for Québec/Canadian users: you have relatively strong data protection rights. You are entitled to know what information a system collects and for what purpose; you can demand explanations and exercise your right to object or rectify.

Conclusion: choose your operating system knowingly

Telemetry has become a key issue in choosing and using a modern operating system. On the one hand it brings tangible benefits: continuous software improvement, enhanced security, personalised suggestions. On the other hand it carries privacy and sovereignty risks, particularly if you are a public organisation or handle sensitive data.

  • Microsoft (Windows) collects a lot of data by default to evolve Windows and its services, and monetises part of the ecosystem through advertising and partnerships. The user has some ways to reduce but not eliminate telemetry.
  • Apple (macOS, iOS) positions itself on data minimisation. Telemetry is opt‑in, anonymised and used mainly internally to improve quality. Apple does not derive massive advertising revenue but keeps firm control over its ecosystem.
  • Google (Android) offers extremely convenient and often free systems and services in exchange for deep exploitation of your data. Android is very integrated with Google’s services, which makes it easy to use but makes it hard to disentangle for those who want to protect their privacy.
  • Linux (Debian, Ubuntu, Fedora and the like) represents an alternative where you are in charge. By default you are not tracked by your OS — in fact it is generally the other way around: you must explicitly consent if you want to send information.

Ultimately, the choice of operating system should incorporate the “data protection” dimension just as much as budget, features or ergonomics. In Québec and Canada our laws are evolving to strengthen these requirements. It is better to choose knowingly and put the right settings in place.

A few practical tips by way of conclusion:

  • Get informed and use the available settings: whether you are on Windows, macOS, iOS, Android or Ubuntu, take the time to go through the Privacy settings. Turn off what is not necessary, minimise data sharing and read each service’s policies.
  • Minimise connected accounts if possible: on Windows you can use a local account rather than a Microsoft account to reduce centralisation of data. On Android you can limit the number of Google accounts connected. On macOS/iOS think carefully before activating iCloud for everything.
  • Consider the open‑source alternative: if your context allows (for example if you mainly use the web or basic office tools), try a privacy‑respecting Linux distribution. Or on mobile, explore alternative ROMs that remove the Google components.
  • At work, talk to your IT department: employees also have a say. If you are in a sensitive sector, make sure your IT department has configured the OS to limit telemetry and that there is a policy of informed consent.

Ultimately, let us not forget that technology should remain a tool, not an uncontrollable spy. By choosing an OS based on its telemetry policy and configuring its settings wisely, we take back control of our data.

Definition of acronyms used: PIPEDA – Personal Information Protection and Electronic Documents Act (Canadian federal law). Bill 25 – Short name for the Act to modernise legislative provisions as regards the protection of personal information, adopted in Québec in 2021 and completed in 2023.

Sources: The information in this article is based on reliable and recent sources, including technical analyses (e.g., Tom’s Hardware on Windows 11), academic studies (Trinity College Dublin), official privacy rules (Apple “Data & Privacy”, Google “Privacy & Security”) and the documentation for Debian, Ubuntu and Fedora. Links are provided to explore each point further.

The importance of decentralizing the web for mental health