Disable Telemetry¶
These services either do user data tracking, or are an unnecessary performance hit. See Telemetry Info.
Danger
After every major windows update, verify these settings.
Disable Connected User Experiences and Telemetry Service
Windows 10 collects user data and sends it to Microsoft.
Older versions of Windows 10 labeled this Diagnostic Tracking Services. It
is the same service name DiagTrack.
⌘ › services.msc › Connected User Experiences and Telemetry › General
Service name
DiagTrack
Startup type
DISABLED
Service status
STOPPED
Updated: 2021-02-19 Reference
Restrict data collection to Basic
Windows 10 collects user data and sends it to Microsoft.
Warning
0 - Security (the most restrictive option) can only be used in
enterprise (AD) installations. See diagnostic data levels for information
transmitted. Disabling removes policy and reverts to 3 - Full; so the
most restrictive policy is setup in case telemetry services are re-enabled
on updates.
Registry
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DataCollection
AllowTelemetry
DWORD
1
Updated: 2021-02-19
GPO
Computer Configuration › Administrative Templates › Windows Components › Data Collection and Preview Builds › Allow Telemetry
☑
ENABLED
1
Basic
Updated: 2021-02-19
GPO
User Configuration › Administrative Templates › Windows Components › Data Collection and Preview Builds › Allow Telemetry
☑
ENABLED
1
Basic
Updated: 2021-02-19
Disable application telemetry
Windows 10 collects information on application usage.
Registry
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppCompat
AITEnable
DWORD
0
Updated: 2021-02-19
GPO
User Configuration › Administrative Templates › Windows Components › Application Compatibility › Turn off Application Telemetry
☑
Enabled
Updated: 2021-02-19
Disable customer experience improvment program
Windows 10 devices send hardware and software usage information to Microsoft via customer experience improvement program.
Registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows
CEIPEnable
DWORD
0
Updated: 2021-02-19
GPO
Computer Configuration › Administrative Templates › System › Internet Communication Management › Internet Communication settings › Turn off Windows Customer Experience Improvement Program
☑
ENABLED
Updated: 2021-02-19
Disable sending browser history for Edge
Edge browser automatically reports browser history to Microsoft.
GPO
Computer Configuration › Administrative Templates › Windows Components › Data Collection and Preview Builds › Configure collection of browsing data for Microsoft 365 Analytics
☑
DISABLED
Updated: 2021-02-19
GPO
User Configuration › Administrative Templates › Windows Components › Data Collection and Preview Builds › Configure collection of browsing data for Microsoft 365 Analytics
☑
DISABLED
Updated: 2021-02-19
Disable infection reporting
Windows 10 Malicious Software Removal Tool automatically uploads file metadata for infection reporting.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT
DontReportInfectionInformation
DWORD
1
Updated: 2021-02-19 Reference
Disable inventory collector
Windows 10 Inventory Collector inventories applications, files, devices, and drivers on the system and sends the information to Microsoft.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppCompat
DisableInventory
DWORD
1
Updated: 2021-02-19
Disable program compatibility assistant
The Program Compatibility Assistant detects known compatibility issues in older programs. After you have run an older program in this version of Windows, it notifies you if there is a problem and offers to fix it the next time you run the program. If the compatibility issue is serious, the Program Compatibility Assistant might warn you or block the program from running.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppCompat
DisablePCA
DWORD
1
Updated: 2021-02-19
Disable steps recorder
Steps Recorder automatically capture steps you take on a PC, including a text description of what you did and a picture of the screen during each step.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppCompat
DisableUAR
DWORD
1
Updated: 2021-02-19
Force desktop analytics to honor telemetry settings
Desktop Analytics will report additional telemetry information if enabled.
Registry
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection
LimitEnhancedDiagnosticDataWindowsAnalytics
DWORD
0
Updated: 2021-02-19 Reference
GPO
Computer Configuration › Administrative Templates › Windows Components › Data Collection and Preview Builds › Limit Enhanced diagnostic data to the minimum required by Windows Analytics
☑
DISABLED
Updated: 2021-02-19 Reference
Firewall¶
Endpoints for telemetry may change. Peridiocally verify these have not changed. See references for additional documentation.
Warning
These endpoints should be blocked or routed to a blackhole. See Pi-Hole and DNAT for Captive DNS.
Connected User Experiences and Telemetry endpoints
Microsoft Defender Advanced Threat Protection is country specific and the prefix changes by country, e.g.: de.vortex-win.data.microsoft.com
Release |
Diagnostic Endpoint |
Functional Endpoint |
Settings Endpoint |
|---|---|---|---|
1703 with 2018-09 cumulative update |
v10c.vortex-win.data.microsoft.com |
v20.vortex-win.data.microsoft.com |
settings-win.data.microsoft.com |
1803 without 2018-09 cumulative update |
v10.events.data.microsoft.com |
v20.vortex-win.data.microsoft.com |
settings-win.data.microsoft.com |
1709 or earlier |
v10.vortex-win.data.microsoft.com |
v20.vortex-win.data.microsoft.com |
settings-win.data.microsoft.com |
Diagnostic data services endpoints
Service |
Endpoint |
|---|---|
Windows Error Reporting |
watson.telemetry.microsoft.com |
› |
ceuswatcab01.blob.core.windows.net |
› |
ceuswatcab02.blob.core.windows.net |
› |
eaus2watcab01.blob.core.windows.net |
› |
eaus2watcab02.blob.core.windows.net |
› |
weus2watcab01.blob.core.windows.net |
› |
weus2watcab02.blob.core.windows.net |
Online Crash Analysis |
oca.telemetry.microsoft.com |
OneDrive app for Windows 10 |
|
› |
vortex.data.microsoft.com/collect/v1 |
Microsoft Defender Advanced Threat Protection |
|
› |
References