Okay, if you type in aka.ms/msa into your browser, you get the official text of the EULA applying to MSFT's 'services', with Bing and Cortana (inter alia) listed at the end. Paragraph 3 of aka.ms/msa is the POLICING provision, with 3a being the 'Code of Conduct' you're expected to 'obey'. 3b covers POLICING: MSFT asserts that right over ALL your private stuff to see if you are 'obeying' 3a.
So it's allowed to spy on all your private data BY CONTRACT. You agree to that CONTRACT simply by using the services enumerated as 'under' that aka.ms/msa, as you're told in the very first two paragraphs, of it:
Notice: through your use.
What does that mean? Does it mean that the first time
you use the services, you are thereafter
subject to Paragraph 3 slurping? Does it mean only WHILE you are using the services
, you are subject?
Note that either way, you are being slurped. It's only a question of how often
, and the language is deliberately vague enough that EITHER interpretation can be claimed. So now the issue centers on what happens to your machine when you first used or do use, the services. What telemetry/cookies do, and what gets planted on your device.
So now, think: Bing is a search engine. If you're using Win10, it's baked in. So too, Cortana. Of course, everything on your Win10 device is slurped, as its own EULA Paragraph 14 expressly says aka.ms/msa is wholly applicable to "the software", not merely the services. So you know, to stay away from Win10.
But what if you're on iOS when you use these or the other 'services'? Or Linux?
And then, you use Bing or Cortana (the latter newly being available to iOS)?
For Linux, this would be easy, as the software is open source, so the extensions of files would be known. Apple software has been out for a long time, so its file extensions are also long known, and anyone with an Apple machine could thus read them. So slurping them and then reading the files, can be done.
So the danger of MSFT's slurping stuff isn't limited to Windows.
Now, the justification
for the slurping was, to see if you're obeying MSFT's own unilaterally imposed and undefined, 'Code of Conduct', which bypasses all due process of law in any nation on earth.
So the unthinking will ASSume, well I have nothing to hide, no big deal.
Indeed, you see that same stupid claim all over ZDnet articles on Windows invasion of privacy. What these folks don't think over, is that they are not living on desert islands: all their contacts and data from those contacts are also on the devices, so now third party data breach has occurred.
Worse, any of those third parties who are NOT party to the aka.ms/msa terms, might send emails or make mention of stuff which does violate aka.ms/msa terms, and so now the unthinking person's device is 'guilty'.
So now whatever removal, disclosure, and other policing rights MSFT arrogated to itself in Paragraph 3b, apply.
Note: there is no due process of law, so there is no recourse to your policeman, your local political representative for your home/host country, nor even to an attorney. You only have the right to arbitration (or whatever is its equivalent in your home/host country). So now your stuff can be borked, removed, etc. Even if you did nothing, but your device is 'guilty' of containing such things from third parties.
Finally, MSFT created Paragraph 3 in order to justify this slurping, again not restricted to Windows devices, so it could aggregate the data and sell it to companies wanting to do data analysis. But unlike Google, MSFT is taking PRIVATE DATA which, you agreed it could do, when you use(d) these 'services'.
So what alternative do you have? BOYCOTT MSFT and anyone else who's using 'devices' or 'services' subject to aka.ms/msa .
That's a nightmare. But what other recourse is there?