Windows 10: Stop Data Flow to Microsoft

Windows 10 Hero Good

In today’s Ask the Admin, I’ll look at how to stop various Windows 10 apps and OS components from sending or receiving data to and from Microsoft.


Windows 10 collects information about the OS and apps, such as performance and crash data, and then sends it back to Microsoft to improve future OS builds. You can control the amount of data sent by choosing from one of four telemetry levels: Security, Basic, Enhanced (default), and Full. For more information on managing telemetry in Windows 10, see Windows 10 Tip: Manage Telemetry Settings on the Petri IT Knowledgebase.


While Cortana requires users to sign-in with a Microsoft Account, there have been concerns that even when disabled, Microsoft’s personal assistant could still be active in the background. Windows 10 contains several Group Policy settings, including Allow Cortana and Don’t search the web or display web results in Search, that allow system administrators to either disable Cortana completely or restrict her ability to perform web searches.

The policy settings are located under Computer Configuration > Administrative Templates > Windows Components > Search in Group Policy. Despite the availability of these settings, Microsoft recommends that if you want to completely disable communication with Bing, the search engine that powers Cortana, you should create a Windows Firewall rule to block all outbound traffic from SearchUI.exe to prevent traffic being sent to Bing to ensure Cortana components on the PC are up-to-date.


For more information on working with Group Policy, see How to Create and Link a Group Policy Object in Active Directory on the Petri IT Knowledgebase.

Preinstalled Windows Store apps

Windows 10 comes with a set of preinstalled Windows Store apps, such as Finance and News, but are able to retrieve data before launch to provide a better user experience. The best way to prevent the transfer of data is to remove the apps, which is easily done using PowerShell as shown below for the News app:

Get-AppxProvisionedPackage -Online | Where-Object {$_.PackageName -Like "Microsoft.BingNews"} | ForEach-Object { Remove-AppxProvisionedPackage -Online -PackageName $_.PackageName}

To remove other apps, simply swap out “Microsoft.BingNews” for “Microsoft.BingWeather” and “Microsoft.BingFinance” etc. Note that the above code should be run from an elevated PowerShell console and only removes the app for new user accounts. To remove apps for existing accounts, you’ll need to run the code as shown below for each user. The example that follows removes the News app for the currently logged in user.

Get-AppxPackage Microsoft.BingNews | Remove-AppxPackage

Sync your settings

If you log in with a Microsoft Account, your settings are synchronized to the cloud. This can easily be disabled with a Group Policy setting:

Computer Configuration > Administrative Templates > Windows Components > Sync your settings > Do not sync

Or in the Accounts menu of the Settings app as shown in the figure below.

Turn off Sync your settings in the Windows 10 Settings app (Image Credit: Russell Smith)
Turn off Sync your settings in the Windows 10 Settings app (Image Credit: Russell Smith)

Wi-Fi Sense

Another privacy issue that was blown out of all proportion is the Wi-Fi Sense feature that allows users to share Wi-Fi access point passwords with their contacts. This feature can be disabled in the UI by turning off Connect to suggested open hotspots and Connect to networks shared by my contacts, or via Group Policy by turning off Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services, which will prevent users from enabling the two UI settings mentioned above.

Computer Configuration > Administrative Templates > Network > WLAN Service > WLAN Settings

For more information on Wi-Fi Sense, see No, There Was Nothing Controversial About Wi-Fi Sense on Petri.

Windows Defender

If you want to opt out of the Microsoft Antimalware Protection Service feature in Windows Defender, which allows information to be sent about detected software to improve Defender definition files, set the Join Microsoft MAPS Group Policy setting to Disabled.

Computer Configuration > Administrative Templates > Windows Components > Windows Defender > MAPS

To prevent Windows from sending files to Microsoft for further analysis, you can either turn off Cloud-based Protection in the UPDATE & SECURITY page of the Windows 10 Settings app, or set the Send file samples when further analysis is required GPO setting to Never Send.

For a complete list of the privacy settings available in Windows 10, see Configure Windows 10 devices to stop data flow to Microsoft on TechNet.