Ref: Previous blog post — Paranoia?
Testing by real experts reveals that Windows 10 ignores privacy settings. To be specific, someone who actually understands this stuff tested Windows 10 Enterprise, the one you are supposed to be able to actually control with policies and so forth. Turns out that it still sends out data to both Microsoft and third party advertisers. If you block it at the firewall, Win10 says it’s not connected at all. All of which means that Win10 does not meet PCI compliance standards, so it cannot be used in any enterprise settings where the computer has to handle credit card information; Win10 will not pass security audits. It also fails HIPAA compliance.
2. Twitter thread from the researcher, Mark Burnett. The long tail of that conversation is worth time if you need to know more.
3. More complaints discussed on Hacker News forum. Please note that the thread turns into silly arguments over Linux versus Windows about half-way down. But the first half is where you get some details about failing security audits.
Follow-up: Mark Burnett, who did the original testing, performed a more precise and careful test again. He got better results in terms of privacy, but the problems he had would still cause Win10 to fail the security audits mentioned above. In some of his later tweets, he lists all the other ways the Microsoft is selling users to Google advertising.