“We can confirm that we are not building a historical database of program and user IP data,” said Microsoft.

The researcher claimed previously that every time a user installs an application, Windows 8 SmartScreen will send back information about the software/app and user’s IP address. He raised questions about users’ privacy and questioned as to why Microsoft wasn’t informing users about the privacy implications of installing SmartScreen during Windows 8 setup.

Microsoft claims that it deletes all the logs after specific intervals and that it doesn’t use this data to identify, contact or deliver targeted ads and neither does it share the data with third parties. “Like all online services, IP addresses are necessary to connect to our service, but we periodically delete them from our logs. As our privacy statements indicate, we take steps to protect our users’ privacy on the backend.” said Microsoft’s spokesperson.

“We don’t use this data to identify, contact or target advertising to our users and we don’t share it with third parties.” the spokesperson added.

The researcher had also claimed that the ScmartScreen technology uses SSLv2 for communications and that it can be broken into by competent hacker and information can be extracted about software installed on a target system. Microsoft denied these claims as well and said, “Windows SmartScreen does not use the SSL2.0 protocol.”


[Source: The Verge]