Microsoft's new Surface Duo smartphone is just days away from shipping to early adopters. Despite its imminent arrival, there are still plenty of questions that need answering about the device. One of the most important is how the Android device will handle privacy and security. After-all, Microsoft is pushing the smartphone has an enterprise tool first and foremost.
In a blog post, Microsoft has given more details on how the Surface Duo will manage privacy. While the device running Android has benefits in terms of app availability and general appeal, Google's platform raises security concerns.
One of the challenges for Microsoft is creating a hugely secure device on a platform that is known for security holes. Working with Google on developing the software for the Duo is a good start. Google often says the stock version of Android is secure. Problems arise when manufacturers tweak the platform with their own software.
In terms of privacy, business users will be eager to know how Microsoft will handle their data. Because of its links to Android, the device comes with Google apps out of the box, such as Gmail, Search, and the Play Store.
Of course, Google's reputation for maintaining user privacy is hardly stellar. Microsoft says it will collect user data. According to the company, this collecting will be like how it leverages user information on Windows 10. More specifically, in an effort to improve the service the company provides.
Gathering User Data
The Surface Duo will have required diagnostic data that users must give access to, and optional diagnostic data.
Here's the lost for required information:
- “Device properties such as the manufacturer, processor type, and memory attributes.
- Device settings and configurations, such as networking and peripherals data.
- Basic error reporting, such as whether updates were successfully installed.
- Reliability data about the health of the apps and services.
- Operating system version, configuration details, and updates installed.
- Apps and drivers installed on the device.”
And the list of optional diagnostic data:
- “Additional data about the device, connectivity, and configuration, beyond that collected under Required diagnostic data.
- Status and logging information about the health of system components beyond that collected about the update and diagnostics systems under Required diagnostic data.
- App activity, such as which programs are running on a device and for how long, and how quickly they respond to input.
- Browser activity in Microsoft Edge, including browsing history and search terms.
- Enhanced error reporting, including the memory state of the device when a system or app crash occurs (which may unintentionally contain user content, such as parts of a file you were using when the problem occurred).
- Specific data items collected by Surface Duo diagnostics are subject to change to give Microsoft flexibility to collect the data needed for the purposes described. For example, to ensure Microsoft can troubleshoot the latest performance issue impacting users or update a Surface Duo device, Microsoft may need to collect data items that were not collected previously.”
Microsoft points out neither options compromise the overall security on the Surface Duo.