It’s proven: Outlook for Windows, the new Microsoft application that replaces Mail, is a real spy that collects a lot of information about its users. Better not to install it!
To check your emails in Windows 10 or 11, you probably use the Mail app that comes with the system. So you will not have missed the multiple calls from Microsoft to encourage you to switch to “the new version of Outlook” which will replace the Mail app during this year. It strongly resembles the Web version of the Outlook.com service (read our article) by appearing clearer, richer and more practical than Mail. However, as we reported last November, this new app is also much more greedy with your data. At the beginning of January, the Swiss from Proton, publisher of secure messaging software, published a blog post soberly titled: “Outlook is Microsoft’s new data collection service” which corroborates the assertions of the German magazine specializing in IT C’T on Heise Online few months ago.
And Proton doesn’t take it lightly: “It now appears that Outlook is no longer just an email service; it is a data collection mechanism for Microsoft’s 772 external partners and an advertising delivery system for Microsoft itself” report its experts in their post. More than 700 external Microsoft partners (just that!) would thus have access to your data, in addition to Microsoft obviously which would use it to better target the advertising messages it sends you. According to Proton, some European users may see a warning message when installing the new Outlook, but we did not encounter this during our testing.
This message indicates that Microsoft and its 772 third-party partners are authorized to carry out several actions such as storing and/or accessing information on the user’s device, developing and improving products, personalizing ads and content, measuring ads and content, gain audience insights, obtain precise geolocation data, and identify users through device analytics. And, just so you see the advertising, Outlook settings allow you to choose two display modes: directly in the mailbox (for a small dose of additional unfiltered spam) or within banners in the application.
A quick tour of Outlook’s Advertising Preferences settings allows you to view the list of Microsoft partners and know what actions they are authorized to carry out.
Outlook for Windows: a huge collection of personal data
It is possible to deactivate data collection for each of these partners. But there is no button to turn everything off at once. “Of course, Microsoft knows that almost no one reads privacy policies. If everyone understood these policies, revenues would be at risk” underlines Proton in his post. To get rid of it, you must click on the colored dot (which does not bear any name) placed under the Activate all button at the top of the list of partners. We have seen more obvious .
A finding which is therefore not very reassuring, which adds to the findings of the experts of Heise Online pupublished a few months ago. As a reminder, they had indicated that the new Outlook app takes great liberties with the personal data of its users when it comes to entrusting it with the management of emails managed by other providers (Gmail, Yahoo and now iCloud/Apple). And according to Heise Online, this delegation of power is not without impact on confidentiality: “If you try the new Outlook, you risk transferring your IMAP and SMTP email account credentials and all your emails to Microsoft serversbefore specifying: although Microsoft explains that it is possible to return to previous applications at any time, the data will already be stored by the company. This allows Microsoft to read emails“. By associating an external account with Outlook, we allow Microsoft to quietly take a look at all correspondence and therefore analyze the content for commercial purposes, for example. Added to this is the transmission of certain sensitive data (usernames and passwords) in plain text between the Outlook app and Microsoft servers.
Proton concludes its blog post by inviting you not to use the new Outlook app for more confidentiality and to instead turn to its own software, Proton Mail to guarantee your confidentiality. It’s a good fight! But you can also opt for other free tools, like the excellent Thunderbird from the Mozilla Foundation, which serves no commercial purpose.