Skip Navigation

Computers

Computer systems – including laptops, desktops, Chromebooks, and similar devices – can present privacy issues out of the box. Most of these issues stem from the choice of operating system used on the device.

Page Contents

Windows Machines

There is simply no charitable way to put it: you cannot have digital privacy if you choose to run Microsoft Windows and haven’t pirated it or modified it with some sketchy tool from the Internet. Out of the box, the editions of Windows 11 that ship with consumer computers collect a significant amount of data about the user. Microsoft claims that some of the data they collect through their built-in telemetry system is “required,” and there is no way to disable this telemetry in consumer versions of Windows. Telemetry data officially include diagnostic information, error reports, the version of Windows that is running, any optional components that have been installed, and a list of the applications and services that are installed on the system. Windows 11 also collects other categories of data by default, although the user can opt out of these categories when first configuring the system or by digging deep into the settings. Microsoft has deceptively labeled a lot of this collection as “optional diagnostic data,” which includes search terms and browsing history in Microsoft Edge, a list of every device that is ever connected to the system, Wi-Fi network information, typing and drawing metrics, product performance data, which automatic suggestions are enabled or disabled, application usage information, and geographic location data. Some of these data can be used for “[t]ailored experiences” within Windows, which could include ads for software applications.1 In any case, the amount of “diagnostic data” Windows 11 collects by default provides more than enough entropy to make it possible to identify the system uniquely.

Windows 11 doesn’t just collect data by default. Out of the box, a brand new laptop with Windows 11 has been shown to send information both to Microsoft and to third parties. These third parties include antivirus vendor McAfee, market research company ScorecardResearch, a “privacy portal” website from OneTrust (a company that helps other companies comply with privacy regulations where they exist), and other third party services.2 What isn’t entirely clear is exactly which parts of the new system are making which connections, since a typical Windows PC also comes preinstalled with a lot of crapware – software that the PC vendor has been paid by third parties to include on their systems.3 Vendors – whom I should point out that Microsoft hasn’t exactly forbidden from using their name and logo when promoting these crapware-laden systems – have even been found shipping bona fide malware in the past.4

While performing a clean installation of Windows 11 using an image downloaded directly from Microsoft would at least eliminate the crapware, it doesn’t fully mitigate the privacy risks from the operating system itself. Before the system is even up and collecting all the aforementioned telemetry, Microsoft tries to force the user to connect to the Internet and create a Microsoft cloud account to which the system is tied. Since Microsoft can fingerprint the system from its telemetry data and tie the system to a user through the cloud account requirement, it is safe to say that the company can tie the system to an individual. Various workarounds to the cloud account requirement have been published, but Microsoft keeps disabling them as they become widely known and popular.5

Even if a local account is used, Microsoft has a habit of pushing invasive “features” onto the system via Windows Update. One controversial addition from 2024 is Windows Recall, which takes screenshots of the user’s entire desktop every few seconds and then uses artificial intelligence (AI) algorithms to determine what the person is doing on the computer.6 With the 24H2 Windows 11 update, Microsoft has made Windows Recall a dependency of Windows Explorer, deeply embedding this potential spyware into the operating environment.7

Apple Macs

Of the big corporations, Apple has historically been the best when it comes to individual privacy. They have thus far resisted the urge to collect as much data as the other companies, and they’ve even gotten into some high-profile fights with various governments over data privacy. That said, there are some concerns that Apple’s privacy-focused position could be changing. All their devices are already cloud-connected and tied to an individual’s Apple ID. Their privacy policy gives them the ability to collect telemetry data, although their opt-out options appear to be a bit more robust than their competitors. However, Apple is starting to move into the advertising services business, with ads now appearing within some Apple-provided apps. Some of these ads are being targeted based on device information.8 Given how lucrative data-driven advertising is, it’s probably a matter of time before Apple ramps up the data collection. For the time being, it is possible to disable personalized ads based on the advertising identifier included on Mac systems.9

A second concern with Mac systems is Apple’s push to make macOS into a similar type of walled garden as is found on iOS devices. Apple is both trying to force users to acquire software through its own store (taking a cut of both software and subscription sales) and giving its own apps a higher level of integration with the operating system than is allowed for third-party apps.10 Mac systems use a service called Gatekeeper, which restricts application launches to software acquired through the App Store by default. Unless the user runs a command-line tool to allow apps from any source, the only user-adjustable Gatekeeper setting allows software to be downloaded outside the App Store as long as it has been signed with a recognized Apple Developer ID and “notarized” by an Apple service.11 Maintaining an Apple Developer ID costs $99/year at the time of this writing, although there is a fee waiver process for nonprofits, educational institutions, and government entities. Apple also charges a 30% commission on most sales through the App Store.12

Chromebooks

A Google Chromebook is a Linux-based system that is centered around the Google Chrome browser and therefore has all the same privacy risks as that browser has, including the forced change to Manifest V3 for the purpose of neutering content blockers. In 2020, the New Mexico attorney general filed a lawsuit against Google, alleging that the company collected personal information about students using school-issued Chromebooks without first obtaining parental consent.13 More recently, Google has been accused of ignoring its own privacy settings, with a class action lawsuit scheduled for trial in August 2025 over the collection of data on Android devices even when the user has opted out.14 Since Google is in the process of replacing ChromeOS with Android,15 similar privacy concerns will also become an issue on Chromebooks.

Mitigation

It is difficult to mitigate the privacy concerns of a Mac system or Chromebook without replacing the hardware. Apple doesn’t precisely follow specifications when creating their systems,16 and their custom ARM-based processors do not yet have full support from Linux or other open-source operating systems. From my own experience in trying to make standard Linux distributions run on Chromebooks, I have found the process to be cumbersome and error-prone, despite the fact that Google’s ChromeOS runs on a Linux kernel. The difficulty is that ChromeOS devices may need a custom kernel with special drivers that aren’t yet in the mainline kernel, making installation of standard distributions more challenging. Given a choice, I’d rather switch a Windows machine to Linux than try to switch a Chrome device to general-purpose Linux, at least for the x86_64 (AMD and Intel) architecture with UEFI firmware.

ARM-based Windows laptops can be challenging to switch away from Windows, since Microsoft historically does not permit laptop manufacturers to provide an unlockable UEFI firmware interface for ARM devices that initially ship with Windows.17 For this reason, careful research is needed before purchasing an ARM-based system that includes Windows out of the box. Linux-powered ARM systems are commercially available, but they require a bit of searching to find. The Pine64 PineTab2 is one example.18

Fortunately, most PC laptops and desktops still use AMD and Intel processors (the x86_64 architecture), making them relatively easy to switch to a privacy-oriented operating environment. Generally speaking, Linux-based systems provide the best combination of hardware support and user experience, while greatly improving user privacy. This generalization comes with a caution, however, as some distributions have included privacy-compromising features in the past, like the time when Ubuntu decided it would be a good idea to add automatic Amazon product searches to their Unity desktop environment.19 For this reason, I suggest using a site like DistroWatch20 to read reviews of potential Linux distributions before installing them. Other open-source operating systems, including FreeBSD21 and GhostBSD22, are available. However, hardware support is generally not as good with the BSD systems as it is with Linux systems.

When shopping for a new computer, it is important to keep Linux (or BSD) compatibility in mind when choosing components. In my experience, most small-form-factor systems have good Linux support, but these should be researched in the same way as laptops. For desktop systems, it is often better to build your own system using components. Compatibility issues need to be considered on a per-component basis. By way of example, out of the box Linux support for an AMD graphics card is typically much better than that of an NVIDIA card, owing to the fact that AMD works with the open-source community while NVIDIA pushes proprietary replacements for open-source components and has not worked well with open-source developers.23 It is much more difficult to have control of components with laptop systems. Framework24 systems have a good reputation for compatibility as of the time of this writing, but they do come at a cost premium compared to a model from one of the bigger companies.

Notes and References

  1. Jon Martindale. “7 ways Windows 11 collects your data – and how to opt out.” PCWorld. July 11, 2024. 

  2. PC Security Channel. Has Windows become Spyware?

  3. Adrian Kingsley-Hughes. “Crapware: Why manufacturers install it, what you can do about it, and why it’s not going to go away.” ZDNET. April 9, 2018. 

  4. Mark Hachman. “If you hate PC bloatware, here are the vendors to avoid.” PCWorld. March 13, 2015. 

  5. Lawrence Abrams. “New Windows 11 trick lets you bypass Microsoft Account requirement.” BleepingComputer. April 1, 2025. 

  6. Alex Wawro. “Windows Recall: How it works, how to turn it off and why you should.” Tom’s Guide. September 24, 2024. 

  7. Chris Titus Tech. “Microsoft Recall is MANDATORY.” October 9, 2024. 

  8. Matt Burgess. “All the Data Apple Collects About You—and How to Limit It.” Wired. January 16, 2023. 

  9. Pranay Parab. “You Can Keep Apple From Collecting Your Most Private MacBook Data.” Lifehacker. January 27, 2025. 

  10. Damon Beres. “Apple’s Walled Garden Is Becoming Harder to Escape.” Slate. June 8, 2021. 

  11. Andrew Cunningham. “RAW shooting, a harsher Gatekeeper, and more obscure macOS and iOS 10 changes.” Ars Technica. June 14, 2016. 

  12. Apple Developer Program: Membership Details

  13. Michael Kan. “Google Sued Over Kids’ Data Collection on Education Chromebooks.” PCMag. February 20, 2020. 

  14. Jon Brodkin. “Google loses in court, faces trial for collecting data on users who opted out.” Ars Technica. January 9, 2025. 

  15. Mishaal Rahman. “Source: Google is turning Chrome OS into Android to compete with the iPad.” Android Authority. November 18, 2024. 

  16. A Brief History of Apple and EFI. rEFIt. 

  17. Aaron Williamson. Microsoft confirms UEFI fears, locks down ARM devices. Software Freedom Law Center. January 12, 2012. 

  18. PineTab2. PINE64. 

  19. Micah Lee. Privacy in Ubuntu 12.10: Amazon Ads and Data Leaks. Electronic Frontier Foundation. October 29, 2012. 

  20. DistroWatch

  21. The FreeBSD Project

  22. GhostBSD

  23. Ryan Paul. “Linus Torvalds says ‘f-k you’ to NVIDIA.” Ars Technica. June 19, 2012. 

  24. Framework

 

Devices
Phones and Tablets