Olsson, Ron, everyone: help me make this actionable. Could you please share with me some references to the legal and regulatory requirements you reference? I really want to better understand to ensure that what we do is compliant worldwide with various business sectors. Or, if we can't comply, help provide more business justification for alternatives. We're already working with many high security customers in various geos, but I want to know the requirements from other businesses like public sector or financial. Share on this thread or email me offline is fine: aaron.czechow...@microsoft.com.
To Robert's point below regarding no telemetry in other versions of SCCM and it still working.... I would argue the "it has worked" statement. There's a reason we've pressed you to run testdbupgrade for years...weird SQL schemas can wreak havoc. We see email threads on this alias, from MS field, on forums, and support cases ALL THE TIME on upgrades or feature use gone awry because of some funky customer-specific thing. If our customer-base has fragmented and customized installs, we need to understand that to ensure the success of the product. Why are they fragmented? Why are they customized? Is it a product gap? We can't move fast if we can't see, and we can't see if we don't have eyes. But that doesn't mean we have to see EVERYTHING. If you want to let us, great, crank it up to level Full. Otherwise give us blinders, set it to Basic. Still concerned? Ok, run offline and inspect the data. SCCM gives you full visibility into the data you send us. Still have concerns about specific data points in that data file? Let me know which ones. We want to answer questions, be transparent about it, and share that in documentation. We're not trying to be sneaky, just trying to engineer the best damn enterprise management product. We test the hell out of the product, but we can't test everything, there will always be bugs. Like security these days where the mindset is assume breach; assume bugs. That's just a fact of software engineering. Regressions happen. But then tell us so we can fix it and make it better. We're currently investing in really burning down our backlog of bugs to run as clean as possible, and build even more automation. But ensuring that we're using our testing resources (people and automation) to test the RIGHT things that are important to our customers requires us to know what's out there. For example, we were going to drop support entirely for Server 2008 because we wanted to stop testing it. As we looked at the early data coming back, there was a LOT of Server 2008, especially with DPs. So we adapted. Because we're moving fast now, because we're agile, and because we have the data to support it, we're able to be agile and adjust. Thanks all for this great discussion. It's exactly the sort of open discourse I want to have on this topic. BTW, Kerim and I have a session at MMS on SCCM servicing and telemetry, http://sched.co/6IEc. I look forward to continuing this conversation in person with some of you next month. Aaron -----Original Message----- From: listsadmin@lists.myitforum.com [mailto:listsadmin@lists.myitforum.com] On Behalf Of Rod Trent Sent: Friday, 15 April, 2016 05:48 To: ms...@lists.myitforum.com Subject: RE: [mssms] ConfigMgr Telemetry I don't understand the disconnect here. Some customers simply will NOT agree to telemetry data. I don't care how innocuous Microsoft makes it sound, there's no way to talk them into it - and a lot of it has to do with regulatory practices and requirements. -----Original Message----- From: listsadmin@lists.myitforum.com [mailto:listsadmin@lists.myitforum.com] On Behalf Of Olsson Mats (4004) Sent: Friday, April 15, 2016 8:40 AM To: ms...@lists.myitforum.com Subject: RE: [mssms] ConfigMgr Telemetry Once again. It's not about that MS does. It's about what regulations you and your organization is bound by. IF your organization sends out data it's not allowed to, It's not MS responsibility. It's yours For me it's not a problem currently We're staying on 2012R2 for a while -----Original Message----- From: listsadmin@lists.myitforum.com [mailto:listsadmin@lists.myitforum.com] On Behalf Of Marcum, John Sent: den 15 april 2016 13:13 To: ms...@lists.myitforum.com Subject: Re: [mssms] ConfigMgr Telemetry I feel certain MS has their legal bases covered by what they do and do not collect but I could be wrong. If I were you I'd contact my TAM. Typos compliments of Siri Sent from my iOS device On Apr 15, 2016, at 3:34 AM, Olsson Mats (4004) <mats.ols...@forsakringskassan.se<mailto:mats.ols...@forsakringskassan.se>> wrote: I once again want’s to press on the fact that it’s not a customer wish. It’s Mandatory legal requirements. You comply with them or you will be out of business Therefore the question for those customers is will MS allow us to disable the function so that we can use ConfigMgr in the future or do we have to get another product that complies with the laws of the country? From: listsadmin@lists.myitforum.com<mailto:listsadmin@lists.myitforum.com> [mailto:listsadmin@lists.myitforum.com] On Behalf Of Jason Wallace Sent: den 15 april 2016 09:39 To: ms...@lists.myitforum.com<mailto:ms...@lists.myitforum.com> Subject: Re: [mssms] ConfigMgr Telemetry Guys I do accept that the customer might wish to avoid sending telemetry data to Microsoft on CM and for reasons that are perfectly valid for the customer. In defence of CM in this respect Microsoft are being really quite transparent as to what is gathered and why. We live in an Information Age where telemetry is gathered by vendors in all sorts of ways. My phone sends telemetry as does my laptop and my car certainly does. I have no idea as to what information is being gathered, when, by whom and for what purpose. This feeds into a much wider conversation that has not taken place : who is the data owner, what are their responsibilities to protect that data or to act upon that telemetry data. I know that my car is UK built by a Japanese company and the telemetry is uploaded to Azure. If the uploaded telemetry indicates that there is a safety related issue with my car is Nissan under an obligation to call me? If they don't and I suffer death or injury is there a legal responsibility? If so, on whom - Nissan for not having informed me or me for not having correctly maintained my car (as has always been the case) - even though I was ignorant of the fact. If there is a legal responsibility then under which jurisdiction? Interesting times eh? On 15 Apr 2016, at 07:31, Olsson Mats (4004) <mats.ols...@forsakringskassan.se<mailto:mats.ols...@forsakringskassan.se>> wrote: And that’s the problem. It doesn’t matter what data that is collected. What matter is that data IS collected without any possibility to turn it off. From: listsadmin@lists.myitforum.com<mailto:listsadmin@lists.myitforum.com> [mailto:listsadmin@lists.myitforum.com] On Behalf Of mirko colemberg Sent: den 14 april 2016 18:21 To: John Aubrey <jaub...@norwoodmedical.com<mailto:jaub...@norwoodmedical.com>>; ms...@lists.myitforum.com<mailto:ms...@lists.myitforum.com> Subject: RE: [mssms] ConfigMgr Telemetry Just for the People are intrested what telemetry on sccm cb means here are the Details, hope it helps to clarify the data it sends to MS. https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2foscc1-public.sharepoint.com%2fblog&data=01%7c01%7caaron.czechowski%40microsoft.com%7cd4a77d04fbdb46fa149708d3652c4b02%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=GncVi7aK6lUnBMN8q2Vv8yRkBCXEM%2bwBoR%2bAeiXbCfo%3d And yes it has nothing to about MS use Telemetry or not, it should, it’s. Good or bad 😉 Hope it helps Mirko Sent from my Windows 10 phone From: John Aubrey<mailto:jaub...@norwoodmedical.com> Sent: Donnerstag, 14. April 2016 17:33 To: ms...@lists.myitforum.com<mailto:ms...@lists.myitforum.com> Subject: RE: [mssms] ConfigMgr Telemetry Privacy is always a concern, but IMHO, SCCM has become an “As a Service” type of program. Just like Office 365 and anything in azure or anything in a majority of cloud services. Only difference is people run SCCM on prem and the rest of the stuff in the cloud. You don’t think Airwatch collects anything about your environment for their own purpose of running your cloud service? I really hope they do. I would like them to know if their servicing next week is expected to break anything based on our environment. The direction Microsoft has gone down with the Cloud first motto, they will live and die by their cloud services. They push an update that causes Office 365 to go down for a few days or god forbid data loss, they are done, no one will trust their email again. 99% isn’t good enough for what they run. Microsoft needs as much data about as many environments as possible in order to get the best upgrades out there. There is a lot of information in SCCM that would pose a security concern, but I guess I have never had a tin foil hat on before. From: listsadmin@lists.myitforum.com<mailto:listsadmin@lists.myitforum.com> [mailto:listsadmin@lists.myitforum.com] On Behalf Of Olsson Mats (4004) Sent: Thursday, April 14, 2016 9:26 AM To: ms...@lists.myitforum.com<mailto:ms...@lists.myitforum.com> Subject: RE: [mssms] ConfigMgr Telemetry I agree with Robert I can say that for some customers in the government sector it’s a legal requirement even. From: listsadmin@lists.myitforum.com<mailto:listsadmin@lists.myitforum.com> [mailto:listsadmin@lists.myitforum.com] On Behalf Of Robert Spinelli Sent: den 14 april 2016 14:58 To: ms...@lists.myitforum.com<mailto:ms...@lists.myitforum.com> Subject: RE: [mssms] ConfigMgr Telemetry Aaron, no offense, I’m very appreciative that you look at this forum and answer questions, but there should always be a way to opt out of something. The fact that MS doesn’t allow you to opt out of telemetry for SCCM CB is a huge mistake. I consulted at a hedge fund for a year who are very nuts when it comes to security/privacy and I’ll guarantee when they find out about telemetry, they won’t upgrade to SCCM Current Branch. It doesn’t matter what documentation you show them, they don’t want anything going out, and as the customer they should have the right to decide what does/doesn’t go out to MS. My 2 cents. Rob From: listsadmin@lists.myitforum.com<mailto:listsadmin@lists.myitforum.com> [mailto:listsadmin@lists.myitforum.com] On Behalf Of Aaron Czechowski Sent: Thursday, April 14, 2016 1:07 AM To: ms...@lists.myitforum.com<mailto:ms...@lists.myitforum.com> Subject: RE: [mssms] ConfigMgr Telemetry Jay – Why are they “pushing hard”? What are their concerns? Have you/they read through the full documentation? I’ve had this conversation with a number of customers, including some very privacy-sensitive customers in Europe. As we review the specific documentation we’ve been able to alleviate their concerns. Aaron From: listsadmin@lists.myitforum.com<mailto:listsadmin@lists.myitforum.com> [mailto:listsadmin@lists.myitforum.com] On Behalf Of Jason Sandys Sent: Tuesday, 12 April, 2016 10:48 To: ms...@lists.myitforum.com<mailto:ms...@lists.myitforum.com> Subject: Re: [mssms] ConfigMgr Telemetry You already have your answer; at this time, you can’t if you want to get the latest service branches of ConfigMgr. J From: <listsadmin@lists.myitforum.com<mailto:listsadmin@lists.myitforum.com>> on behalf of Jay Parekh <j...@parekhonline.com<mailto:j...@parekhonline.com>> Reply-To: "ms...@lists.myitforum.com<mailto:ms...@lists.myitforum.com>" <ms...@lists.myitforum.com<mailto:ms...@lists.myitforum.com>> Date: Tuesday, April 12, 2016 at 11:28 AM To: "ms...@lists.myitforum.com<mailto:ms...@lists.myitforum.com>" <ms...@lists.myitforum.com<mailto:ms...@lists.myitforum.com>> Subject: [mssms] ConfigMgr Telemetry A customer is pushing hard on having this disabled and don’t see a way to do so. Per below, seems basic is required. Do you know if there is a roadmap for this in a future branch? They are very sensitive to anything being published to MS. They are planning to turn off telemetry in Windows 10. https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftechnet.microsoft.com%2fen-us%2flibrary%2fmt652309.aspx&data=01%7c01%7caaron.czechowski%40microsoft.com%7cd4a77d04fbdb46fa149708d3652c4b02%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=hqgBZEP%2fdwD6QNW1HAvSsQlmAeYiSq5JUozGmV4kh2w%3d<https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftechnet.microsoft.com%2fen-us%2flibrary%2fmt652309.aspx&data=01%7c01%7caaron.czechowski%40microsoft.com%7c822d05b3224f46b0abea08d36305cf3a%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=kqCazczDBQ%2fo1niNpgJopRSD0JVK%2fJ3jpZB7bIEBxHo%3d> How do I turn off telemetry? -------------------------------------------------------------------------------- The current branch of Configuration Manager needs to be updated on a regular basis in order to support new versions of Windows 10 and Microsoft Intune. Microsoft requires at least the Basic level of diagnostic and usage data to keep the product up to date, improve the update experience, and improve the quality and security of the product. Sent from Mail<https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fgo.microsoft.com%2ffwlink%2f%3fLinkId%3d550986&data=01%7c01%7caaron.czechowski%40microsoft.com%7c822d05b3224f46b0abea08d36305cf3a%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=gDHyvs6HsEbtzl0Ly5v6tag4jBV1nDheSyPUQkpKYig%3d> for Windows 10 ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer.