On Friday, security researcher Nadim Kobeissi claimed that Microsoft’s malware-blocking SmartScreen software gives the company too much information on which programs Windows users are installing.
But in a statement to VentureBeat, Microsoft denies the claims.
“We can confirm that we are not building a historical database of program and user IP data. Like all online services, IP addresses are necessary to connect to our service, but we periodically delete them from our logs.” a company spokesperson said.
Microsoft also says that it doesn’t use the collected information for targeted advertising nor does it share it with other companies. No surprises there.
Microsoft’s statements come in response to fears that, by placing user data in a centralized repository, the company would create an enticing target for both governments and bad guys. But by clearing out the database every once in a while, Microsoft makes it much harder for anyone to get a hold of it.
Kobeissi, however, is likely to take issue with Microsoft’s use of “periodically,” which could refer to anything from six days to six months. For the researcher, a better solution would be simply to not collect the data at all.
Predictably, Microsoft also notes that while SmartScreen is on by default in Windows 8, concerned users can elect to turn the feature off at any time.