The Windows Genuine Advantage Notifications application in Windows XP has been the cause of much user discontent and even a couple of lawsuits since Microsoft introduced it last year. Now, Heise Security reports that Microsoft may be quietly keeping track of users who opt out of installing the software via Windows Update.
Heise says that, unbeknownst to end users, Windows Update sends data to a server at http://genuine.microsoft.com when a user refuses to install the software. The data transmitted includes encrypted strings as well as information about the user’s version of Windows, the version of the WGA notification tool, and the language of the operating system. According to Heise, Microsoft might even be able to identify individual computers with some of this information. The site asked Microsoft about the subject, but the company said the purpose of the data collection was to “improve the quality of the WGA for users,” and that the data did not identify end users. Nonetheless, the company reportedly declined to explain why the software doesn’t inform the end user that data is being sent—or ask for his or her consent.