What is The Non-Consensual Cookie Bandit?

A satirical web experience that parodies cookie consent popups by "auditing your life" instead of tracking your data. It's a humorous exploration of digital consent culture.

Is this actually tracking my cookies?

No. Despite the name, we don't actually track cookies in the traditional sense. This is a parody project that uses "cookies" as a metaphor for life decisions.

Is the life audit real?

The audit is generated for entertainment purposes only. Results are satirical and should not be taken as genuine life advice.

Can I play games on this site?

Yes! We have several mini-games including the Reject Button Game and Cookie Clicker. More games are being added regularly.

Does Windows 11 collect more data than Windows 10?

Windows 11 requires a Microsoft account for Home edition setup, which links your device to a persistent identity that was optional in Windows 10. The Bureau considers this a significant privacy regression disguised as a feature requirement.

Can I opt out of Windows telemetry entirely?

Windows 11 Home does not allow full telemetry opt-out. You can reduce to 'Required' (formerly 'Basic') diagnostic data, but complete cessation is not available to consumer users. Enterprise versions allow full disable via Group Policy. The Bureau notes this as a meaningful consumer/enterprise double standard.

What does Microsoft do with LinkedIn data?

Microsoft states LinkedIn data is used to improve LinkedIn services and, with your permission, to personalise experiences across Microsoft products. The 'with your permission' clause is buried in LinkedIn account settings and defaults to enabled for users who connected their accounts.

← Hall of Shame

C-

Microsoft

windowstelemetryenterpriselinkedinxbox

9,400

Word Count

38 min

Reading Time

0 min

Human Patience

7/10

Sneakiness

Translation Service

What They Say

Microsoft's privacy policy is one of the longest documents the Bureau has reviewed, which we interpret as thoroughness rather than concealment — though the distinction is philosophically unstable. They commit to transparency about what Windows collects via diagnostics and telemetry, describe how enterprise and consumer data is separated, and provide a dedicated privacy dashboard. The policy uses the word "control" 47 times, which the Bureau finds notable.

What They Mean

Windows is telemetry software that also runs your applications. The 'Basic' diagnostics setting, which sounds minimal, still sends device identifiers, installed software lists, error reports, and usage metadata to Microsoft servers. The 'Full' setting — which is the default — includes browsing history from Edge, Cortana interactions, and detailed application usage patterns. This data persists across Windows reinstalls via your Microsoft account. The LinkedIn acquisition means Microsoft now cross-references your professional identity with your device behaviour, which is the kind of data synthesis that should have its own policy category.

Worst Clause — Exhibit A

"We use the data we collect to provide you with rich, interactive experiences. In particular, we use data to keep our services up-to-date, secure, and operating as expected, to detect and prevent fraud, to develop new features, to generate and derive inferences and insights, and to advertise and market to you."

Bureau Translation:

'Generate and derive inferences' means Microsoft builds predictive models from your behaviour to determine things you have not told them — income level, health status, purchasing intent. 'Advertise and market to you' means Bing, MSN, and the Windows Start menu are all advertising surfaces serving ads informed by your device data. The Bureau notes that 'rich, interactive experiences' is the most optimistic description of targeted advertising it has encountered.

Evidence Tags — Data Collected

Windows telemetry — keystrokes, app usage, crash dataCortana queries and voice commandsXbox gaming behaviour, purchase history, friend networksLinkedIn professional data merged into Microsoft graphBing search history linked to Microsoft accountOffice 365 document usage and collaboration patternsAzure AD identity and enterprise behaviour data

Bureau Verdict

"Microsoft's policy is the best-organised document in our archive, which is not a compliment to the others and is not fully a compliment to Microsoft. The telemetry collection is extensive and the LinkedIn data merger is underexplained. Grade C-: points for structure and the genuine privacy dashboard, points deducted for the sheer volume of collection that 'Basic' diagnostic mode represents."

C-

Overall Grade

Structurally Impressive, Spiritually Hollow

Frequently Asked Questions

Dark Patterns Documented

Forced Continuity →Trick Question →

See the full Dark Pattern Encyclopedia for documentation of each technique.

← All Companies Dark Pattern Encyclopedia →Terms Nobody Read →

Audited: 2026-03-20