Manage the privacy of data monitored by Office Telemetry Dashboard

Applies to: Office 2019, Office 2016

Important

Office Telemetry Dashboard is an Excel workbook that shows compatibility and inventory data for the Office files, add-ins, and solutions used in an organization. Office Telemetry Dashboard displays the file names and titles of documents in each user's Most Recently Used list, which might reveal personal or confidential information about the user or organization. The names of add-ins and other solutions that are used by Office are also displayed. This article explains how settings in Office Telemetry Dashboard and Office Telemetry Agent protect user privacy. These settings disguise file names and titles or prevent data for selected applications and solutions from being reported.

The agent collects inventory, usage, and health data, then uploads it to a shared folder. A service called Office Telemetry Processor processes this data and inserts it into an SQL database. Office Telemetry Dashboard connects to this database so that it can show the usage of Office files, add-ins, and solutions.

The agent is built into Office 2019 and Office 2016 and is installed separately on computers that run earlier versions of Office. Whether the agent is built in or deployed separately, it doesn't generate or collect any data until you enable logging. Use the registry or Group Policy Administrative Template files (ADMX/ADML) for Office as described in Deploy Office Telemetry Dashboard. After logging begins, data is stored on the local computer under %LocalAppData%\Microsoft\Office\16.0\Telemetry and is uploaded periodically to a shared folder.

Important

  • Office Telemetry Dashboard is an on-premises tool that collects inventory, usage, and health data about the Office documents and solutions, such as add-ins, used in your organization. The data is primarily designed to help your organization with application compatibility testing.
  • Data collected for Office Telemetry Dashboard is stored in a SQL Server database controlled by your organization and the data collected is not sent to Microsoft. For more information, see Data collected by the agent for Office Telemetry Dashboard.
  • Data collected for Office Telemetry Dashboard is different than Office diagnostic data, which can be sent to Microsoft. For more information about Office diagnostic data, see Overview of privacy controls for Microsoft 365 Apps.
  • Settings used to manage Office Telemetry Dashboard have no impact on Office diagnostic data and vice versa. For more information about managing Office diagnostic data, see Use policy settings to manage privacy controls for Microsoft 365 Apps.

How to configure privacy and performance settings in Office Telemetry Dashboard

There are several ways that you can configure the level of detail that is displayed for Office files, add-ins, and solutions in Office Telemetry Dashboard. Some methods, such as changing the reporting threshold, prevent certain information from being shown in Office Telemetry Dashboard. Other methods prevent the agent from uploading data so that it's never added to the database. Setting a threshold and preventing certain data from uploading can also help improve the performance of the database and custom reports.

The following image provides a quick overview of the three methods that Office Telemetry Dashboard provides to help you protect user privacy.

Three ways to configure privacy settings in Office Telemetry Dashboard

An image showing three methods to manage privacy in Office telemetry: obfuscate document details, exclude certain applications from reporting, and set thresholds for user counts.

Adjust the reporting threshold in the database to show only files that are used by multiple users

Office Telemetry Dashboard tracks the number of users who use an Office file that has the same name. These files are usually shared and accessed by multiple users, and they often have more business value than files used by a single user. As part of your compatibility planning, you can choose to ignore inventory and compatibility events for files used by a single user and instead monitor files used across a department. Configuring Office Telemetry Dashboard to report files that are used by, say, three or more users also helps avoid displaying personal files, such as resumes. This setting reduces the data set returned in custom reports in Office Telemetry Dashboard, helping you work around the 2-GB memory limitation in the 32-bit version of Excel.

To prevent Office Telemetry Dashboard from displaying files that have a single author, you run a script that adjusts the minimum reporting threshold in the database. Use the Telemetry Dashboard Administration Tool (Tdadm) to filter out files that appear on two or fewer clients. Set the Threshold value to three, or to a larger value if needed, as shown in the following example.

tdadm.exe -o settings -databaseserver dbserver -databasename dbname -threshold 3

For more information about Tdadm, see the Tdadm wiki.

Disguise or obscure user and file data that is shown in Office Telemetry Dashboard

It's common for users in an organization to save Office files by using file names that contain sensitive or confidential information. These files might have high business value, justifying their monitoring for compatibility issues. However, business groups like legal and human resources might object to monitoring their computers to avoid revealing confidential file names to administrators using Office Telemetry Dashboard.

To allow yourself and other administrators to identify the owners of Office files that have compatibility issues without revealing file names or specific locations, you can enable file obfuscation, which disguises Office file names, titles, and file paths. This setting is configured on the agent, which performs the obfuscation task before uploading data to the shared folder. The data that is stored on the local computer isn't obfuscated.

The following table describes different ways in which file information is disguised.

Examples of obfuscated file names, file paths, and titles

Actual file details on the monitored client computer

Example File name File path Title
#1 Resume_Contoso.xlsx C:\Users\John\Documents Resume_Contoso.docx
#2 Merger_Contoso.docx \\FileShare\Operations\FY2018 Merger_Contoso.docx
#3 FY2018_Merger.xlsx https://sharepoint/sites/HR/SharedDocuments FY2018_Merger.xlsx
#4 10 cures for diseases.pptx Outlook:C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Outlook\1234ABCD 10 cures for diseases

Data that is sent to the shared folder after you enable file obfuscation.

Example File name File path Title
#1 Re*.xlsx C:\* *
#2 Me*.docx \\FileShare\* *
#3 FY*.xlsx https://sharepoint/* *
#4 10*.pptx Outlook:* *

To enable file obfuscation by using the registry

The following example enables file obfuscation in the registry of a client computer. Save this code sample as a .reg file and then run it on the monitored client computers.

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\osm]
"EnableFileObfuscation"=dword:00000001

For more information about how to use .reg files, see How to add, modify, or delete registry subkeys and values by using a registration entries (.reg) file.

To enable file obfuscation by using Group Policy settings

The following table describes the name and path of the Group Policy setting that enables file obfuscation. You can download the Administrative Template files (ADMX/ADML) for Office from the Microsoft Download Center.

Group Policy setting that enables file obfuscation

Setting name Path
Turn on privacy settings in Office Telemetry Agent
User Configuration\Policies\Administrative Templates\Microsoft Office 2016\Telemetry Dashboard

Prevent certain applications or solutions from being reported in Office Telemetry Dashboard

For business groups with employees handling trade secrets or sensitive data, you can prevent the collection and upload of information about specific Office applications or Office solution types to the shared folder. For example, a business group might decide that Excel files are too sensitive for monitoring. Another group might decide that they care only about Access-related solutions and that they don't want to monitor other applications.

To configure exclusion settings by using the registry

The following table describes the registry values that prevent specific applications from being reported to Office Telemetry Dashboard.

Agent registry settings under HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\OSM\preventedapplications

Value name Value type Value description and data
accesssolution

olksolution

onenotesolution

pptsolution

projectsolution

publishersolution

visiosolution

wdsolution

xlsolution
REG_DWORD
Prevents data for specific Office applications from being reported to Office Telemetry Dashboard. The agent won't report any data that interacts with the specified application. This includes document files that are used by the application and COM add-ins that are loaded the application. The value names correspond to Office applications as follows:

accesssolution: Access solutions

olksolution: Microsoft Outlook solutions

onenotesolution: OneNote solutions

pptsolution: PowerPoint solutions

projectsolution: Project solutions

publishersolution: Publisher solutions

visiosolution: Visio solutions

wdsolution: Word solutions

xlsolution: Excel solutions

Value:

1 = Prevent reporting

0 = Allow reporting

Default = 0 (Allow reporting)

The following table describes the registry values that prevent specific solution types from being reported to Office Telemetry Dashboard.

Agent registry settings under HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\OSM\preventedsolutiontypes

Value name Value type Value description and data
agave
appaddins

comaddins

documentfiles

templatefiles
REG_DWORD
Prevents data for specific solutions from being reported to Office Telemetry Dashboard. The value names correspond to Office solution types as follows:

agave: apps for Office

appaddins: Application-specific add-ins. These include Excel add-ins such as .xla and xlam, Word add-ins such as .dotm, and PowerPoint add-ins such as .ppa and .ppam.

comaddins: COM add-ins

documentfiles: Office document files

templatefiles: Office template files

Value:

1 = Prevent reporting

0 = Allow reporting

Default = 0 (Allow reporting)

The following example disables reporting for all solution and application types. Save this sample as a .reg file and then remove any applications or solutions that you want to allow reporting for. Otherwise they'll all be disabled because their value is set to 00000001.

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Policies\microsoft\office\16.0\osm\preventedapplications]
"accesssolution"=dword:00000001
"olksolution"=dword:00000001
"onenotesolution"=dword:00000001
"pptsolution"=dword:00000001
"projectsolution"=dword:00000001
"publishersolution"=dword:00000001
"visiosolution"=dword:00000001
"wdsolution"=dword:00000001
"xlsolution"=dword:00000001

[HKEY_CURRENT_USER\Software\Policies\microsoft\office\16.0\osm\preventedsolutiontypes]
"agave"=dword:00000001
"appaddins"=dword:00000001
"comaddins"=dword:00000001
"documentfiles"=dword:00000001
"templatefiles"=dword:00000001

For more information about how to use .reg files, see How to add, modify, or delete registry subkeys and values by using a registration entries (.reg) file.

To configure exclusion settings by using Group Policy settings

The following table describes the name and path of the Group Policy settings that exclude reporting for selected Office applications and solutions. You can download the Administrative Template files (ADMX/ADML) for Office from the Microsoft Download Center.

Exclusion policy settings under User Configuration\Policies\Administrative Templates\Microsoft Office 2016\Telemetry Dashboard

Setting Description
Office applications to exclude from Office Telemetry Agent reporting
Prevents data for specific Office applications from being reported to Office Telemetry Dashboard.
Office solutions to exclude from Office Telemetry Agent reporting
Prevents data for specific Office solutions from being reported to Office Telemetry Dashboard.

Disable data collection for the agent

To stop collecting data on the local computer, update the registry or set Group Policy settings as follows.

To stop logging by using the registry

The following example stops logging and uploading by the agent. Save the example as a .reg file and run it on the client computer.

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\osm]
"Enablelogging"=dword:00000000
"EnableUpload"=dword:00000000

For more information about how to use .reg files, see How to add, modify, or delete registry subkeys and values by using a registration entries (.reg) file.

To stop logging by using the Group Policy settings

The policy settings that are listed in the following table are available in the path User Configuration\Policies\Administrative Templates\Microsoft Office 2016\Telemetry Dashboard. Set these policy settings to Disabled to turn off data collection and uploading for the agent. You can download the Administrative Template files (ADMX/ADML) for Office from the Microsoft Download Center.

Agent policy settings that disable logging

Setting Description
Turn on telemetry data collection
Set this setting to Disabled to turn off data collection.
Turn on data uploading for Office Telemetry Agent
Set this setting to Disabled to stop uploading data to the shared folder.

Delete data that is stored on client computers

Disabling logging doesn't delete the data that is already collected from a computer. To delete this data on the local client computer, delete the files evt.tbl, sln.tbl, user.tbl that are located under %LocalAppData%\Microsoft\Office\16.0\Telemetry.