According to a source review based on publicly available court documents, Microsoft’s Global Device Identifier (GDID) can track Windows device activity even when users employ VPNs. This identifier was key in a US case where a hacker’s Windows device was traced to specific online actions through Microsoft's records, demonstrating the persistence and reach of this tracking mechanism beyond conventional browser data.

  • GDID tracks Windows device activity beyond browser history and cookies
  • Identifier persists across updates with no simple opt-out except reinstallation
  • Data shared with law enforcement can link device to specific web usage

Product angle

The source review reports that the Global Device Identifier (GDID) is an automatically generated number tied to each Windows installation, maintained even through system updates. This identifier allows Microsoft to link a device to online activity, including visits to non-Microsoft websites and services. The recent legal case involving a hacker demonstrates how this persistent identifier can serve investigative purposes, despite the use of standard privacy tools like VPNs.

While the GDID appears intended for system and security functions, its use as a cross-service tracking mechanism has privacy implications. Users may be unaware that their Windows device is continuously identifiable to Microsoft, which can provide activity logs to authorities. This transparency issue spotlights the opaque nature of device-level tracking embedded in Windows installations.

Best for / avoid if

This feature is best suited for environments where device security and forensic tracking are priorities, such as corporate IT infrastructure or law enforcement investigations. Organizations valuing auditability of Windows device activity may find the GDID useful for tracking compromised systems or suspicious behaviors that evade traditional network monitoring.

Conversely, privacy-conscious users and advocates may want to avoid reliance on or exposure to this identifier. Since the GDID cannot easily be turned off without fully reinstalling Windows, users who seek high anonymity and minimization of persistent identifiers may find Windows devices less suitable without additional privacy tools or alternative operating systems.

Pricing and alternatives to check

Microsoft Windows including the GDID feature comes with the standard licensing costs of the operating system and does not charge separately for this functionality. The GDID is an integrated component of Windows installations, so its presence is inherent in all eligible Windows environments without additional fees.

Alternatives to consider for users seeking minimized device-level tracking include using open-source Linux distributions or privacy-focused operating systems which do not embed persistent unique device identifiers tied to the system installation. For those remaining on Windows, privacy tools, network obfuscation, and full system reinstalls are among the limited ways to mitigate this tracking.

Source assisted: This briefing began from a discovered source item from Digital Trends Computing. Open the original source.
Review disclosure: Review-watch pages are buyer briefings unless clearly labelled as hands-on SignalDesk reviews. Affiliate, sponsor or free-access relationships should be disclosed on the page. Read the review methodology.
How SignalDesk reports: feeds and outside sources are used for discovery. Public briefings are edited to add context, buyer relevance and attribution before they are published. Read the standards

Related briefings