Managing privacy (SharePoint Server 2010)

 

Applies to: SharePoint Server 2010

Several features in Microsoft SharePoint Server 2010 interact with personally identifiable information. This document lists the features that store or use personally identifiable information and describes how that information is used. The article also tells you how to control the behavior of the features — or turn off the features — to help protect the privacy of the information.

In this article:

  • Web Analytics

  • SharePoint social tagging and Note Boards

  • SharePoint ratings

  • My Sites and user profiles

  • Support for SharePoint Server Colleague add-In

  • Activity feed

  • SharePoint Search Federation

  • SharePoint Query logging

  • Managed metadata and enterprise keywords

Web Analytics

The Web Analytics services enable SharePoint Server 2010 customers to understand more about visits to their SharePoint sites. The Web Analytics services collect data about how end-users access SharePoint pages. Data that is collected by the Web Analytics services can include but is not limited to the following information:

  • The site from which the end-user starts

  • The keywords that the end-user uses to find the SharePoint site

  • The pages viewed on the site

  • The searches run on the site

  • The browser type

Important

None of this information is sent to Microsoft unless Microsoft hosts the SharePoint site.

A member of the Farm Administrators group can decide not to use the Web Analytics services. The administrator either does not create a Web Analytics Service Application or stops the Web Analytics services by using the following procedure.

  1. On the Central Administration Web site, on the Quick Launch, click Monitoring and in the Reporting section click Configure usage and health data collection.

    The Configure web analytics and health data collection page opens.

  2. In the Event Selection section, clear the Events to log check boxes to stop logging these data points.

A member of the Farm Administrators group can disable the reporting of Web Analytics services data for a specific site collection.

  1. On the top-level page of a site collection, on the Site Actions menu, click Site Settings.

  2. In the Site Collection Administration section, click Site collection features and, next to Advanced Web Analytics, click Deactivate.

If a member of the Farm Administrators group stops the Web Analytics services or decides not to log certain data, subsequent logging is stopped, but information that is already logged will not immediately be deleted or removed from Web Analytics reports.

Members of the SharePoint Farm Administrators group can also set the limit on the period that the data is retained in the Web Analytics warehouse database. After the limit is reached, the data does not show in Web Analytics reports because the data is no longer in the database. For example, if the administrator sets the data retention period to one month, only data of the past month will appear in reports.

To set the limit on the data retention period:

  1. On the Central Administration Web site, in the Application Management section, click Manage service applications.

  2. Click the Web Analytics Service Application row to select it and in the Operations group of the ribbon click Properties.

  3. In the dialog box, in the Data Retention Period section, set the data retention period, which can range from 1 month to 25 months.

SharePoint social tagging and Note Boards

The SharePoint Social Tagging and Note Boards features enable users to tag or add notes to SharePoint pages and Internet pages. By default, the SharePoint Social Tagging and Note Boards features are turned on. Social tagging can be turned off by a member of the Farm Administrators group, an administrator who has been assigned to a User Profile Service Application, or anyone who has the Manage Social Data permission. To turn off social tagging, remove the Use Social Features permission from a user or group.

When a user adds tags or notes, the user’s user name is stored with the tag or note. Tags and notes that users create appear in the activity feeds of both the users' Colleagues and any users who have the tag listed as an interest in their user profile.

Users can decide to have their tags marked as private — so that the tags' URLs are not visible to other users — by selecting the Private check box on the Tag Entry dialog box or by marking their items private from their Tags and Notes pages. Notes cannot be marked as private.

SharePoint ratings

SharePoint lets users add ratings to SharePoint list items and document library items. These ratings are also displayed on the activity feeds of users. User names are not displayed next to the ratings on SharePoint list items, document library items, or activity feeds. Microsoft SharePoint Server does store user names, and user names can be accessed through the SharePoint object model. By default, the SharePoint ratings feature is turned on. The ratings feature can be turned off by a member of the Farm Administrators group, an administrator who has been assigned to a User Profile Service Application, or anyone who has the Manage Social Data permission. To turn off ratings, remove the Use Social Features permission from a user or group. A SharePoint administrator can also disable the ratings control on SharePoint pages for a site collection so that users can no longer see the control on Web pages. The following is the Windows PowerShell command to disable the ratings control:

Disable-spfeature -id "915c240e-a6cc-49b8-8b2c-0bff8b553ed3" -url Site Collection Url -force -Confirm:$false

A SharePoint administrator must have both site collection administrator permissions and the Shell_Access and WSS_WPG Windows PowerShell permissions to perform this action.

This command disables the controls on the Web pages but does not delete existing ratings or associated user names from the SharePoint database. Ratings and associated user name data can be deleted permanently by using the SharePoint object model.

My Sites and user profiles

My Sites let users store and display personal information that other SharePoint users and applications can access. Users can personalize the appearance, behavior, and content of their My Site pages. Users can also update their SharePoint user profiles from their My Site pages. By default, some user information, such as name, account name, e-mail address, telephone number, and manager’s name, is included in the My Site and SharePoint profiles. A User Profile service administrator who has Manage Profile permissions can configure user profiles to include specific data in a user’s My Site and SharePoint profiles.

  1. On the Central Administration Web site, in the Application Management section, click Manage service applications.

  2. Click User Profile Service, and in the People section, click Manage User Profiles.

Each profile property has an associated privacy level. Microsoft SharePoint Server supports the following privacy levels:

Only Me

My Manager

My Team

My Colleagues

Everyone

Users can choose privacy levels that help ensure that data that is stored in their profiles is visible only to intended people. A User Profile Service administrator with Manage Profile permissions can configure a default privacy level for a profile property and enable users to override it. A SharePoint administrator can also enforce a privacy level on a particular profile property so that users cannot override it.

  1. On the Central Administration Web site, click Manage service applications.

  2. Click User Profile Service, and then click Profile services policies.

Except for the My Team and My Colleagues privacy levels, profile privacy levels are automatically computed by SharePoint Server. Users decide which people are at the My Team and My Colleagues privacy levels. My Colleagues refers to Colleague relationships that a user has identified. My Team is a subset of Colleagues who are specified by a user.

User Profile service administrators with Manage Profile permissions who manage the databases for profile data have access to all data regardless of privacy levels that users set.

Support for SharePoint Server Colleague add-in

The SharePoint Server Colleague Add-in feature in Microsoft Outlook 2010 scans a user’s sent e-mail folder to look for specific names and keywords and the frequency of those names and keywords. A list of suggested keywords is available on the Edit profile page of the user profile. The list is updated periodically and stored in the user’s profile on his or her local computer. The list of possible colleagues is accessed by the Add Colleagues page on the My Site, where users can choose the colleagues they want to add to their trusted My Site. A user must approve or reject each contact name or keyword before it is added to the user profile. Members of the SharePoint Farm Administrators group can turn off this functionality and prevent My Sites from accessing this information by setting the following Group Policy setting registry key.

HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Portal\ColleagueImport\Enabled

Values = DWORD 0 to turn it off and 1 to turn it on.

An end user can turn off both or either the analysis of content in the Sent Items e-mail folder and the uploading of contact names and keywords to My Site by following these steps:

  1. On the File menu of Outlook 2010, click Options.

  2. In the Outlook Options dialog box, click Advanced.

  3. In the Other section, clear the option that allows analysis of sent e-mails and subjects.

Activity feed

Activity Feed lets users add feeds of events to their My Sites. Feeds might give information about activities of their Colleagues, such as updates to profile properties and creation of social tags and notes. Activity Feed does not enable tracking of activities that a user does not have permissions to see.

Activity Feed is off by default in a User Profile Service Application. To turn on this feature, a member of the Farm Administrators group must configure the User Profile service Activity Feed timer job.

  1. On the Central Administration Web site, on the Quick Launch, click Monitoring.

  2. In the Timer Jobs section, click Review job definitions.

  3. Click User Profile Service – Activity Feed Job in the list of timer jobs.

  4. On the Edit Timer Job page, click Enable.

Users choose their Colleagues for their My Site by selecting names of other users and setting them as Colleagues. When a user is selected as a Colleague, a notification e-mail message is sent to the new Colleague.

SharePoint Search Federation

SharePoint Search Federation allows an administrator for a Search Service Application to provide results from multiple search providers for user queries. By default, SharePoint Search Federation searches only local SharePoint content. An administrator for a Search Service Application can add search providers, such as any third-party remote or online search engine.

If an administrator for a Search Service Application adds a search provider, user queries are sent to that search provider, and the results returned by the search provider are displayed.

Information about the privacy practices of the Microsoft Bing search engine is at https://go.microsoft.com/fwlink/?LinkID=147849. Microsoft does not control the data collection and use practices of third-party search providers.

SharePoint query logging

SharePoint search collects information about user search queries and about the search results that users select on their computers. SharePoint uses this information to improve the relevancy of search results and to improve query suggestions. Members of the Farm Administrators group or an administrator of the Search Service Application can also create reports, depending on this information.

Query logging can be turned off as follows:

  1. On the Central Administration Web site, in the Application Management section, click Manage service applications.

  2. Click Search Service Application and in the System Status section of the Search Service Application page, click the Disable link next to Query logging.

Managed metadata and enterprise keywords

Enterprise keywords are managed metadata values from a term store that are stored in a special column type. Instead of being bound to a single term set, this column type is validated against all available terms in all accessible term sets. However, this column type is not validated against term sets that are specific to a site collection and does not participate in enterprise keyword validation.

Default behavior

By default, both managed metadata and enterprise keyword columns are available in SharePoint Server 2010. These columns can be applied to a content type or list. After either the managed metadata or enterprise keywords column is applied to a content type, the data that users enter in these fields is stored in a term store database.

Enterprise keywords and managed metadata should generally be considered public and readable by all users. If an enterprise keyword column or a managed metadata column is bound to a globally available term set, all metadata that users create will be accessible to other enterprise users who are viewing or validating terms.

After managed metadata and enterprise keyword columns are used, and user data is stored in and shared from the term store database, a SharePoint list can be configured to share its managed metadata and enterprise keyword data with the social tagging database that the User Profile service maintains. Doing so expands the visibility of a user’s data to all users of any features that rely on the social tagging database, with the exception of user data in columns that are bound to term sets. Metadata values that are stored in site collection‑specific term sets will not be shared with the social tagging database regardless of whether the list setting is enabled to share with the social tagging database or not.  

User interface text for managing the feature

The UI displays the following descriptive text:

  • When you add enterprise keywords to either a list or content type, you see the following descriptive text:

    Enterprise Keywords are shared with other users to allow for ease of search and filtering, as well as metadata consistency and reuse.

  • The list settings UI gives list owners a shortcut for adding the enterprise keywords column. The UI displays the following text:

    Add Enterprise Keywords

    An Enterprise Keyword column allows users to enter one or more text values that will be shared with other users and application to allow for ease of search and filtering, as well as metadata consistency and reuse.

    Adding an Enterprise Keywords column also provides synchronization between existing legacy keyword fields and the managed metadata infrastructure. (Document tags will be copied into the Enterprise Keywords on upload.)

  • The same list settings page displays the following descriptive text for metadata promotion:

    Values added to columns of types Managed Metadata and Enterprise Keywords can be shared with the Social service in order for metadata and keyword tags on items in this list to appear in tag clouds.