Windows 10 Whole-Disk Encryption without Key Escrow
On the Intercept, Micah Lee has a good article that talks about how Microsoft is collecting the hard-drive encryption keys of Windows 10 users, and how to disable that “feature.”
EDITED TO ADD (1/13): More useful information.
John Macdonald • January 4, 2016 1:35 PM
Reading the article, you will find that you cannot disable the feature. The key is always sent to Microsoft when encryption is turned on. What you can do is to go to you Microsoft account page and ask them to delete their copy of the key. You still have to hope that no copy has been made in the meantime, and that they actually do delete all of their copies of the key. So, you can close the barn door that they insist be initially left open – hoping that the horse is still in the barn when you lock the door. Unfortunately, this horse is invisible – it’s hard to see whether someone has copied your key during the interval, either in transit or from Microsoft’s servers.