A campaign called “Fix It Already!” and launched by the Electronic Frontier Foundation (EFF) calls for a number of tech companies to resolve security issues in their products.

Microsoft is one of the giants that can further improve how user security is handled, as the EFF says that Windows 10 should actually allow customers who install the Home version of the operating system to keep the disk encryption keys to themselves.

The privacy watchdog explains in an analysis of how Windows 10 handles disk encryption keys that Home users are treated differently from those who installed the Pro or Enterprise flavors of the operating system.

“Windows 10 Home Edition does come with a built-in encryption solution, but only for some users. Called “Device Encryption,” it only works if you have certain hardware and if you sign into your computer with a Microsoft account—which means you have to trust Microsoft with the backup keys. This is bad encryption design by Microsoft: users should never have to give their encryption keys to a third-party,” EFF says.

Exposing the encryption keys

The way Microsoft designed this feature allows Windows 10 Home users to recover data even if they lose the backup key, simply because it’s stored on the company’s servers.

But at the same time, and here’s where the privacy concerns lie, uploading such data to Microsoft’s servers means the company means the encryption keys are exposed.

“Other versions of Windows 10 don’t require you to back up your key to Microsoft’s servers. And some Windows 10 Home users may find it helpful to have a backup key stored on Microsoft’s servers, so that they can recover the contents of their computers even if they forget their passwords. But other users may have different concerns, and may not be technically savvy enough to remove the backup key and generate a new one,” the EFF notes.

The new campaign also includes recommendations for a series of other companies, including Apple and Facebook.