There was this earlier version of the Windows 10 EULA that has generated a lot of flak
"We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to protect our customers or enforce the terms governing the use of the services."
The accusation was this wording gave Microsoft leeway to upload your hard drive to their side.
In any case, most professional and commercial software come with some form of error reporting/logging feature that's supposed to send diagnostic info to the developers if you decide to report the error for troubleshooting service. Windows itself has this built in for submission with your permission.
My question is: what safeguards, if any, is there to scrutinize the myriad of popular commercial software (like browsers and Adobe) from helping themselves to some of your files when you click that submit button? When software is signed for publishing do the signature providers at all check for potentially malicious behavior written into the software? Is there anything built into windows or security software that flag supposedly legit third party programs when they try to access and send out random files on your computer?
Something like this
but much more insidious as it uploads your password.xml
I know most likely this is not to worry about, but I don't see much talk about scrutinizing globally adopted software until some bombshell drops when it's too late for millions.