You are right. But I have seen so many cases, where companies come away with it.
This is something, that definitively should be changed in our legal systems, but they are far from perfect, even when there are sometimes some honorable judges around (much to seldom in my country!).
Better way of arguing for your point would be to say that you cannot consent if you are uninformed, but if you were presented with the privacy statement then whose fault is it that you are uninformed and still went ahead agreeing to something you don't understand. Do you also take candies from strangers? I don't think what Microsoft is doing is ethical, but then I think it would be much more unethical for us to take Microsoft's right to free speech. I think you are arguing for nanny state.
>whose fault is it that you are uninformed and still went ahead agreeing to something you don't understand.
There is no practical way for the average person to have a significant enough understanding of privacy policies due to the wordings and the 'as provided by law' type clauses that require understanding of even more complex documents (and possible even court cases). That people agree to it anyways is because it cuts one out of so much to not agree to privacy policies. Even going to the doctor involves a policy that includes 'as allowed by law' that makes it very difficult for anyone other than a specialized lawyer to understand.
Microsoft knows that people aren't understanding this and using it to their advantage. A ban on taking advantage of this is no more a nanny state than already existing bans on many cons and scams (those that don't rely on lying but on confusion and misleading others). For example, I can't hand out checks for $100 that include really nasty terms of repayment ($200 due in one month, else I get to seize any items I wish from your possession). This isn't a ban on any freedom of my own except my freedom to take advantage of others.
To relate it to your example of taking candies form strangers, if I'm handing out bad candies and someone else is eating them, who is at fault? Even if they should know better (which with these being complex legal candies that means most people shouldn't know better) I'm still at fault for handing out bad candies.
> There is no practical way for the average person
And I'm arguing that this should not be a concern. If you do not understand something then you shouldn't agree to it. People should ask their lawyer, consult Microsoft, consult websites dedicated to such issues, etc. Unless you can prove that privacy statement is misleading to laypeople then it should be user's fault for not bothering to inform themselves.
> A ban on taking advantage of this is no more a nanny state than already existing bans on many cons and scams
I'm arguing for this (even though I severely disagree with choices Microsoft made) because it's a slippery slope that leads to precedents for government to introduce regulations that clearly aren't in public's interest.
Software as protected speech was established at the end of crypto wars, when encryption programs stopped being classified as munitions and restriction on strength of cryptography were lifted.
If we let Microsoft not exercise their right it might set a trend for the governments to go back in other areas like cryptography, using old scare tactics to reverse what was achieved before in the name public's interest by appealing to the fear of terrorism. You fight for Windows to not be compromised for its users, but it could be that this fight would lead to other curtailments of speech that would not only paradoxically harm Windows but any other reasonable alternative that we currently have.
This is something, that definitively should be changed in our legal systems, but they are far from perfect, even when there are sometimes some honorable judges around (much to seldom in my country!).