An interesting article (here's the most interesting page) on how Windows Update uses POSTed SOAP to send information about your computer to Microsoft.  Since the data is SSLed you can't network sniff for details, so these guys hooked into WinInet's HttpOpenRequest() and InternetWriteFile() to check out the data before it's encrypted.  Interesante.

Personally I don't think that dumping a system inventory of installed hardware drivers, how much ram, etc is an invasion of privacy.  What I don't want happening is a listing of my installed non-OS software...I'd rather not have Windows Update informing me about updates to anything other that Windows. 

I wasn't using my civil liberties anyway...