Microsoft Copilot+ Recall feature ‘privacy nightmare’

Image source, Microsoft document provided by PA

Legend, Satya Nadella, the boss of Microsoft, during the launch of the Copilot+ AI assistant

  • Author, Imran Rahman Jones
  • Role, Technology journalist

The UK’s data watchdog says it is “inquiring with Microsoft” about a new feature that allows screenshots of your laptop to be taken every few seconds.

Microsoft says Recall, which will store encrypted snapshots locally on your computer, is exclusive to its upcoming Copilot+ PCs.

But the Information Commissioner’s Office (ICO) said it was contacting Microsoft for more information about the security of the product, which privacy campaigners have called a potential ‘privacy nightmare’ .

Microsoft says Recall is an “optional experience” and is committed to privacy and security.

“Recall data is only stored locally and is not accessible to Microsoft or anyone who does not have access to the device,” the company said in a statement.

And it said a potential hacker would have to physically access your device, unlock it and log in before being able to access saved screenshots.

But an ICO spokesperson said companies must “rigorously assess and mitigate risks to people’s rights and freedoms” before bringing new products to market.

“We are investigating with Microsoft to understand the safeguards in place to protect user privacy,” they said.


Recall has the ability to search through all users’ past activity, including files, photos, emails, and browsing history.

Many devices can already do this, but Recall also takes screenshots every few seconds and searches for them as well.

“This could be a privacy nightmare,” said AI and privacy advisor Dr. Kris Shrishak.

“The simple fact that screenshots are taken while using the device could have a deterrent effect on people.”

Microsoft says it has “built privacy into the design of Recall” from the start, and users will have control over what is captured.

For example, users can opt out of capturing certain websites, and private browsing on Microsoft’s Edge browser will not be captured.

“People might avoid visiting certain websites and accessing documents, especially confidential documents, when Microsoft takes screenshots every few seconds,” Dr. Shrishak said.

And Daniel Tozer, a data and privacy expert at Keystone Law, said the system reminded him of Netflix’s dystopian show Black Mirror.

“Microsoft will need a legal basis to save and redisplay the user’s personal information,” he said.

“There may be proprietary or confidential information on the screen for the user’s employer; will the company be happy for Microsoft to record this?

And he asked how consent would work for people appearing on screen during a video call or photo.

“Are they going to have a choice whether or not to accept this? User and access controls will be a key issue that Microsoft will undoubtedly focus on,” he said.

Screenshot of passwords

Meanwhile, Jen Caltrider, who leads a privacy team at Mozilla, suggested the plans meant someone knowing your password could now access your history in more detail.

“(This includes) orders from law enforcement courts, or even Microsoft if they change their mind about keeping all of this content local and not using it for advertising purposes targeted or training their AIs,” she said.

According to Microsoft, Recall will not moderate or remove information from screenshots containing passwords or financial account information.

“This data may be in snapshots stored on your device, especially when sites do not follow standard Internet protocols, such as hiding password entry,” Ms. Caltrider said.

“I wouldn’t want to use a computer running Recall to do something I wouldn’t do in front of a bus full of strangers.

“This means no longer need to log into financial accounts, search for sensitive health information, ask awkward questions or even search for information about a domestic violence shelter, clinic reproductive health or an immigration lawyer.”

News Source :
Gn tech

Back to top button