The UK data watchdog is investigating a new Microsoft feature that takes frequent screenshots of users’ laptops. The feature, called Recall, will be available exclusively on upcoming Copilot+ PCs and will store encrypted snapshots locally.
Recall can search through a user’s past activity, including files, photos, emails, and browsing history, in addition to taking screenshots every few seconds. This has raised concerns among privacy advocates.
Dr Kris Shrishak, an AI and privacy adviser, warned that the continuous screenshot feature could significantly impact users’ behaviour, potentially deterring them from visiting certain websites or accessing confidential documents.
Microsoft says on its website that Recall is an optional feature designed with privacy and security in mind. Users can limit what Recall captures, and all data is stored locally, inaccessible to Microsoft or anyone without physical access to the device. A hacker would need to physically access the device and log in to view the screenshots.
However, the Information Commissioner’s Office (ICO) has reached out to Microsoft for more details about the safety measures in place to protect user privacy. According to an ICO spokesperson, companies must thoroughly assess and mitigate risks to individuals’ rights and freedoms before launching new products.
Microsoft has responded by saying that Recall was designed with privacy considerations from the start, giving users control over what is captured. For instance, users can exclude specific websites, and private browsing on Microsoft’s Edge browser will not be captured.
Daniel Tozer, a data and privacy expert at Keystone Law, compared the system to the dystopian themes of the Netflix show Black Mirror. He stressed that Microsoft would need a legal basis for recording and redisplaying users’ personal information. He also questioned how consent would be managed for individuals appearing in video calls or photos.
Jen Caltrider, who leads a privacy team at Mozilla, also pointed out that someone with access to your password could explore your detailed history. She raised concerns about potential future uses of the captured data, such as compliance with law enforcement requests or changes in Microsoft’s policies regarding targeted advertising or AI training.
Microsoft has clarified that Recall will not remove sensitive information from screenshots, such as passwords or financial account details. However, Caltrider expressed caution about using a computer with Recall for sensitive activities, likening it to performing such tasks in front of a busload of strangers.
Leave a Reply