The Windows AI feature announced by Microsoft this week quickly drew criticism for recording regular screenshots of a user's screen; one security expert compared it to keylogging software.
Windows Recall, the new feature that records a user's screen at regular intervals, has been labelled a "privacy nightmare" due to potential data privacy and security risks.
Microsoft announced the generative AI-based tool on Monday; it records "snapshots" of a user's screen every five seconds to provide a searchable log of historic actions going back three months. The feature will be available in preview in new Copilot+ PCs Microsoft and other vendors will begin selling in mid-June.
There are measures in place to protect Recall data, said Microsoft. Recorded data is stored and processed locally and protected with encryption on a user's device. Users can exclude any apps and websites they want kept private. They can also pause Recall when they want.
However, Recall, which is turned on by default, does not perform "content moderation," according to Microsoft, which means it won't conceal confidential information such as passwords or financial account numbers or anything else that might appear on a PC screen.
Microsoft
The ability for Recall to record and store so much sensitive user data is what drew quick criticism over data privacy and security risks.
"I think a built-in keylogger and screenshotter that perfectly captures everything you do on the machine within a certain time frame is a tremendous privacy nightmare for users -and not something I think the average user will actively take advantage of," said Jeff Pollard, vice president and principal analyst at Forrester.
"My initial thoughts are that it feels like something that could go wrong very quickly," said John Scott, lead security researcher at security software vendor CultureAI.
It's the security risks that present the biggest problem, said Douglas McKee, executive director of threat research at network security firm SonicWall. "With the announcement of Microsoft Recall, we are once again reminded of how the advancement of AI and technology features can provide great convenience at the potential cost of security," he said in a statement. "While many privacy concerns are expressed with Microsoft Recall, the real threat is the potential usage attackers will gain out of this feature."
McKee said that initial access to a device is easier than other elements of an attack, such as elevation of privileges, "yet with Microsoft Recall, initial access is all that is needed to potentially steal sensitive information such as passwords or company trade secrets."
Attackers that gain access to a PC running Recall will potentially have access to everything a user has done for around three months, including passwords, online banking details, sensitive messages, medical records, or any other confidential documents.
As a result, Recall could provide a simpler way to steal sensitive data than other tactics such as installing keylogging or screen recording software that might draw more attention. (A Recall icon is placed on the Windows system tray to provide some indication when snapshots are taken, according to Microsoft.)
"Why install keylogging software when I can just switch on something that's built into the system?" said Scott. "It's a different way of attacking, but it's a way that wasn't there prior to Microsoft saying, 'We take a screenshot every five seconds,' and, more importantly, a searchable screenshot every five seconds."
"Microsoft has taken living off the land to a whole new level with this release," said Pollard.
Microsoft declined to comment on the security concerns.
Aside from the risk of cyberattack, data privacy concerns have been raised, too. In the UK, the Information Commissioner's Office - a public body tasked with enforcing data privacy rights - said Wednesday it has written to Microsoft about the Recall feature to "understand the safeguards in place to protect user privacy."
The amount of data recorded and collected on a user's PC could be problematic when it comes to compliance with data protection rules. One of the aspects of EU's GDPR directive is proportionality, said Scott. "You're building up a huge trove of both your own and other people's personal data [with Recall] and there doesn't seem to be a very clear reason [for doing so]," he said.
In addition to a user's personal information, Recall could collect and store data relating to coworkers, clients, or other third parties. This could happen during a video call, for instance. "If Recall is taking that snapshot every five seconds, have you given me your explicit permission for your images to be recorded with your names? There is enough to be a unique identifier, so there's a massive problem there."
And while data is stored locally, there are questions about whether it could also be backed up somewhere else, he said, or even be hosted on Microsoft's cloud servers in future.
Justin Lam, senior research analyst covering information security at S&P Global Market Intelligence, said that tackling security and privacy risks is common practice for businesses and shouldn't necessarily preclude the use of tools shown to provide benefits to users and businesses. "Enterprises face challenges to balance user privacy, user productivity, internal risk management, surveillance, and compliance," he said. "That said, they should also consider what aggregate individual productivity gains there can be from tools like Recall and Copilot."
Others, however, warned that businesses should avoid using the feature at all.
"While the ability to search your usage history can provide a time saving and production increase, I advise the risk to small businesses to use this feature is too great," said McKee at SonicWall.
"First and foremost: if you can, don't enable it," said Forrester's Pollard. "I would want it eliminated via group policy if available. If the feature is activated at any point, I would also want telemetry informing me it's activated so that I can figure out if a user intended to activate it or if an adversary did [so] as part of their data gathering efforts."
According to Microsoft's admin page, those that don't want to use Recall can disable it with the "Turn off saving snapshots for Windows" policy; doing so will also delete any snapshots already saved on the device.
"For enterprise customers, IT administrators can disable automatically saving snapshots using group policy or mobile device management policy," Microsoft said on its support site.
The Recall feature is in preview, so changes could be made before it is generally available.
Lam said there may be ways Microsoft could improve the feature and reduce concerns around security and privacy. Recall could, for instance, "forget" more of the actions it has recorded, he suggested. "Can Recall limit its memories to a shorter time or reduced scope? What it may lose in accuracy it gains in user trust," he said.
The AI capabilities in Windows might also improve to the point where it's possible to classify data recorded by Recall more effectively, he said. Windows Copilot could also provide "enforced guidance," anticipating and prompting users when screen recording should be stopped entirely.
For now, it's hard to see how the feature can be securely used, said Pollard. "This feature is a risk in its entirety, and I can't imagine any security or privacy controls making me comfortable with having it activated on a system I use," he said.