2 min Applications

Microsoft Recall is still a privacy nightmare

Microsoft Recall is still a privacy nightmare

After a lengthy delay, Microsoft Recall is available to Windows Insiders. Tests show that the feature still carries significant privacy risks.

The tests came from Tom’s Hardware, which consulted both legitimate sites and used fictitious HTML forms. The goal was to see if Microsoft Recall, which continuously takes screenshots of the user display, automatically stops itself from storing sensitive data such as credit card details. While two Web sites do filter out at appropriate times, it turns out that Recall does not always look away nearly enough to be secure.

Another privacy threat

Recall is therefore still unsafe to use in some scenarios. Microsoft promises to continually improve the service, a claim it also referred to in response to Tom’s Hardware’s questions. But AI detection of sensitive information appears a shaky foundation, to say the least. Exactly those same concerns had led to an earlier delay. The question now is whether the constant screenshots make Recall simply inherently dangerous, which means the feature will have to remain off for users who regularly display sensitive details on their screens.

It should be noted that Recall does not yet have a full release. It was originally intended that Windows 11 24H2 (which was once rumored to become Windows 12) would introduce Recall as its main feature. That soon proved undesirable based on the extremely negative reaction to Recall’s “snapshots,” screenshots of the screen that continuously inform AI of the user’s behavior. Based on that data, Microsoft would provide a highly personalized AI experience, but it is obvious that this must now take place in a different way.

Other versions

Despite the controversy, Recall seems to be a trendsetter. Google, for example, introduced a similar functionality within Chrome a few months ago. Users can ask via questions such as “what city did I look up last week,” after which Google dives into the data for an answer. Still, the ambition for said initiative is a lot smaller, since this is not an OS-level feature that takes all sorts of other applications with it. Still, it’s important that credit card data and other personal information not just be retrievable, something that’s hard to rule out with the fickle nature of generative AI.

Also read: Microsoft rolls out controversial Windows Recall feature this fall