Concerns about security and privacy raised by Microsoft’s AI ‘Recall’ feature

Concerns about security and privacy raised by Microsoft’s AI ‘Recall’ feature

Microsoft recently announced its AI-optimized Copilot+ PCs, which will come with a new feature called “Recover.” This feature is designed to create a “photographic memory” of everything the user has seen on their PC. It takes snapshots of the user’s active screen every few seconds, allowing them to easily review their activity on a timeline or search for previously viewed web pages, apps, or files without the need to manually search through emails or files.

While Microsoft claims that the Recover feature does not perform content moderation and does not hide sensitive information like passwords or financial account numbers, some security experts have raised concerns about the potential risks associated with the feature. Critics have likened it to spyware, citing the constant monitoring of user activity as a cause for alarm.

Security and privacy experts have expressed apprehension about the intrusive nature of the AI recovery feature. While Microsoft assures that the snapshots taken by Recall are stored locally on the PC’s hard drive and encrypted, experts warn that this may not be enough to prevent unauthorized access by threat actors. While users can disable the feature or prevent snapshots of certain websites or apps, concerns about data security and privacy remain.

Although AI features like Recall have their benefits, experts highlight the challenges faced by cybersecurity in keeping up with these advancements. The constant capture of sensitive information and the lack of content moderation raise questions about compliance with data protection regulations and the potential misuse of the collected data by cybercriminals.

Experts suggest that user awareness is crucial in addressing the risks associated with features like Recall. Microsoft’s lack of clarity on how data collected through Recall will be used and protected, as well as concerns about default settings on CoPilot+ PCs, have prompted calls for greater transparency and user control over data collection practices.

In conclusion, the introduction of the Recover feature in Microsoft’s Copilot+ PCs has sparked debate among security and privacy experts regarding its potential risks and implications for user data security. While the feature aims to enhance productivity and user experience, concerns about data privacy, security vulnerabilities, and compliance with regulations linger. Experts emphasize the need for clear communication, user control over data collection, and robust security measures to mitigate the risks associated with intrusive AI features like Recall.

Article Source
https://www.scmagazine.com/news/microsofts-ai-recall-feature-raises-security-privacy-concerns