‘You might have it without realizing it’ warns expert over ‘dangerous’ Microsoft AI that screenshots ‘everything’ you do
BE wary when buying a Microsoft laptop in the coming months – it may be equipped with an AI tool that takes pictures of your activity.
Microsoft introduced the feature, called Recall, in May 2024. It takes screen captures of your device every few seconds – including information like passwords, photos, and conversations.
Microsoft unveiled its Recall AI tool last month. It takes screenshots of a device every five seconds, capturing passwords, photos, and conversations[/caption]It is intended to be used in conjunction with an AI tool running on Windows 11 that allows users to search and find information on their machines.
While the operations take place locally, there is the possibility that data might fall into the wrong hands – say, if a hacker were to gain access to a user’s computer.
The feature was delayed indefinitely following an outpouring of criticism from data privacy experts, including those at the Information Commissioner’s Office, a UK-based watchdog.
In the wake of the furor, Microsoft announced changes to Recall ahead of its public release, which was originally slated for June 18.
It is still expected to launch sometime in the fall, exclusive to Copilot+ PCs. But Stan Kaminsky, a cybersecurity expert at Kaspersky, anticipates that the tool will become available on all Windows devices in the future.
“Given Microsoft’s practice in recent years of ‘offering’ features by automatically activating them on users’ computers, you might get an unwanted AI assistant without even realizing it,” he said.
How to disable Recall
So how can you be sure your sensitive information isn’t being screenshotted and saved?
Windows 11 users can check for the application by typing “Recall” in the Start menu search bar – if it appears, it is installed.
To disable the feature, navigate to “Settings,” then “Privacy & security,” followed by “Recall & snapshots”.
Disable “Save snapshots” and finish by clicking “Delete all” to remove those that have been saved to your device.
Users who don’t want to do away with the tool but still want to safeguard their privacy can limit the information it has access to.
You can bar Recall from taking screenshots of certain websites by specifying those it has access to under “Recall & snapshots.”
How Recall works
The feature is designed to locate content on a user’s computer and does so by taking snapshots to create a library.
These screen captures are sent to the Recall App, which uses information contained within the images to answer a user’s questions.
The process is, of course, assisted by artificial intelligence – and Microsoft bills Recall as “your everyday AI companion”.
Unless the user has disabled the tool, only private windows in Edge, Chrome, Opera, and Firefox are excluded from the data collection.
The tool was initially scheduled for release on June 18, but outrage over an apparent lack of data privacy forced Microsoft to delay the launch and make changes[/caption]Microsoft has continued its AI push, and Recall itself starred in the unveiling of Microsoft’s new computers at its developer conference last month.
Yusuf Mehdi, the company’s corporate vice president, said the tool used AI “to make it possible to access virtually anything you have ever seen on your PC”.
However, his remarks quickly drew backlash, with the ICO pledging to investigate over data privacy concerns.
The organization shared it was forwarding inquiries to Microsoft “to understand the safeguards in place to protect user privacy”.
“We expect organizations to be transparent with users about how their data is being used and only process personal data to the extent that it is necessary to achieve a specific purpose,” the group wrote.
“Industry must consider data protection from the outset and rigorously assess and mitigate risks to people’s rights and freedoms before bringing products to market.”
The tool, available on Copilot+ PCs, can be turned off by navigating to “Settings” and following a series of easy steps. You can also limit which sites it has access to[/caption]How Microsoft is changing Recall
Microsoft announced a host of updates to the forthcoming tool in a blog post dated June 13.
Recall will now be available in a limited capacity, shifting from “a preview experience broadly available for Copilot+ PCs” to “a preview available first in the Windows Insider Program”.
Among the most notable updates is a change to the opt-in process. From now on, the tool will be turned off by default.
Users must use the “Hello” authentication process to enable Recall – a biometric method that requires a fingerprint, iris scan, or facial recognition.
Screenshots will also be encrypted, meaning the data will only be “unscrambled” and available to view once the user confirms their identity.
Moreover, a user’s “proof of presence” will be required to view screen captures or search in Recall – though the company does not explicitly spell out what this means.
What is Microsoft Copilot?
Copilot is a chat interface that lets users search for information, generate text, and create images based on their prompts.
While Microsoft is infusing the tool into its other services, Copilot can be found online at copilot.microsoft.com, where it functions like a Chat GPT tool.
The website can be used with plug-ins if you’re looking to book reservations for dining and travel.
It can also be integrated into browsers like Bing and the Edge Web Browser, with an option to toggle between the usual search engine and the AI-powered option.
Those with a paid subscription can use Copilot in Microsoft 365 apps including Word, Excel, Outlook, and PowerPoint.
Businesses that install Microsoft 365 can ground Copilot’s responses with data from within the organization, like content in Outlook emails or Teams chats.
Windows users can add a Copilot sidebar to their screen. It can summarize text you select on your desktop, change settings like volume levels, and open apps. There is also an app for both Android and iOS.
Copilot is free to use online, in Windows, in the Edge browser, and in its mobile form.
Besides paying to use it inside Microsoft 365 apps, users who want a faster model can subscribe to Copilot Pro.
The AI tool is available in the following languages: Chinese (Simplified), English, French, German, Italian, Japanese, Portuguese (Brazil), and Spanish.
Microsoft has continuously reaffirmed its “commitment to responsible AI”.
“Privacy and security are principles as we develop and deploy AI systems,” the company wrote on its website.
“We work to help our customers use our AI products responsibly, sharing our learnings, and building trust-based partnerships.”