It’s a nightmare scenario for Microsoft. The headlining feature of its new Copilot+ PC initiative, which is supposed to drive millions of PC sales over the next couple of years, is under significant fire for being what many say is a major breach of privacy and security on Windows. That feature in question is Windows Recall, a new AI tool designed to remember everything you do on Windows. The feature that we never asked and never wanted it.
Microsoft, has done a lot to degrade the Windows user experience over the last few years. Everything from obtrusive advertisements to full-screen popups, ignoring app defaults, forcing a Microsoft Account, and more have eroded the trust relationship between Windows users and Microsoft.
It’s no surprise that users are already assuming that Microsoft will eventually end up collecting that data and using it to shape advertisements for you. That really would be a huge invasion of privacy, and people fully expect Microsoft to do it, and it’s those bad Windows practices that have led people to this conclusion.
I know it’s WindowsCentral but the article has some pretty naive takes. Given the propensity of threat actors to target Windows due to its market share it’s impossible to not see a system that records user activity as a huge treasure trove for both malware and hackers.
It also doesn’t mention that Microsoft claimed that it would be impossible to exfiltrate Recall data and of course researchers found it not only possible but trivial, with the data lacking even basic protections. Assurances that there are mechanisms to prevent Recall from secretly monitoring you mean nothing when prior assurances about safety have been found to be paper thin at best.
Further it ignores that telemetry gathered by Windows has dramatically increased in the last several years with methods to disable it being eliminated or undone by OS updates. Microsoft is hungry for user data and it would be absurdly naive to think that Recall won’t be a tool they use to gain more of it. If not now, then definitely later.
The author does point out that Recall has been weirdly under wraps, avoiding the usual test bed for new feature rollout. Microsoft has been acting shady about the feature and then the feature itself does shady things (like record PII, credit card data, etc.), of course users are going to think the worst. At this point it’s a survival tactic.
Microsoft doesn’t have trust issues because of bad PR or a few missteps. Microsoft has trust issues because they have violated user trust repeatedly for decades. They have done nothing to make users feel like they care at all about keeping Windows secure and safe and they clearly have no regard for user privacy. This only question is whether this backlash will do anything to make Microsoft reconsider the way it treats its users. I predict they will learn all the wrong lessons from this.