Experts in privacy express concerns about Microsoft's new AI technology.

Experts in privacy express concerns about Microsoft's new AI technology.

This week, a new Windows computer tool called Recall was presented. It acts like a personal "time machine," allowing users to swiftly retrieve anything that has ever been shown on their screens, including documents, pictures, and websites. Different from keyword searches, the app regularly snaps screenshots of the user's screen and stores them directly on the device. Artificial intelligence processes the data and makes it searchable.

For instance, if someone had once looked for a green dress or the name of a local ice cream shop, they can request the feature to "recall" any of their history that appeared on the screen.

Although semantic search is a significant leap forward for AI, it is released at a time when the field is rapidly evolving, and government regulators, businesses, and consumers are figuring out how to utilize this technology responsibly.

Jen Golbeck, an AI professor at the University of Maryland focusing on privacy, cautioned that the feature could pose potential issues if the device falls into the wrong hands.

"Stuff may stay on your device, but that doesn't mean people can't get to it," she said. "You won't have an option to protect yourself even if you use incognito mode or clear your history because the tool has access to everything that's been on your screen."

The UK's independent Data Protection and Freedom of Information regulator, the Information Commissioner's Office (ICO), is looking into the tool "to understand the safeguards in place to protect user privacy."

"We expect organizations to be transparent with users about how their data is being used and only process personal data to the extent that it is necessary to achieve a specific purpose," the ICO said in a statement.

Microsoft did not immediately return a request for comment. CEO Satya Nadella told The Wall Street Journal in an interview before the launch that web searches could only be done on Microsoft's Edge web browser, and the screenshots would never leave the user's computer.

"You have to put two things together: This is my computer, and this is my Recall – and it's all being done locally," he said.

Geoff Blaber, CEO of market research firm CCS Insight, deemed the issue less concerning.

"The backlash by some to this feature isn't surprising, but it's an overreaction given that the data stays exclusively on the device, and the user has full control," Blaber said.

Users can decide whether to enable the feature during the device setup process and can customize and blacklist which apps and websites Recall can access.

"These controls suggest the feature has been built with security and privacy at its core," he said. "Recall won't appeal to everyone, but the utility provided is likely to be significant."

Potential for malicious uses

However, Golbeck warned that this protection might not be enough in certain situations, such as a journalist in a hostile country, a person attempting to escape an abusive relationship, someone searching for sensitive medical information, or an employee whose boss wants to monitor them. She anticipates that the workplace will be most affected.

"We know employers monitor what we're doing on their devices, but a lot of people will do a personal thing on their work computer, and all of that will be archived and visible to an IT department, even if it just stays on the device," she added.

Golbeck said that privacy was often ignored when developing technology.

"What we've seen over the last 15 years is every single one of those potential malicious use cases comes to fruition in some way or another. People will want to use this cool feature without understanding the privacy risk – that there will be a permanent record of everything you do," she said.

Reactions to features like biometric passwords, like fingerprints, facial recognition, and iris scans, have been divided in the past. Blaber claimed collaboration between Microsoft and its partners would be needed to demonstrate the value, security, and privacy of the product in real-world applications.

Despite these measures, Michela Menting, a senior research director at ABI Research, considered the feature a "step backwards" for privacy.

"The argument that hackers need physical access to even be able to manipulate Recall is short-sighted at best because there are plenty of highly imaginative ways threat actors could exploit such a valuable tool," said Menting. "It simply takes time and effort to find a way."

Read also:

• Telefónica targets market launch for hologram telephony
• vzbv: Internet companies continue to cheat despite ban
• Telefónica targets market launch for hologram telephony in 2026
• AI and climate in schools: how to keep lessons up to date

people in the tech industry are discussing the potential privacy implications of Microsoft's new AI technology in the business world.

Despite Microsoft's claims that the data collected by Recall stays exclusively on the user's device and is only accessible with their permission, some experts express concerns about the potential misuse of this data, particularly in the workplace.

Source: edition.cnn.com