Microsoft revealed earlier this week the new Copilot+ PCs, laptops with specific features, such as a dedicated AI chip, at least 16 GB of RAM and at least 256 GB of space. These computers, which will initially be equipped with Qualcomm’s new Snapdragon X Elite chip, should rival Apple’s MacBooks in power and battery life, according to Microsoft.
These PCs will also have dedicated AI features, of which the one that attracts the most attention is undoubtedly Recall, which gives a sort of photographic memory to the computer. Recall records screenshots of everything you do on the web and in apps, multiple times per minute. You can then search this “computer memory”, for example to find a graph that you saw a few days ago in order to insert it into a presentation.
A privacy time bomb?
Microsoft says it designed the feature with its users’ privacy in mind. So screenshots are saved on the computer, not the company’s servers, and all AI analysis of the screenshots is done on the device itself.
Microsoft also offers a few options, such as the ability to pause recordings, and never record certain applications (which may be important for certain professional software, for example). By default, InPrivate content in the Edge browser will not be saved either.
Despite its precautionary measures, several voices have been raised against the feature since its unveiling on Monday.
Unless I’m mistaken, all the security experts who have spoken out on the feature are much less enthusiastic than Microsoft on the subject. Recall has repeatedly been called a “privacy nightmare,” and several analysts (and Elon Musk) have compared the feature to an episode of the dystopian series Black Mirror. Even the British government is worried.
If the comparison with Black Mirror is a bit advanced, it is still obvious that the new functionality represents a significant risk. Yes, the screenshots will be encrypted on the hard drive, but anyone has access to your computer (a colleague who saw your password, a jealous spouse or a hacker who accesses your PC remotely ) will have access to your entire usage history.
For the general public, IT security is generally a question of compromise and common sense: how much risk am I willing to accept for a useful feature that I like?
Most agree that the benefits of keeping your photos online are much greater than the risk involved, for example. And for many people, the risk of a hacker spying on their front door through a smart doorbell is low, and the consequences are not bad. For them, having a doorbell with a camera is therefore worth it, since being able to see who is at the door remotely represents an undeniable advantage.
With Recall, the math looks different. The risk is real, the consequences (professional, legal, personal, reputational, financial) can be unfortunate and the benefits have yet to be demonstrated.
