The Information Commissioner’s Office (ICO) is looking into a new feature of Windows 11 and Copilot where the operating system will automatically screenshot what you are doing every few seconds. The upcoming feature, called Recall, will be able to access the locally stored, encrypted images to enhance the user experience in Windows 11 by being able to search through all previous activity on the machine.
UK watchdog looking into Microsoft AI taking screenshots – BBC
Of course Microsoft is saying that, they will not have access to the data and that hackers would need local access to the machine to access and decrypt the images but how long will it take for researchers and the threat actors to circumvent that to get a screenshot of you entering or accessing sensitive information on your computer in “private”.
Microsoft also explained that you can be selective when Recall takes screenshots to for your security and to protect your privacy – but who is going to do that every time they access a website that they would sooner no one else knew about or their bank, or their M365 documents. There are encrypted M365 documents that I have produced, that I would not want screenshots of floating around on my system, neither would my clients want that information to not be 100% secure.
Here is a great quote from an ICO spokesperson:
“…firms must “rigorously assess and mitigate risks to peoples’ rights and freedoms” before bringing any new products to market.”
Again I ask, “who wanted this feature?”
Your Takeaway
Information creep is one of the easiest ways for any organisation to lose control of their information. A copy sent here, a print out there, another copy emailed out of the office – at each step the action looked reasonable but eventually the you have lost control of the data. Now your OS will be screenshotting as well!
Your cyber security policies and procedures should address information creep.
Clive Catton MSc (Cyber Security) – by-line and other articles