Signal blocks Microsoft Recall in its latest Windows 11 update by enabling a screen security feature that prevents AI-powered screenshots of private conversations. Designed for Windows 11 Copilot+ PCs, Microsoft Recall has raised serious privacy concerns, especially regarding encrypted apps like Signal. In response, Signal introduced a default screen security feature that prevents screenshots, reinforcing its commitment to user privacy. This move highlights a growing industry clash over data protection as AI technologies become more deeply embedded in everyday computing.
Signal Activates Screen Security to Block Microsoft Recall
Signal released a Windows 11 update that blocks Microsoft’s Recall from capturing screenshots of private conversations within the app. The new Screen Security feature, enabled by default, prevents Recall from accessing any visible content displayed inside Signal’s interface.
Using techniques similar to DRM on platforms like Netflix, Signal aims to safeguard user privacy against unauthorized visual data capture. This update responds to rising concerns about Recall’s potential to expose sensitive information without proper developer controls or user consent.
Joshua Lund, a Signal developer, outlined the reasoning in a detailed blog post. Despite Microsoft’s recent steps to improve Recall, like as encrypting saved data and moving to an opt-in basis, Signal claims these changes are insufficient. The lack of a formal interface (API) that allows developers to exclude their apps from Recall’s scope remains a significant problem.
As a result, Signal blocks Microsoft Recall using protective overlays that render its interface unreadable to background screen-capture processes. While criticising Microsoft over its Recall feature, Lund said,
Microsoft has launched Recall without granular settings for app developers that would enable Signal to easily protect privacy, which is a glaring omission that limits our choices… Although Microsoft made several adjustments over the past twelve months in response to critical feedback, the revamped version of Recall still places any content that’s displayed within privacy-preserving apps like Signal at risk.
Privacy Concerns Surrounding Microsoft Recall
Microsoft’s Recall, announced in May 2024, is a digital memory tool that captures regular screenshots of user activities and organises them into a searchable archive. It is marketed as a productivity tool, allowing users to recall previous discussions, papers, or photographs using vague cues. However, it has received strong criticism from privacy groups and security experts. Critics criticised its early versions for storing unencrypted data, lacking user consent, and providing limited control.
Despite Microsoft delaying its launch and implementing changes, key concerns persist. Security researcher Kevin Beaumont recently showed that Recall still logs sensitive data, like medical or banking info, which could be easily exploited if the system is breached.
Signal’s Defensive Approach
Microsoft declined to offer app-level restrictions for Recall, prompting Signal to adopt unconventional methods to safeguard user privacy. Signal uses DRM settings, originally meant for protected media, to prevent Recall and similar tools from visually capturing its app content.
Signal now enables this precaution by default in its Windows 11 client to protect users from potential screen capture threats. Users can disable it manually by going to Settings → Privacy → Screen Security, but this requires deliberate action and consent. Signal acknowledges possible effects on accessibility tools like screen readers, yet prioritizes privacy due to the significant risks posed by Recall.
However, it should be noted that the screen security settings only apply locally. If a chat participant uses Signal on macOS, Linux, or Windows without this capability enabled, their half of the conversation may still be visible. The blog post noted that,
People everywhere rely on Signal to protect their communication, including human rights workers, governments, board rooms, militaries, and millions of individuals around the world for whom privacy is an existential matter. Apps like Signal must maintain their ability to prioritize security by default in a way that can be publicly validated.
Therefore, Signal’s decision to block Microsoft Recall reinforces its leadership in privacy-first tech. As the industry continues to debate the implications of Recall, Signal’s proactive stance sets an example for safeguarding encrypted communication in a world increasingly shaped by AI surveillance.
About The Author
