Q. Is this really as harmful as you think?
A. Go to your parents house, your grandparents house etc and look at their Windows PC, look at the installed software in the past year, and try to use the device. Run some antivirus scans. There’s no way this implementation doesn’t end in tears — there’s a reason there’s a trillion dollar security industry, and that most problems revolve around malware and endpoints.
Not just enterprise. Some organizations handle extremely sensitive information of victims of crimes, survivors of wars, potential political targets, just to name a few. A feature taking a screenshot and registering all of that data is a nonstarter. MS will have to prove that the feature doesn’t run with certain gov clients, the privacy risk is way too high.
On the other end of the spectrum, the vast majority of home users have no idea how to disable this or that it’s even activated. There will be folders of Recall shit filling up everywhere, waiting for someone who knows it’s there to access it.
If any of them access their work data on the Microsoft 365 web apps, it’s now sitting in that folder, and they will not know.
This is honestly the biggest evidence yet of a need for some sort of regulation that certain privacy related things should not be allowed to be activated by default. They should always be opt-in, period.