Signal is actively shielding Windows desktop app chats from Microsoft’s controversial Recall AI feature, the company announced on May 21. It has implemented a default setting in Signal Desktop on Windows 11 that employs a technical workaround to prevent Recall from capturing screenshots of conversations.
Signal stated this measure was necessary because Microsoft has not provided adequate tools for developers to protect user privacy from the AI’s screen-capturing capabilities.
The controversy centers on Windows Recall, Microsoft’s AI-powered feature designed to create a searchable “photographic memory” by taking screenshots of a user’s screen every few seconds. Despite Microsoft making adjustments following Recall’s initial problematic debut, like others, Signal maintains the feature still presents a substantial risk to the confidentiality of sensitive communications.
Signal’s solution repurposes a Digital Rights Management (DRM) API, typically used to prevent screenshotting of copyrighted content, to effectively make the Signal window invisible to Recall.
This development highlights an increasing friction between the drive for pervasive AI functionalities within operating systems and users’ fundamental privacy expectations, especially for secure messaging platforms. Signal highlighted the dilemma, stating, “Apps like Signal shouldn’t have to implement ‘one weird trick’ in order to maintain the privacy and integrity of their services without proper developer tools.” The company further lamented that individuals valuing privacy should not be compelled to sacrifice accessibility for the sake of AI advancements.
Signal’s DRM Gambit And Its Limitations
To counter Windows Recall, Signal’s technical strategy utilizes an existing Windows API intended to protect copyrighted material. By activating a specific DRM flag on its application window, Signal Desktop on Windows 11 now directs the operating system to exclude its contents from any screenshot attempts.
Consequently, if Recall or a user tries to capture the screen, the Signal window will appear blank. Microsoft’s own developer documentation confirms that this DRM flag ensures “content won’t show up in Recall or any other screenshot application.”
Signal explained this approach was a final option due to the absence of granular controls for app developers to opt out of Recall’s comprehensive monitoring. The move is a direct response to Microsoft’s failure to provide a specific opt-out mechanism. Signal President Meredith Whittaker underscored this, stating, “Operating systems should not be Hoovering up sensitive data from other applications without explicit consent and robust controls. We had to act.”
The company acknowledges this DRM method is a “weird trick” and introduces usability trade-offs, particularly for accessibility software like screen readers. To address this, the “Screen security” setting can be disabled in Signal’s privacy settings, though users will receive a warning.
Importantly, Signal clarified that this setting is local to the user’s computer. It does not affect screenshots on other devices or the accessibility tools used by communication partners on different operating systems. However, the protection is only effective if all parties in a Windows Desktop chat use the default settings.
Recall’s Contentious Past And Ongoing Doubts
Microsoft’s Recall feature has been a source of debate since its May 2024 unveiling. Security researcher Kevin Beaumont initially revealed that Recall stored its indexed data and screenshots in an easily accessible, unencrypted SQLite database. This triggered widespread privacy alarms.
The public outcry prompted Microsoft to delay Recall’s public preview and introduce security enhancements, including making the feature opt-in, mandating Windows Hello authentication, and encrypting the database. Subsequent updates detailed storing encrypted snapshots in hardware-isolated Virtualization-Based Security (VBS) enclaves. Decryption keys are protected by the device’s TPM chip.
Despite these modifications, concerns remain. Even with improvements, Recall indexes a vast trove of personal data, including messages and sensitive information, potentially without the explicit consent of everyone involved in a conversation. Beaumont’s later analysis also indicated that Recall continued to capture details like payment card information.
The database could still be decrypted with a simple fingerprint scan or PIN, casting doubt on its robustness against sophisticated malware. PrivacyWatchdog.org commented on the broader ethical implications, suggesting other privacy-focused applications might adopt similar measures if operating systems persist in integrating such monitoring tools without adequate developer controls.
Broader Implications For Messaging Security
The clash over Windows Recall and Signal’s defensive measures unfolds amid persistent anxieties about digital communication security, particularly for sensitive government communications. A separate, major breach involving TeleMessage, a Signal app clone, recently compromised messages and metadata of over sixty U.S. government officials.
This included disaster responders and diplomatic staff. That incident, where data was archived by the non-profit Distributed Denial of Secrets, spurred the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add TeleMessage’s TM SGNL app vulnerability (CVE-2025-47729) to its Known Exploited Vulnerabilities catalog.
The critical flaw involved the application’s backend retaining cleartext messages, contrary to its encryption claims. Security researcher Micah Lee’s earlier analysis had already shown that TM SGNL’s architecture inherently circumvented standard end-to-end encryption, allowing TeleMessage access to plaintext chat logs.
