AI is the new “Digital.” That is, vendors are slapping the AI label on their wares regardless of whether their wares’ capabilities warrant it, aided and abetted by the complete and utter lack of a reliable definition of AI. It’s just as they did with “Digital” a few years back.
But sometimes a product deserves the AI label. That makes its description accurate, which is quite a different matter from it being a good idea.
Take the subject of this column’s screed: Microsoft Recall. It stores a snapshot of your computer’s screen every couple of seconds, indexing it for recall (hence the name) whenever you might want to review it.
Concerned about privacy lapses? Don’t be, says Microsoft. There’s no risk, because everything Recall stores is kept in local, encrypted files, not in the cloud. According to Microsoft, “… a would-be hacker would need to gain physical access to your device, unlock it and sign in before they could access saved screenshots.”
Please forgive my skepticism, but isn’t there an entire class of malware that works by gaining control of the victim’s PC? I mean, why would anyone think physical access would be the only access to which Recall is vulnerable?
What could possibly go wrong?
I know “A foolish consistency is the hobgoblin of small minds,” but still, hasn’t Microsoft been promoting the idea of virtual desktops for at least a dozen years to anyone who will listen? I guess excluding Recall from VDI is something less than a tragedy, but still, it isn’t just VDI that bores a hole in Microsoft’s protections. Lots of vulnerabilities are exploited right now by hapless users inadvertently installing malware that lets intruders control their PC remotely. That control would extend to Recall and its ability to find juicy morsels of data.
Speaking of skepticism, Recall requires trusting Microsoft and its developers to not create any backdoors into the Recall system. Which would be a more reasonable threshold if Microsoft didn’t give itself the right to change its license terms whenever it’s in the mood without asking its customers’ permissions.
Speaking of data, has everyone forgotten the knowledge pyramid? As perfected by Scott Lee and myself, this is the conceptual edifice that places data at the bottom, followed by information, knowledge, judgment, and wisdom at its pinnacle. Recall improves your ability to remember data — the least valuable of the layers.
Oh yeah, one more admittedly minor unintended consequence: For those souls who rely on the Tor browser and its associated hypersecure network to keep their online activities private, Recall would blow a hole through Tor’s protections, capturing screen shot after screen shot of whatever Tor displays.
Not that this is a marketplace Microsoft is pursuing with vigor, Edge’s InPrivate mode notwithstanding.
One more gotcha, and it’s hard to imagine the omission is accidental: Most businesses take the position that anything and everything stored on employees’ devices are the property of the business, not the employee. So if a business manager wants to look at an employee’s Recall data … awkward!
How did this happen?
Behind all this we can easily imagine members of the Redmond contingent brainstorming what they might do with AI and, infected with optimism bias and infused with escalating enthusiasm, doing it.
What’s more, this is exactly what Microsoft and its technology-promoting brethren should be doing with AI.
IT’s job is to solve business problems and pursue business opportunities through the use of available information technologies. IT’s vendors? They’re supposed to go beyond what’s already developed, to explore what’s possible and what could be done with what’s possible if they turn “possible” to “it works!”
Only there is a missing intermediate step, namely, the two highest levels of the knowledge pyramid: judgment and wisdom. They’re how everyone involved in this brewing fiasco should have known better — recognizing the difference between being able to do something and it being a good idea.
How you should respond
In spite of this critique, Recall isn’t necessarily a uniformly awful idea. To make it personal, I am, from time to time, an amateur nature photographer. I’d be delighted if I could ask my computer to show me, for example, every photo I’ve taken of a red-eyed vireo. As a hobbyist I’d likely be willing to take Recall’s risks in exchange for that capability.
I could likewise imagine one of WPP’s managers wanting to list every place a Coca-Cola bottle has appeared on the internet, WPP being Coca-Cola’s ad agency. Recall would be a boon.
Enough of a boon to exceed its risks? That’s another matter.
Which gets us to a movie we’ve seen before: Back in the day, even in companies that standardized on Windows PCs, the Marketing department was often allowed to put Macintosh computers in front of its creatives. It just wasn’t worth the time and effort the CIO would have had to invest in persuading the head of Marketing to accept Windows standard desktops instead.
So you might as well start laying the groundwork now for turning down managers who will want Recall for their teams.
You might as well because you know they’ll ask. And as CIO you also know that in your job you need to be as good at crafting negative sales pitches — persuading people to not do something — as you are in getting your company’s managers to approve initiatives you know are worth the investment.
And one more thing, courtesy of Dr. Yeahbut: It’s easy for IT to fall into the Zero Risk Trap — to make any and every risk the reason to reject a potential opportunity. It’s a bad habit.
Avoid it. When faced with something like Recall — maybe with risks that aren’t quite so obvious, along with the potential to nonetheless be pretty cool — challenge your analysts and management team to figure out ways to take advantage of the new capability — even on a very small scale — while preventing or mitigating the risks it entails.
Read More from This Article: Microsoft Recall: Everything IT can get wrong about AI in a single feature
Source: News