Remember that much-loved Microsoft AI feature Copilot Recall that keeps screenshots of everything happening on your Windows PC?

Now there’s Microsoft Copilot Vision for Windows 11, which takes whatever happens on your Copilot+ laptop and sends it to Microsoft! [Microsoft; Microsoft]

Microsoft wants Copilot to become your “true companion.” We saw Microsoft’s sticky blob avatar for your new Copilot buddy yesterday. [Register]

Microsoft swears the data won’t be kept “long term.” However long that is.

Copilot Recall is on all the time, but Copilot Vision only switches on when you tell it. Or when you accidentally click on the glasses button.

So how much Copilot Visioning can you do? [Microsoft]

You must sign in to Copilot to access Vision. Copilot Vision is available to all Microsoft Edge users. Subscribers to Copilot Pro receive extended usage of Vision.

That is: do you feel lucky?

Microsoft has a video from last month showing off Copilot Vision. It’s a mockup, not a demo — it shows the Macintosh version of Excel, not the one for Windows 11. Nobody involved in making this video gave a hoot either. [YouTube]

Copilot Vision is only available in the US for now, with some non-European countries coming later.

This is barely a product. This is Microsoft throwing stuff against the wall to see if they can get anyone to care about their AI offerings. And violating privacy hard enough they don’t even dare offer it in Europe.

• Video version

Tea, the viral women’s dating safety app, has turned off direct messages after 404 Media revealed that a vulnerability allowed unauthorized parties to gain access to users’ direct messages, including many in which women discussed their abortions, cheating partners, and phone numbers they sent to one another.

Kasra Rahjerdi, the independent security researcher who first flagged the issue to 404 Media, shared a cache of more than a million Tea direct messages that 404 Media then verified. He said the security issue lasted until late last week. Tea announced late Monday it was turning off direct messages altogether.

A user of women’s dating safety app Tea has filed a class action lawsuit after the app repeatedly exposed users’ sensitive data, including selfies, photographs of IDs, and more than a million direct messages sent by users. Both data breaches were first revealed by 404 Media.

The plaintiff, California resident Griselda Reyes, “seeks to hold the Defendant responsible for the harms it caused and will continue to cause” her and “thousands of other similarity situated persons in the massive and preventable cyberattack,” the lawsuit reads.

Tea aims to provide a space where women can anonymously sign up and safely share information about men they are dating. Tea skyrocketed to the top of the U.S. Apple App Store last week, after which members of the notorious troll forum 4chan found an exposed Tea database which contained tens of thousands of images of Tea users and identity documents. Tea requires users to take a selfie when making an account to ensure that only women can access the service.

The lawsuit says Reyes “submitted an image containing her PII [personally identifiable information] to Tea as part of the sign-up process.”

The lawsuit was filed by Cole & Van Note, a law firm that deals with data breaches almost exclusively.

“A lot of women went on the app with the express or implied promise that their information would be kept secure, that the information would only be used to verify their identity,” Scott E. Cole, one of the lawyers who filed the complaint against Tea, told us on a call. “I think that for people who are already in the segment of the population that is worried about online dating, the people that went to this site thought they were going to be treated with their information would be treated with anonymity, and that that trust was violated.”

Cole said he expects that more lawsuits against Tea will be filed across the country first, and that he hopes all of them will join the class action. 

404 Media first reported that data exposure on Friday. On Monday, 404 Media revealed a second security issue that allowed unauthorized parties to download more than a million direct messages between Tea users. Many of those messages were highly sensitive, and included discussions around abortion, cheating, and other personal data like phone numbers.

The lawsuit points to both of these breaches and says that Tea has not notified individual victims, instead saying Reyes learned of the incidents from media reports. On Monday Tea said in a social media post it was temporarily stopping the direct messaging system.

Tea declined to comment for this story.

Michael Kalus posted a photo:

Michael Kalus posted a photo:

Michael Kalus posted a photo: