In this case, if Recall records the screen constantly then it can get the DRMed video from Netflix, and therefore possibly exfiltrate it to the user for piracy easier? I think they nominally try to prevent you streaming it / recording it to shut that down.
The expectation is that Microsoft is exfiltrating this data because they want to use it for AI training, ad targeting etc. That doesn't require the user to have access to it, they'd just need some new rationale for exfiltrating it. Insert malware scanning excuse etc.
Also, the issue is that somebody is going to copy a ~30 fps video using screenshots without audio taken at an interval of ~0.2 fps? Nobody is going to do it that way.
But the larger issue is, if Microsoft Windows is able to grab DRMed content, there is some path to grab DRMed content at all. Which means that if someone with lots of time, passion and talent on their hand might be able to exploit that path to get more then just a screenshot without audio every 0.2 fps.
The promise of DRMed content at the moment is that (technically) no one is able to do so as there are no backdoors into it, for nobody.
Ideally, the entire path from source to display is secure and inaccessible (even for the operating system), that is the core promise of DRM. Of course the device must render the content somehow, but DRM is specifically designed to ensure that this path can't be intercepted or exploited.
What happens outside of that path, before it's decrypted or after it's displayed, is beyond what DRM is meant to control.
In order for the device to display the content on the screen, some part of the device has to have access to the plaintext. That part of the device is controlled by Microsoft -- it's their DRM system, they wrote that code and have the keys to update it -- so they inherently have access to it. Saying "that part is outside the scope of the DRM" is just defining your way around the fact that they can still do it.
Or to put it another way, if some court orders Microsoft to extract some DRM-protected content, what do you think happens?
To really delve into the technical side of things: I’m fairly certain that large parts of Windows, especially when it comes to DRM, rely on third-party technologies, components that Microsoft licenses and integrates but doesn't necessarily have full visibility into or control over. That could very well include parts of the DRM stack itself.
So while Microsoft controls the platform, that doesn’t automatically mean they can trivially extract plaintext content from DRMed streams, especially not without compromising the integrity of systems they themselves may not fully own.
