Microsoft Patents a Capability-Based Gatekeeper for Human Presence Sensors
Modern Windows PCs increasingly ship with sensors that detect whether a human is sitting in front of them — and Microsoft is now patenting a system to make sure only the right apps can query that sensor.
What Microsoft's presence sensor access control actually does
Imagine your laptop has a built-in sensor that can tell whether you're sitting in front of it — useful for locking the screen when you walk away or waking it up when you return. Now imagine any random app on your machine being able to silently tap into that sensor and track your presence all day. That's the problem Microsoft is trying to solve here.
This patent describes a gatekeeper system: when an app asks for access to the human presence sensor, Windows checks whether that app has been explicitly granted a "presence sensor capability" — essentially a declared permission. If it has, access is granted. If it doesn't have that capability on file, the request is denied, full stop.
Think of it like the camera or microphone permission prompts you already see on your phone — but applied to presence detection. The goal is to make sure only apps that are supposed to know you're there can actually find out.
How the RPC server checks app capabilities before granting access
The patent describes a method running on a Remote Procedure Call (RPC) server — a background service that brokers requests between apps and system resources (an RPC server is essentially a middleman that lets one program call functions on another program, often on the same machine).
When an app opens a handle (a connection request) to the Presence Management Client, the system performs a capability check:
- If the requesting app has a declared presence sensor capability, the handle is opened and the app gets a live feed from the sensor.
- If the app lacks that capability declaration, the RPC server denies the connection entirely — the app never sees any sensor data.
The "presence sensor capability" itself appears to be a manifest-level declaration — similar to how UWP/Windows app packages declare permissions upfront. This means the check happens at a structural level, not just at runtime via a user prompt.
The patent is careful to frame this as both a security measure (preventing unauthorized presence tracking) and a resource management measure (avoiding unnecessary sensor polling by apps that have no business using it).
What this means for Windows privacy and sensor security
Human presence sensors are shipping in more and more Windows laptops — they're core to features like Windows Hello and attention-aware display dimming. But as with any ambient sensor, there's a real privacy surface here: an app that can silently detect whether someone is at their desk can infer a lot about behavior patterns over time.
By creating a formal capability-gating layer, Microsoft is essentially building the foundation for presence sensor privacy controls analogous to camera and microphone permissions. If this system ships in Windows, you could eventually see per-app presence sensor permissions in Settings — or at minimum, confidence that random background apps can't silently tap the sensor without a declared entitlement.
This is unglamorous plumbing work, but it's the right kind. As presence sensors become standard hardware on Windows PCs, having a proper permission model before the ecosystem matures is exactly what Microsoft should be doing. The alternative — bolting on access controls after apps have already normalized using the sensor freely — is a much messier problem to fix later.
Get one Big Tech patent every Sunday
Plain English, intelligent commentary, no hype. Free.
Editorial commentary on a publicly published patent application. Not legal advice.