A few people have pointed out the security separation being a point of difference in Windows but I do wonder if that actually exists or if is it just assumed?

The hardware itself just presents as a regular camera with a regular generic driver, nothing special about it.

The login screen context is certainly segregated context (has been Win2k, I think) but does anyone elevate to enroll their face under their own user context?

I've never used Windows Hello, so my knowledge is quite dated but I don't belive fingerprint scanners do, which would be a similar mechanism where an abstract identity token from an arbitrary hardware device is created and stored without the need to elevate. Presumably you still need to authenticate to prove "you are you" when enrolling new methods but just no privilege escalation to use the hardware device for the capture itself.

@jik Yeah, does look to be IR based on the output. It just seems very unusual to provide the illusion of privacy with hardware right next to it.

I haven't got a Windows version to test with but it equally there's a lot of privileged software that would be able to get to it just fine. From the legitimate sources, I doubt there's much specific logging if your SOC decided to bring it up remotely (nothing in directly in Elastic, Helix or Sophos comes to mind... Maybe Sysmon output).

From the not so legitimate sources, LPE on windows is not treated particularly critically and are pretty common. eventvwr and razor keyboard driver installers both had longstanding "easy wins", to mention the myriad of opportunistic dll highjacking.

The solution for all that would be for the privacy switch to actually just work as one would expect it too, even if it inconveniences windows hello.