Kernel-level anti-cheat is one of the most argued-about topics in PC gaming. It is worth separating the genuine concerns from the exaggerated ones.
What "kernel level" means
Most software you run is a normal application with limited permissions. A kernel driver runs at the operating system's most privileged layer, with access to memory, hardware and other processes. Anti-cheats go there because cheats go there too — to catch a kernel cheat you generally need kernel-level visibility.
The genuine concerns
Two concerns are reasonable. The first is attack surface: any kernel driver is privileged code, and if it contains a vulnerability, it can become a route for attackers to gain full system access. A widely installed anti-cheat driver is a large, attractive target. The second is always-on behaviour: some anti-cheats keep a component running even when you are not playing, which people reasonably want to know about and control.
The overstated parts
Other claims are exaggerated. A kernel anti-cheat technically can see a great deal, but reputable vendors are not interested in your documents or browsing — their incentive is detecting cheats, and abusing that access would be a catastrophic legal and reputational risk. The realistic worry is not deliberate spying; it is the security trade-off of running more privileged code.
What you can control
You can usually uninstall an anti-cheat by uninstalling the game, and on many systems you can see and stop a driver that runs at startup. Knowing which games install kernel components — and whether they run outside the game — lets you make an informed choice.
The takeaway
Kernel anti-cheat is a real trade-off, not a conspiracy. The honest summary: the privacy-spying fear is overblown, but the security and always-on concerns are legitimate. The useful response is to know what each game installs and decide deliberately.