alt Hacker NewsGP is talking about isolation inside the current user. Recent macOS versions ask before allowing a program to access files inside Documents, Desktop, etc. Whether that helps or not is debatable, but it’s not quite the same as what Windows ACLs do out of the box. To achieve the same on Windows, one would have to run the program as a different user to which they’d selectively grant access to the folders inside their profile.
You can enable controlled folders on Windows: https://learn.microsoft.com/en-us/defender-endpoint/controll...
It's not enabled by default, though. Enabling it by default would probably break just about every Windows program out there and like UAC on Vista, everyone would turn it off immediately.