Microsoft Addresses Security Concerns, Makes AI Recall Feature Opt-In

Microsoft has recently announced significant changes to its controversial Recall feature, which was set to debut as part of the company's new Copilot+ PCs initiative on June 18th. The Recall feature, which takes regular screenshots of user activity and creates an AI-searchable index, had raised concerns among security experts and privacy advocates. In response to the backlash, Microsoft is now making Recall an opt-in feature and adding additional layers of security to protect user data.


With its built-in Timeline interface, Recall allows you to effortlessly scroll back through various snapshots that Windows has captured based on your search criteria. Imagine searching for "dinosaurs" and instantly accessing every instance where content related to dinosaurs appeared on your screen. This powerful tool enables you to quickly jump to specific moments in time, making it easier than ever to find and revisit important information. All these are done using the NPU on the device without using the cloud.


It goes beyond simple search functionality by understanding the content currently displayed on your screen and providing contextual suggestions. Whether you're looking at an image on a webpage or working with documents side by side, Recall intelligently offers prompts to streamline your workflow. With just a single click, you can edit photos, compare documents, and access relevant tools, saving you valuable time and effort.

Under the hood, Windows will take frequent screenshots, decode text in images and chronicle what's happening in meetings, making it easier to rediscover a moment in time later. For those who don't want everything they do logged and stored, Microsoft allows people to delete specific snapshots, choose specific websites or apps not to include in Recall, and to snooze the feature for a particular period of time.


When Microsoft first unveiled the Recall feature last month, it was met with criticism from the cybersecurity community. Experts warned that the feature, which was initially planned to be turned on by default, could be a "disaster" for cybersecurity if left unchanged. Meredith Whittaker, President of Signal, called Recall a "dangerous honeypot for hackers," highlighting the potential risks associated with storing user data in this manner.


In a recent blog post, Microsoft executive Pavan Davuluri announced that the company is updating the setup experience for Copilot+ PCs. Users will now have a clearer choice to opt-in to saving snapshots using Recall. If a user does not proactively choose to turn the feature on, it will be off by default. This change addresses one of the primary concerns raised by privacy advocates, ensuring that users have control over whether their data is collected and stored by Recall.



One of the main concerns surrounding Recall was its potential to become a "dangerous honeypot for hackers," as described by Signal President Meredith Whittaker. To address these issues, Microsoft has made several key changes:

• Opt-in experience: Recall will now be an opt-in feature, meaning users must actively choose to enable it during the setup process. If not enabled, Recall will remain off by default.
• Proof of presence: To view a user's timeline and search in Recall, authentication through Windows Hello will be required, ensuring that only authorized users can access the data.
• Enhanced encryption: Microsoft has added "just in time" decryption, protected by Windows Hello Enhanced Sign-in Security (ESS), to ensure that Recall snapshots are only decrypted and accessible when the user authenticates. The search index database will also be encrypted.

In addition to the security enhancements, Microsoft has emphasized its commitment to user privacy with Recall:

• Local storage: All Recall data is stored and processed locally on the user's device, with no internet or cloud connections involved.
• No data sharing: Recall snapshots are not shared with Microsoft, other companies, applications, or even other users signed into the same device.
• User control: Users have the ability to pause, filter, and delete their Recall data at any time, giving them complete control over what is being captured.
• Enterprise control: IT administrators in enterprise environments can disable the ability to save snapshots on managed work devices, but cannot enable the feature on behalf of users.

Microsoft's decision to make changes to the Recall feature demonstrates the company's willingness to listen to feedback from customers, developers, and enterprises. In his blog post, Davuluri stated that Microsoft will continue to evolve its experiences based on this feedback, prioritizing privacy, safety, and security first. This aligns with Microsoft CEO Satya Nadella's recent call for employees to make security their top priority, even if it means prioritizing it over new features or ongoing support for legacy systems.

The updates to Recall are a step in the right direction, showcasing how user feedback and collaboration with security experts can lead to more secure and trustworthy AI implementations. As Microsoft continues to innovate with its Copilot+ PCs initiative, the company has pledged to listen to and learn from its customers to evolve these experiences in meaningful ways.