In response to privacy concerns users raised, Microsoft is adjusting its new Recall feature before its official launch on June 18, 2024. Announced in a detailed blog post, the company outlined changes to the setup experience, privacy controls, and its commitment to security.
Recall, designed for devices running on Copilot+ PCs, offers a unique way to instantly find content you’ve previously seen on your computer. This is achieved by creating an “explorable visual timeline” through snapshots of your screen activities. These images are encrypted and stored locally, with on-device AI capabilities analysing their context. This allows you to visually retrace your steps by reviewing these snapshots when you log back into your Copilot+ PC.
Designed with security in mind
Understanding that user trust is crucial, Microsoft has implemented several privacy and security controls for Recall. Users can turn off the snapshot feature, pause it temporarily, filter applications, and delete snapshots anytime. Here are the critical aspects of these controls:
Local storage of snapshots: Snapshots are processed and stored exclusively on your device without using any internet or cloud connections. This ensures all AI processing happens locally, keeping your snapshots private and secure on your device.
No snapshot sharing: Recall does not send your snapshots to Microsoft or any other company. These snapshots are not shared with other users, even those on the same device. Per-user encryption further ensures that even administrators cannot access other users’ snapshots.
Visible notifications: You’ll know when Recall is active through a pinned taskbar and system tray icons, indicating when snapshots are being saved.
Privacy in browsing: Recall does not save snapshots of digital rights-managed content or private browsing sessions in supported web browsers.
User control: You have complete control over the snapshot feature. You can disable, pause, filter specific applications and websites, and delete snapshots whenever you choose.
Enterprise and customer choice: For managed work devices, IT administrators can disable the snapshot feature, but they cannot enable it without your consent. The decision to allow Recall is solely yours. This ensures that your data is protected and under your control, even in a corporate setting.
Security updates
To further address user concerns, Microsoft is making Recall an opt-in feature. Users must proactively choose to enable it; otherwise, it remains off by default. Additionally, Windows Hello enrollment is required to activate Recall. Proof of presence is also necessary to access your timeline and search within Recall. This means that Recall snapshots will only be decrypted and accessible when the user is authenticated through Windows Hello Enhanced Sign-in Security (ESS).
Early access and feedback
Microsoft is launching Recall in a preview mode on Copilot+ PCs, giving customers the option to try the feature early. This approach allows the company to gather valuable feedback from real-world use cases, helping to refine the feature further.
By making these changes, Microsoft reaffirms its commitment to address privacy concerns and build trust among its users. We are dedicated to ensuring that Recall is a secure and useful tool for managing and retrieving past content on your device without compromising your privacy or data security.