Published: Jun 10, 2024
Key Takeaways:
- Microsoft will disable the AI-powered Recall feature by default on new Copilot+ PCs.
- Recall snapshots will now be encrypted and accessible only through Windows Hello authentication.
- IT administrators will be able to disable the snapshot-saving feature but cannot enable it on behalf of users.
Microsoft has committed to making changes to Recall before its launch on new Copilot+ PCs later this month, opting to disable the AI-powered Copilot feature by default for all Windows users. This decision follows privacy and security concerns raised by researchers regarding the potential misuse of the controversial Recall feature.
Last month, Microsoft announced the Recall feature for the new Copilot+ Windows PCs. This feature takes a snapshot of each user’s action on the screen every few seconds. It stores these images locally and analyzes them with an AI model to enhance search results. Microsoft assured that user data would not be used to train these models.
However, security researchers pointed out that Recall could be exploited to access and steal a user’s entire PC usage history. The data was stored in an easily accessible, non-encrypted SQLite database, potentially exposing sensitive information.
In response to these concerns, Microsoft will now disable Recall by default on Copilot+ PCs, and users must activate it during the out-of-box experience. Moreover, the company will require enrollment in Windows Hello in order to use Recall. Users will also need to authenticate each time they open the Recall app to view their timeline.
“Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards. With that in mind we are announcing updates that will go into effect before Recall (preview) ships to customers on June 18,” explained Pavan Davuluri, CVP for Windows and Devices.
Lastly, Microsoft is boosting Recall’s security with “just in time” decryption. This means that Recall snapshots will be encrypted and require Windows Hello authentication to be decrypted. Microsoft is also encrypting the search index database to protect sensitive information. It would prevent users from accessing another user’s Recall snapshots stored on the same PC.
Microsoft emphasized that all Recall data is stored and processed locally, with snapshots never shared with Microsoft or other entities. Users will be able to track when Recall is saving snapshots via taskbar and system tray icons, and they will have the ability to pause, filter, or delete snapshots at any time. Additionally, IT administrators can choose to disable the snapshot-saving feature on Copilot+ PCs, but cannot enable it for end users within their organizations.
Microsoft also noted that the Recall feature will be available only on the first wave of Copilot+ PCs. These new PCs will come with enhanced security features like Microsoft Pluton security chips and Windows Hello Enhanced Sign-in Security (ESS).