After privacy and security experts voiced concerns about Recall – an exclusive, AI-driven search feature in Microsoft’s upcoming Copilot+ PCs – the Windows giant says it will turn off the feature by default, require Windows Hello authentication to use it and add ‘additional layers of data protection.’
Microsoft said it’s improving privacy and security safeguards for its AI-driven Recall feature that will become available in laptops under its new Copilot+ PC program later this month.
Pavan Davuluri, corporate vice president of Windows and Devices, outlined the changes in a Microsoft blog post Friday and said they were made in response to customer feedback.
[Related: Qualcomm Challenges Intel, Apple With Snapdragon X Chips For Copilot+ PCs]
“Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards,” he wrote.
Recall will enable users to search for previous things they’ve seen on their PC, and it’s one of the exclusive AI features in the upcoming Copilot+ PCs, which Microsoft revealed at its Build event in May as “the fastest, most intelligent Windows PCs ever built.”
Since Recall was revealed, security and privacy experts have voiced concerns about the feature, mainly because it periodically takes a screenshot of a user’s screen to build an explorable visual timeline of nearly every action they make.
When Microsoft revealed the feature, it wouldn’t hide any sensitive or confidential information captured in the screenshots unless a user filters out specific applications or websites or browses privately on supported browsers such as Microsoft Edge, Firefox, Opera and Google Chrome. It was also confirmed that Microsoft would keep Recall on by default for Copilot+ PCs.
In response to the announcement, security researcher Kevin Beaumont called Recall a “security nightmare” that could allow hackers to uncover a user’s every action by accessing the database and screenshots that serve as the feature’s foundation.
“Recall enables threat actors to automate scraping everything you’ve ever looked at within seconds,” wrote Beaumont, a former senior threat intelligence analyst at Microsoft, in a follow-up blog post on May 31.
David Ruiz, a senior privacy advocate at Malwarebytes, brought up similar concerns.
“With Recall, a CEO’s personal laptop could become an even more enticing target for hackers equipped with infostealers, a journalist’s protected sources could be within closer grasp of an oppressive government that isn’t afraid to target dissidents with malware, and entire identities could be abused and impersonated by a separate device user,” he wrote on May 22.
What Microsoft Is Changing In Recall
In the blog post, Davuluri outlined three changes Microsoft is making to Recall before the feature becomes available to customers with the launch of Copilot+ PCs on June 18:
- First, Microsoft said it’s changing the Copilot+ PC setup to make Recall an opt-in feature.
- Second, Microsoft said it’s now requiring users to use Windows Hello to enable Recall, and proof of presence is required to access the timeline and search.
- Third, Microsoft said it’s adding “additional layers of data protection” to Recall. These layers include “just in time” decryption that the company said is protected by Windows Hello Enhanced Sign-in Security, which means “Recall snapshots will only be decrypted and accessible when the user authenticates.” It added that it has encrypted Recall’s search index database.
Davuluri said Recall’s other data protection layers include Windows features that have been enabled by default, such as SmartScreen and Defender.
The executive also emphasized that “Copilot+ PCs have been designed to be secure by default,” taking advantage of Microsoft technologies like the Secured-core PC feature and the Pluton security processor, which will be embedded within Copilot+ PCs.
His blog post contained other assurances about the privacy and security safeguards of Recall that were outlined when Microsoft revealed the feature: all data is processed and stored locally, screenshots are not shared with Microsoft, users can pause, filter or delete what information is saved at any time, and IT administrators can remotely disable screenshot-taking.
“As we always do, we will continue to listen to and learn from our customers, including consumers, developers and enterprises, to evolve our experiences in ways that are meaningful to them,” Davuluri wrote.