In response to customer and regulatory officials’ concerns,Microsofthas changed how itsRecall snapshot featurewill work. The change comes ahead of the June 18 debut of the new Copilot+ PCs, making the Recall feature opt-in and enhancing the security protocols protecting the data.
When Microsoft introduced the suite of AI features that madeCopilot+ laptopsunique, early testers quickly learned that the Recall feature was enabled by default. Recall takes periodic snapshots of your desktop every few seconds.
Using AI and image recognition, Recall allows you to search for almost anything you’ve done on your PC. For example, you could ask, “What did Grandma say?” it would locate the last instant message thread or email chain with your grandmother.
The feature immediately drew criticism as testers discovered how easy it was for others to access the snapshot index. U.K. regulators dubbed the Recall feature apotential security risk, calling ita “privacy nightmare.”
Analysis of the feature by Tom’s Hardware editor-in-chief Avram Pilchpointed out the risksto privacy posed by Recall. Recall could capture images containing information like passwords, socialsecuritynumbers, banking information, and more. If someone gained local access to the Copilot+ laptop, the original security measures announced might not have been sufficient to protect that information.
In arecent blog update, Microsoft has reversed course on specific characteristics of the Recall feature. Users now have to deliberately enable Recall for it to work, leaving it turned off by default. Furthermore, activating Recall requires enrollment inWindows Hello, a facial recognition feature. Viewing or searching your Recall timeline will require proof of presence.
Microsoft has also enriched the security of the Recall data. Using additional layers of protection, including “just in time” decryption protected byWindows HelloEnhanced Sign-In Security (SES), Recall snapshots will only be decrypted after you authenticate yourself.
Get Tom’s Hardware’s best news and in-depth reviews, straight to your inbox.
In addition to Recall snapshots not being shared with other users or administrators, accessing the index and images requires the account owner’s authorization. Furthermore, Microsoft explained that users can pause Recall and filter applications and websites from being captured in the snapshots. They can also turn off the feature entirely if they wish to do so after opting in to Recall.
Microsoft reiterated the security approach built into Copilot+ PCs to alleviate security and privacy concerns. These are Secured-core PCs, which utilize advanced firmware safeguards to protect your data.
The Microsoft Pluton security processor, a chip-to-cloud security technology, is also enabled by default on all Copilot+ PCs. This technology leverages Zero Trust principles to lessen the likelihood of credentials, identities, personal data, and encryption keys being disabled or removed.
Assuming testers and researchers don’t identify more chinks in the privacy and security armor ofWindows 11’s new Recall feature, the latest announcement should make Recall safer to use. Time will tell, but Microsoft’s new direction for the feature is undoubtedly a step in the right direction.
Jeff Butts has been covering tech news for more than a decade, and his IT experience predates the internet. Yes, he remembers when 9600 baud was “fast.” He especially enjoys covering DIY and Maker topics, along with anything on the bleeding edge of technology.
