Microsoft's Recall feature will now be opt-in and double encrypted after privacy outcry

The Recall feature is an AI-powered tool introduced by Microsoft for its new line of Copilot+ PCs. It is designed to automatically capture screenshots of a user's desktop every five seconds, creating a searchable history of their computing activity. This feature allows users to search their computing history using natural language queries, enabling them to find specific moments or pieces of information from their past interactions with their computer.

The intended benefits of the Recall feature include:

1. Enhanced Search Capabilities: Recall provides users with a powerful search tool that can help them find information from their past interactions with their computer6. This goes beyond traditional search methods, as it allows users to search for information based on visual memories or contextual cues, rather than relying solely on specific keywords or file names.

2. Improved Productivity: By providing a comprehensive record of a user's computing activity, Recall can help users quickly retrace their steps and find information they may have missed or forgotten. This can save time and improve productivity by reducing the need to manually search through files, emails, or web browsing history.

3. Photographic Memory for Your PC: Microsoft's CEO Satya Nadella has described the Recall feature as a "photographic memory" for your PC. This means that the feature is designed to function as an extension of your own memory, allowing you to recall and revisit past interactions with your computer with ease.

However, the feature has faced significant criticism from security researchers due to its potential privacy risks. In response, Microsoft has announced that it will make the feature opt-in, require biometric authentication to access stored data, and add additional layers of encryption to enhance user privacy and security.

Microsoft plans to implement several new security measures for the Recall feature before its public release on June 18th4. These changes are in response to criticism from security researchers regarding potential privacy risks. The new security measures include:

1. Making Recall an opt-in feature during PC setup, with the feature turned off by default. This gives users a clearer choice to enable the feature if they wish to do so.
2. Requiring Windows Hello biometric enrollment and "proof of presence" to view the Recall timeline and search its contents. This ensures that only the authorized user can access the stored data.
3. Adding "just in time" decryption of the Recall database protected by Windows Hello Enhanced Sign-in Security (ESS). This means that the stored screenshots will only be decrypted and accessible when the user authenticates using their biometrics on their enrolled device.
4. Encrypting the search index database to add an extra layer of protection for the stored data.

These changes aim to address the privacy concerns raised by security experts and make it more difficult for unauthorized users or attackers to access the sensitive data captured by Recall.