Microsoft Will Switch Off Recall by Default After Security Backlash
What specific changes has Microsoft announced regarding the deployment of the Recall feature in its Windows operating systems?
Microsoft has announced several significant changes to the deployment of the Recall feature in its Windows operating systems. These changes are designed to address the privacy and security concerns raised by the feature, which captures a snapshot of the user's activity every five seconds for AI analysis. Here are the main changes:
-
Opt-in Feature: Recall will now be an opt-in feature, meaning it will not be turned on by default. Users will have to choose to enable it during the setup process of Copilot+ PCs. This change gives users a clearer choice about whether they want to use the feature and allows them to opt-out if they have privacy concerns.
-
Windows Hello Authentication: Users will now need to use Windows Hello, which requires facial recognition or a fingerprint scan, to enable Recall and access its data. This adds an extra layer of security and ensures that only the authorized user can access the stored data.
-
Enhanced Encryption: Microsoft is adding "just-in-time" decryption protected by Windows Hello Enhanced Sign-in Security (ESS). This means that the snapshots taken by Recall will be encrypted and will only be decrypted and available after user authentication. The search index database will also be encrypted.
-
Data Storage: Recall's data will remain on the user's device and won't be used to train AI models. Users will have the ability to block Recall from snapshotting specific apps, and they can pause or delete snapshots.
These changes aim to make Recall more secure and give users more control over their data. However, some privacy concerns remain, particularly regarding the potential for domestic abusers to demand access to the data or for the data to be subpoenaed in legal cases. Despite these concerns, Microsoft is moving forward with the rollout of Recall, with the feature set to be available on certain Copilot+ PCs later this month.
How does the Recall feature function, and what type of data does it collect from users?
The Recall feature is an AI-powered tool introduced by Microsoft for Copilot+ PCs running on Windows 11. It aims to enhance user experience by allowing them to search and retrieve their past activities on their PC. To achieve this, Recall records everything users do on their PC, including activities in apps, communications in live meetings, and websites visited for research.
Recall works by taking images of the user's active screen every few seconds and saving them as snapshots3. These snapshots are then stored locally on the user's PC's hard drive. Users can locate the content they have viewed on their PC using search or a timeline bar that allows them to scroll through their snapshots. By performing a Recall action, users can access a snapshot from a specific time period, providing context for the event or moment they are searching for. It also allows users to search through teleconference meetings they've participated in and videos watched using an AI-powered feature that transcribes and translates speech.
In terms of data collection, Recall captures a wide range of user activities and stores them as snapshots. This includes activities in applications, live meeting communications, and websites visited. The feature takes screenshots every five seconds, which are then saved locally on the device. It's important to note that Recall doesn't actively hide sensitive information like passwords and financial account numbers that appear on-screen.
Despite the potential privacy concerns, Microsoft emphasizes that the Recall index remains local and private on-device, encrypted in a way that is linked to a particular user's account. "Recall screenshots are only linked to a specific user profile and Recall does not share them with other users, make them available for Microsoft to view, or use them for targeting advertisements. Screenshots are only available to the person whose profile was used to sign in to the device," Microsoft says. Users can pause, stop, or delete captured content and can exclude specific apps or websites. Recall won't take snapshots of InPrivate web browsing sessions in Microsoft Edge or DRM-protected content.
How has the Recall feature been marketed by Microsoft, and what are the potential legal implications for users who enable it?
Microsoft has marketed its Recall feature as an AI-powered tool that enhances productivity and memory recall by capturing a history of user activity on Windows devices. The feature, which is exclusive to Copilot+ PCs, periodically saves snapshots of the user's screen, allowing them to quickly search and find content they have seen in apps, websites, images, and documents4.
However, the feature has raised significant privacy and security concerns due to the sensitive nature of the data it collects. Cybersecurity experts have criticized Recall for silently storing a screenshot of the user's activity every five seconds, which could include sensitive information like bank logins, passwords, and browsing history. While this data is stored locally on the user's machine and not uploaded to the cloud, it remains accessible to any hacker who gains temporary access to the user's Recall-enabled device.
In response to the criticism, Microsoft has made Recall an opt-in feature and introduced new security measures to better encrypt the data and require authentication to access it. However, users who enable the feature may still face legal implications. For instance, there may be a risk of legal discovery in which a corporate legal team could be compelled to turn over all of a user's actions recorded by Recall. Furthermore, there are potential privacy issues related to domestic abusers who may demand partners give up their PINs or situations involving subpoenas or lawsuits that compel users to turn over their historical data6.