Microsoft makes Windows’ Recall feature opt-in following cybersecurity concerns

Microsoft Corp. is moving to change its new Recall tool for Windows after drawing regulatory scrutiny in the U.K. and criticism from some cybersecurity researchers.

Pavan Davuluri, Microsoft’s corporate vice president for Windows and devices, detailed the update in a blog post published today. One of the most significant changes is that Windows will enable Recall only if users opt in to enable it. Microsoft will also integrate new cybersecurity mechanisms into the feature, which is set to become broadly available later this month.

Recall will be available for personal computers that comply with the company’s recently introduced Copilot+ PC specification. It’s a technical standard that requires machines to include at least 16 gigabytes of RAM, 256 gigabytes of storage and a chip optimized to run artificial intelligence models. Computers that meet Microsoft’s criteria will receive a set of new AI and cybersecurity capabilities.

One of the capabilities included in the bundle is Recall, the focus of the update that Microsoft announced today. The tool takes a screenshot of the user’s screen every five seconds. When consumers look up a document or webpage they accessed in the past using Windows’ search bar, Recall can surface relevant screenshots that show their interactions with the asset in question.

On May 21, the day after Microsoft introduced Recall and the Copilot PC+ specification, the U.K.’s privacy watchdog announced that it’s looking into the feature. The Information Commissioner’s Office stated at the time that it’s “making enquiries with Microsoft” to obtain more information for use in its review.

More recently, cybersecurity researchers discovered that Recall stores screenshots in a database without a built-in encryption mechanism. The images are only protected by BitLocker, a Windows feature that encrypts a PC’s storage drive and  decrypts it when the user logs in. This arrangement reportedly makes it relatively easy for other users of a Windows 11 computer and malware to access Recall screenshots.

According to Microsoft, the update announced today will address the issue by encrypting Recall’s “search index database.” For added measure, the company will only make the tool accessible on computers that have the Windows Hello biometric authentication feature enabled. Users will have to log into Windows Hello every time they wish to access the screenshots.

Rather than being enabled by default on compatible PCs, Recall will be available as an opt-in feature. The option to turn on the tool is accessible through a new interface panel that explains users may change their settings later and delete screenshots. 

Microsoft plans to release Recall for Copilot+ PC computers on June 18. 

Image: Microsoft