Microsoft Reconsiders Controversial Windows Recall Feature

Windows Recall, a feature that Microsoft unveiled last month alongside its new Copilot+ PCs, will not be turned on by default when it becomes generally available.

Microsoft detailed some of the handrails it's implementing around Recall, which is currently in the pre-release stage, in a blog post Friday.

"Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards," wrote Pavan Davuluri, head of Windows + Devices at Microsoft. "With that in mind we are announcing updates that will go into effect before Recall (preview) ships to customers on June 18."

Recall has been stirring controversy since Microsoft first unveiled it in May right before its Build conference. Recall records every action taken by a Windows user to help create more personalized Copilot interactions. While Recall has been designed to improve the Copilot experience, some in the security community began to express concerns about its potential as a spyware tool.

In an article posted to Medium (soft paywalled), security expert Kevin Beaumont broke down how, with just a few lines of code, Recall could allow attackers to steal a user's entire PC usage history. In his analysis, he said that while the new feature would be useful to many, Microsoft's security track record makes it too risky for public use.

"I think it's an interesting entirely, really optional feature with a niche initial user base that would require incredibly careful communication, cybersecurity, engineering and implementation. Copilot+ Recall doesn't have these," wrote Beaumont. "The work hasn't been done properly to package it together, clearly."

In response to feedback from Beaumont and others, Microsoft has decided to keep Recall disabled by default. Microsoft is also adding an "enrollment" level to use the service and enhancing Recall's security with "just in time" decryption, which uses Windows Hello Enhanced Sign-In Security (ESS).

Microsoft also laid out the current Recall security settings. Recall locally stores and processes snapshots without relying on Internet or cloud connections. These snapshots are never shared with Microsoft or other entities, and per-user encryption ensures privacy even on shared devices.

According to Microsoft, users will be clearly notified when Recall is saving snapshots, with icons visible on the taskbar and system tray. Digital rights managed content and InPrivate browsing data are excluded from snapshots.

Finally, users can manage their snapshots with options to pause, filter or delete them at any time, maintaining control over what is saved. For enterprise users, IT administrators can disable the snapshot-saving feature, but cannot enable it on behalf of users.

Microsoft also said Copilot+ PCs will come with additional security features, including hardware-level baked-in security, the Microsoft Pluton security processor and Windows Hello ESS turned on by default.

"We are on a journey to build products and experiences that live up to our company mission to empower people and organizations to achieve more, and are driven by the critical importance of maintaining our customers' privacy, security and trust," Davuluri said. "As we always do, we will continue to listen to and learn from our customers, including consumers, developers and enterprises, to evolve our experiences in ways that are meaningful to them."

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.