Microsoft said Friday it will disable the much-criticized artificial intelligence (AI)-based Recall feature by default and make it opt-in.
Currently in preview and available exclusively for Copilot+ PCs on June 18, 2024, Recall functions as an “explorable visual timeline” by taking screenshots of what appears on users’ screens every five seconds, which are then analyzed and parsed to extract relevant information to bring up.
But the feature, intended to serve as a kind of photographic memory using AI, was met with immediate backlash from the security and privacy community, which blasted the company for not having put enough thought and implemented adequate security measures that could prevent malicious actors from easily gain access to a victim’s digital life.
The recorded information may include screenshots of documents, emails or messages containing sensitive details that may have been deleted or temporarily shared using disappearing or self-destructing formats popular on instant messaging platforms.
WIRED’s Andy Greenberg called Recall an “unsolicited, pre-installed spyware built into new Windows computers.” Windows Central reported that Microsoft was “overly secretive” about Windows Recall during development and chose not to test it publicly.
In an effort to counter the increasing barrage of criticism, Microsoft said that users will have full control over the entire Recall experience and that it has launched the feature in preview to help gather customer feedback.
Among the substantial changes introduced to the feature include security updates and a new installation process to enable this feature, giving users the choice to completely opt out of periodically saving screenshots using Recall.
The security changes also require users to enroll in Windows Hello biometric scanning to enable Recall, which requires proof of presence to view the timeline and perform searches.
In addition to encrypting the search index database (which was previously stored in an unencrypted SQLite database), the tech giant noted that Recall snapshots are only decrypted and accessible after user authentication.
“Copilot+ PCs launch with ‘just in time’ decryption, protected by Windows Hello Enhanced Sign-in Security (ESS), so Recall snapshots will only be decrypted and accessed when the user authenticates,” said Pavan Davuluri, Microsoft’s vice president president for Windows + Devices, said.
“This provides an additional layer of protection for Recall data in addition to other default enabled Window Security features such as SmartScreen and Defender, which use advanced AI techniques to prevent malware from accessing data such as Recall.”
Redmond further reiterated that Recall snapshots are stored and processed locally on the device and are not shared with other companies or applications. It also said that users can pause, filter and delete what has been saved at any time.
For managed work device users within corporate environments, IT administrators have the option to disable Recall, although they cannot enable it themselves. Microsoft emphasized that the choice is left solely to the users.
“You’ll see Recall pinned to the taskbar when you reach your desktop,” Davuluri said. “There is a Recall snapshot icon in the system tray to let you know when Windows saves snapshots.”
“It turns out that speaking out works,” says security researcher Kevin Beaumont, who was an outspoken critic of Recall’s original implementation. “There are clearly devils in the details – potentially big ones – but there are some good elements. Microsoft must commit to not trying to trick users to enable this in the future.”
“I think having the choice to opt in for home systems in general will save a lot of people security issues later. It should never have been enabled by default.”
Microsoft’s change in direction comes amid a series of security debacles the company has faced in recent years at the hands of Russian and Chinese nation states. This has prompted the company to put security above all else as part of its Secure Future Initiative (SFI). ).
“When faced with the trade-off between security and another priority, your answer is clear: do security,” Microsoft CEO Satya Nadella said in a memo to employees last month. “In some cases, this means prioritizing security over other things we do, such as releasing new features or providing ongoing support for legacy systems.”