Microsoft said on Friday that it will disable its much-criticized artificial intelligence (AI)-powered Recall feature by default and make it optional.
Currently in beta and coming exclusively to Copilot+ PCs on June 18, 2024, Recall works as an “explorable visual timeline” by capturing screenshots of what appears on users’ screens every five seconds, which are then analyzed and analyzed , so that relevant information appears.
However, this feature, which was supposed to serve as some kind of artificial intelligence photo memory, was met with immediate backlash from the security and privacy community, which chastised the company for not thinking through and implementing adequate safeguards that could prevent malicious for actors to easily gain a window into the victim’s digital life.
Recorded information may include screenshots of documents, emails or messages containing sensitive details that may have been temporarily deleted or shared using disappearing or self-destructing formats popular on instant messaging platforms.
WIRED’s Andy Greenberg called Recall “junk, pre-installed spyware built into new Windows PCs”. Windows Central reported that Microsoft was “too secretive” about Windows Recall during development and decided not to test it publicly.
In an attempt to counter the growing wave of criticism, Microsoft said that users have full control over the entire Recall experience and that it launched the feature in a preview version to help gather customer feedback.
Major changes introduced to the feature include a security update and a new settings process to enable it, giving users the option to completely opt out of regularly saving screenshots with the Recall feature.
The security changes also require users to sign up for a Windows Hello biometric scan to enable the Recall feature with the presence confirmation necessary to view the timeline and perform searches.
In addition to encrypting the search index database (which was previously stored in an unencrypted SQLite database), the tech giant noted that Recall images will be decrypted and only accessible after user authentication.
“Copilot+ PCs will launch with just-in-time decryption protected by Windows Hello Enhanced Sign-in Security (ESS), so Recall images will only be decrypted and accessible when the user authenticates,” Pavan Davuluri, Microsoft’s corporate vice president for Windows + Equipment, he said.
“This provides an additional layer of protection for Recall’s data on top of other default enabled window security features such as SmartScreen and Defender, which use advanced artificial intelligence techniques to prevent malware from accessing data such as Recall.”
Redmond went on to reiterate that Recall images are stored and processed locally on the device and are not shared with other companies or applications. It also states that users can pause, filter and delete what is saved at any given time.
For users on managed work devices within enterprise environments, IT administrators have control over disabling the Recall feature, even if they cannot enable it themselves. Microsoft emphasized that the choice is left only to the users.
“When you get to the desktop, you’ll see Recall pinned to the taskbar,” Davuluri said. “You’ll have a Take Snapshot icon on your taskbar to notify you that Windows is saving snapshots.”
“Talking has been shown to work,” said security researcher Kevin Beaumont, who was a vocal critic of the original Recall implementation. “Obviously there will be devils in the details – potentially big ones – but there are some good elements here. Microsoft needs to commit to not trying to push users to enable this in the future.”
“Overall, I think having a choice about logging in on home systems will save a lot of people security issues down the line. It should never have been enabled by default.”
Microsoft’s change of course comes amid a series of security debacles the company has faced at the hands of Russian and Chinese nation-state actors in recent years, prompting it to prioritize security above all else as part of its Secure Future Initiative (SFI).
“If you’re faced with a trade-off between security and another priority, your answer is clear: Do security,” Microsoft CEO Satya Nadella said in a memo to employees last month. “In some cases, this will mean prioritizing security over other things we do, such as releasing new features or providing ongoing support for legacy systems.”