Microsoft will give users a ‘clearer choice to opt-in’ to the Recall feature, which aims to help users find content more easily by taking regular screenshots of their activities.
Microsoft has announced some updates to the Recall feature for Copilot+ PCs after security experts raised issues with the feature.
The Recall feature is a way to help users find content that they have previously seen on their Copilot+ PCs, by taking regular screenshots of a user’s activities. These screenshots are then encrypted and stored on the PC for users to access when needed.
But various security experts have spoken out against this optional feature, raising issues around privacy and cybersecurity, as stored data is always a target for criminals. In response to these concerns, the UK’s Information Commissioner’s Office is also looking into this Recall feature.
Other experts claim to have found distressing security flaws within this feature. One hacker tool claims to be able to extract all the data collected by Recall, Wired reports. Last week, one security researcher told WindowsCentral that the data Recall collects is actually unencrypted.
In response, Microsoft has shared some updates that will go into effect before the Recall preview is made available to customers on 18 June. One of these updates is to give users a “clearer choice to opt-in” when setting up their Copilot+ PCs.
Pavan Davuluri, Microsoft’s corporate VP of Windows and devices, said that Recall will be off by default unless users “proactively choose to turn it on”. He also said that Windows Hello enrollment is required to enable the Recall feature.
“In addition, proof of presence is also required to view your timeline and search in Recall,” Davuluri said. “We are adding additional layers of data protection including ‘just in time’ decryption protected by Windows Hello Enhanced Sign-in Security so Recall snapshots will only be decrypted and accessible when the user authenticates.”
Microsoft also reiterated the security aspects to this Recall feature, such as having screenshots stored locally on Copilot+ PCs. The company also said these screenshots will not be used to train the AI on these PCs.
“As we always do, we will continue to listen to and learn from our customers, including consumers, developers and enterprises, to evolve our experiences in ways that are meaningful to them,” Davuluri said.
Find out how emerging tech trends are transforming tomorrow with our new podcast, Future Human: The Series. Listen now on Spotify, on Apple or wherever you get your podcasts.
