Microsoft announced on Friday that it will disable its upcoming Recall feature by default and implement additional changes in response to criticism from security and privacy experts.
The Recall feature, launching in preview, is intended to help PC users quickly retrieve information they have previously viewed on their computers. However, concerns were raised that the feature’s initial design could potentially allow hackers to access sensitive private information.
In a blog post on Friday, Microsoft revealed that the Recall feature will now be opt-in rather than enabled by default. Users will need to activate the feature themselves and authenticate it using biometric methods such as fingerprinting or facial recognition. Additionally, Microsoft announced that it would encrypt the database containing the screenshots that power the recall feature. These adjustments come after significant feedback from security and privacy experts, as well as early testers of the software.
Signal President Meredith Whittaker criticized the Recall feature at the AI+ Summit Axios hosted on Wednesday, calling it “a serious hijacking of trust” and “a dangerous honeypot for hackers.”
The Recall feature takes frequent screenshots of the user’s computer activities, including scanning text and images, and stores this information in a local database. This allows users to search for and retrieve information they have seen on their computer. Notably, Recall does not send any data to the cloud, maintaining the information solely on the device.
Recall, designed for the new class of Copilot+ PCs, offers users a high level of control and customization. Users can select which apps or websites are excluded from the screenshot process, ensuring that only the desired information is captured. This feature is expected to start shipping later this month, providing a balance between convenience and user privacy.
The modifications to the Recall feature are a direct response to the privacy and security concerns voiced by experts and early users.
Microsoft aims to mitigate the risks associated with storing extensive screenshot data by making the feature opt-in and requiring biometric login. Encryption of the stored data further enhances security, addressing fears that hackers could exploit the feature.
As Microsoft prepares to introduce the Recall feature, it is clear that the company is committed to striking a balance between the convenience of easily retrieving information and the necessity of maintaining user privacy and security. These changes, aimed at enhancing user control and data security, are a testament to Microsoft’s dedication to user trust and data protection.
The feedback-driven adjustments demonstrate Microsoft’s responsiveness to user concerns and commitment to protecting personal data. The tech community will be closely monitoring the rollout of the Recall feature and its reception among users of the new Copilot+ PCs.