The new Copilot Plus PCs will come with Microsoft’s Recall AI feature, which will be released for all Copilot Plus PC users. However, several users and security experts have highlighted this feature before its public launch. Why are security experts raising concerns about this feature? Is Microsoft’s Recall AI feature safe for users’ Privacy? We will discuss this in this article.
What is Microsoft’s Recall AI feature?
Recall AI is a new feature of Microsoft that will be available on all upcoming Copilot Plus PCs. This feature will capture snapshots of users’ activities and save them locally on their PC’s hard disk.
Initially, Microsoft was going to enable this feature by default. However, after security experts highlighted its loopholes, Microsoft announced that it will not remain enabled by default on Copilot Plus PCs.
Is Microsoft’s Recall AI feature safe for Privacy?
Security experts who tested this feature have expressed a security concern about privacy. According to security experts, the Recall AI can be a disaster for cybersecurity.
According to Microsoft, Recall AI will take screenshots of users’ activities on their computers and save them locally on the hard disk. Users can access these screenshots at any time and these screenshots will help them view all their previous activities. In order to make search for these snapshots easy, there will be a scrollable timeline. Recall will keep capturing snapshots every few seconds. However, the Recall feature will not work in private or incognito web browsing sessions.
Though this feature may sound good for some users because they can track their previous activities with the help of these snapshots, security concerns are also associated with this feature.
Kevin Beaumont, who worked with Microsoft in 2020 has discovered some potential security loopholes in this feature. The database files and screenshots are stored locally on the C drive inside the AppData folder. Therefore, any user who knows the administrator password can access this file by opening the AppData folder of that user.
Another security concern that arises is that Recall can also save snapshots of confidential information, say a user’s login credentials, including the username and password (if he has unhidden the password during typing). This loophole can also provide benefits to hackers if malware enters the user’s computer.
Recall saves the snapshots locally on the disk and is protected using data encryption technology, BitLocker. However, users with Windows 11 Home Edition do not have BitLocker for data encryption.
Changes that Microsoft will make to Recall AI
In response to the customers’ feedback, Microsoft announced that it will make the following changes to the Recall AI before its official launch:
- Initially, there was no option to disable the Recall AI during its setup. After users’ feedback, Microsoft said that it would make this an opt-in feature.
- In order to enhance security, users will require Windows Hello to enable Recall AI.
- Microsoft will also add additional layers of protection for users’ data safety. Now, the Recall snapshots will only be accessed and decrypted when the user authenticates them.
The UK Information Commissioner’s Office and the security experts have also criticized this feature. However, Microsoft said that Recall AI will be an optional feature on all Copilot Plus PCs. Recall AI features can also be the greatest privacy concern for users who are not tech-friendly.
That’s it.
How do I disable Microsoft Recall?
The Recall feature can be accessed through Windows 11 Settings. To disable Recall, open Windows 11 Settings and Privacy & security > Recall & snapshots. Here, you will see an option to turn off the Save Snapshots feature.
What does Windows Recall do?
Windows Recall is a new feature that will be available on Copilot Plus PCs. It will silently take screenshots of your activity every few seconds and save all these screenshots locally on your hard disk.
Read next: How to Exclude an App or Website from Recall Snapshot in Windows 11.
