Windows Recall: Enhanced Security& Privacy ahead of October Launch

As Windows 11 24H2 gets ready to release, Microsoft has announced major security and privacy upgrades to its (yet to be released) Windows Recall feature which was the flagship new AI powered feature announced on the back of the Copilot Plus PC announcements back in May.

Recall, which was initially met with scepticism and concerns around security and privacy, has now be significantly updated with stronger and more granular protections for privacy, encryption and identity access to make it ready for its “delayed” release next month.

What is Recall?

Recall takes screenshots of active windows on your PC every few seconds, analyses them on-device using a Neural Processing Unit (NPU) and an AI model, and adds the information to an SQLite database. You can later search for this data using natural language to prompt Windows Recall to retrieve relevant screenshots.

I covered Recall in more detail in an earlier blog

Responding to Customer Feedback


Microsoft’s decision to enhance Windows Recall comes after considerable feedback from customers and privacy advocates. The company initially delayed the public release of Recall, opting to make it available for preview with Windows Insiders. This cautious approach allowed Microsoft to refine the feature based on real-world usage and analysis of how it was used whilst they review ways to address the concerns and enhance security and privacy controls.

Putting Users in control of Recall

One of the most significant changes is that Windows Recall is now strictly opt-in. Users must proactively activate the feature, ensuring that no screenshots are taken or saved without explicit consent. This addresses a major concern about privacy and data security. Additionally, users can remove Recall entirely through the optional features settings in Windows, providing total control over its usage.

Advanced Security and Privacy Measures

Windows Recall now includes several advanced security measures designed to protect sensitive information after feedback, development and testing since it was announced in May this year.

Firstly – Recall is an optional feature and can also be removed entirely from the Windows Installation. If a user doesn’t proactively choose to turn it on, recall is off by default, meaning snapshots will not be taken or saved.

If Recall is enabled, all snapshots and associated data are encrypted, with encryption keys protected by the device’s Trusted Platform Module (TPM). This module is tied to the user’s Windows Hello login information and biometric identity, ensuring that no data leaves the computer without the user’s explicit request. Recall snapshots are also only accessible after users authenticate using Windows Hello credentials. This enhanced sign-in security ensures privacy and actively authenticates users before allowing access to their data

Recall also comes with a sensitive information filter designed to protect confidential data, like passwords, credit card numbers, and personal identification details, by automatically applying filters over this content. This uses AI and pattern matching to look for such information adding another level of privacy protection.

Additionally, Recall includes malware protection features like rate-limiting and anti-hammering measures, which prevent unauthorized access attempts.

Recall: Four Principles of Operation

Microsoft has redesigned Recall to function on four core principles:

  1. User control
  2. Encryption of sensitive data
  3. Isolation of services, and
  4. Intentional use.

Recall is always opt-in. Snapshots are not saved unless you choose to use Recall, and everything is stored locally……Recall does not share snapshots or data with Microsoft or third parties, nor between different Windows users on the same device. Windows will ask for permission before saving any snapshots.

David Weston – VP Enterprise and OS Security, Microsoft.

These principles will ensure that users can keep complete control over their data, with the ability to remove snapshots, pause them, or turn them off at any time. Any future choice to share data will need fully informed and explicit action by the user.

    Image (c) Microsoft.

    Conclusion

    In short, the enhanced Windows Recall feature represents a significant step forward in balancing functionality with security and privacy which show Microsoft are licensing to their users and take privacy and security seriously. By addressing key concerns and implementing robust protections, I believe Microsoft has demonstrated its commitment to user trust and data security. As Recall rolls out to Insiders with Copilot+ PCs in October, it will be interesting to see how these enhancements are received and what further innovations Microsoft will bring to the table. What do you think? Will you be trying this out or uninstalling it?

    When will Windows Recall be released?

    Microsoft announced last month that Recall will start rolling out to Insiders with Copilot+ PCs in October as part of the 24H2 release of Windows 11.