Microsoft unveiled Copilot Plus PCs in May, introducing a new feature called Recall that raised concerns among privacy-conscious Windows users. Recall uses AI to capture and analyze screen snapshots for easy retrieval on a visual timeline. However, after facing criticism and security concerns, Microsoft is making significant adjustments to the feature before its full launch.
In response to the backlash and a report by cybersecurity researcher Kevin Beaumont, Microsoft announced updates to enhance user control and security when using Recall. The company is now improving the setup process for Copilot Plus PCs to clearly indicate whether users are opting in or out of Recall. Upon purchasing a Copilot Plus PC, users will encounter a new screen explaining the feature and seeking permission to save screen snapshots.
Furthermore, Microsoft is now mandating Windows Hello enrollment to activate Recall. Users will need to authenticate their presence through Windows Hello to access their timeline or utilize the search function in Recall. Additionally, Microsoft is implementing additional security measures for Recall, such as “just in time” decryption protected by Windows Hello Enhanced Sign-in Security (ESS). Snapshots will only be decrypted upon user authentication, and the search index database will be encrypted for added protection.
These changes aim to address privacy concerns and bolster security for users utilizing Recall on Copilot Plus PCs. Microsoft is taking proactive steps to ensure that users have more control over their data and that their sensitive information remains secure while utilizing this AI-powered feature.