Microsoft is making changes to the controversial Recall feature in Windows 11 that automatically captures images of whatever happens to be on your screen. Instead of being turned on my default, the feature will require users to opt in when it goes live.
Recall first came to light in May as part of the Copilot+ suite of tools for Snapdragon X Series laptops. It takes and stores an image of your screen "every few seconds," the purpose being to make it easier (via the magic of AI) to find things you'd seen or been working on but have forgotten about: A funny tweet, a cool meme, or maybe that finance document you promised the boss you'd have finished yesterday.
Captured images are stored locally and aren't shared with other users or used for targeted advertising, but even so it struck me (and an awful lot of other people) as an obviously bad idea. It got even worse when it came to light that the system was really not all that secure: It was just days before researchers reportedly figured out how to bypass Windows' security to access the stored images.
In the wake of that, and widespread negative reaction to the idea in general, Microsoft has now partially reversed course. In an update posted today, vice president of Windows and devices Pavan Davuluri said users will be required to switch on Recall in order to use it, and doing so will require the use of the Windows Hello feature that enables sign-in via a PIN, fingerprint, or facial recognition. Additional security features aim to ensure Recall images are only accessible after authentication, and the search index database is also being encrypted.
Davuluri also reiterated the pre-existing privacy features of Recall, including that images are only stored locally and not shared, that an icon will provide a visual indicator when Recall is live, and that users will have full control over when Recall is running and what it's taking pictures of.
He emphasized that point in comments about how internal testers at Microsoft are very enthusiastic about Recall: "People are taking advantage of the controls to exclude apps they don’t want captured in snapshots, from communication apps or Teams calls, or to delete some or all their snapshots," Davuluri wrote. "This is why we built Recall with fine-grained controls to allow each person to customize the experience to their comfort level, ensuring your information is protected and that you are in control of when, what and how it is captured."
That's all well and good, but I don't think it addresses the number-one concern felt by a lot of Windows users: I don't want my PC taking pictures of what I'm doing.
For me it's a matter of principle more than anything else (most of what I do is actually very dull) but there are times when I'm dealing with sensitive material (for work purposes, not porn, you weirdos) and I don't need the headaches that a leak would entail.
And frankly, I don't care what your TOS says: If there's one thing we all should have learned by now, it's that online privacy is mostly just wishful thinking and good luck, and occasionally doing sensible things like, for one, not signing up for the digital panopticon. I don't care how you dress it up: There's no need to make corporate intrusion into our lives any easier than it already is.
If you do want to sign up for the digital panopticon for some reason, the "preview" release of Recall is set to ship on June 18. Note, however, that it will not work on standard PCs: Microsoft says Recall and other Copilot+ features "require powerful neural processing units (NPUs)—a specialized computer chip for AI-intensive processes—that are unique to the Copilot+ PC class of devices." In May, however, someone reportedly figured out how to get Recall working without an NPU, so maybe someday Microsoft will too.