Microsoft is modifying its upcoming Recall feature following the recent backlash, but will these changes be enough to blunt the harsh criticism of this new feature?
Recall takes frequent screenshots of a user’s activity, allowing them to search for information seen on their computer. This data is stored locally and not sent to the cloud. Users can choose which apps or websites are excluded from screenshots. Cybersecurity commentators, including on our own show Cyber Security Today have lambasted Recall as a “security disaster.”
Microsoft has apparently heard some of this criticism and proposed changes or clarifications.
Initially set to be on by default, Recall will now be opt-in and require biometric login, such as fingerprint or facial recognition. The company will also encrypt the database containing screenshots.
Microsoft is proposing these changes to address some of the critics:
- Recall will no longer be enabled by default.
- Users must log in using biometrics.
- Screenshot data will be encrypted for security.
Security and privacy experts criticized the feature for potentially creating a vulnerability that could expose private information to hackers. Signal President Meredith Whittaker described it as a “serious hijacking of trust.”\
Recall is exclusive to the new Copilot+ PCs, set to ship later this month.