Summary

  • Microsoft relaunches Recall, promises improved security. Insider tests start in October.
  • Recall will prompt the user to enable it, will require Windows Hello, and will encrypt data.
  • The periodic screenshots are stored locally, there is no cloud upload, and you can delete snapshots.

Remember Microsoft Recall? If it skipped your memory, it was a new feature scheduled to release alongside Copilot+ that claimed it could help remember how you use your PC and allow you to ask Copilot about past documents, websites, and even chats that you had opened days prior. As much as Microsoft stated that it wasn't going to pry into your usage data, a security expert discovered that Recall was saving its logs in plain text and that its inclusion "set cybersecurity back a decade."

As such, Microsoft pulled Recall from the original Copilot+ lineup, but stated that it would make a return in a future update. And then, Microsoft went silent on the matter until today. Now, the company has announced that it is ready to begin rolling out a "trustworthy and secure Recall" to Insiders.

Microsoft reveals the re-launch of its controversial Recall feature

Microsoft takes the stage on the Windows Experience blog to really break down what it wants to achieve here. It states that you'll be able to see the improved Recall on the Insider branch sometime in October, alongside another blog post that will go into full detail on how Recall works.

As you'd expect, the company has made a return with a huge focus on making Recall as secure as possible. It also puts a huge emphasis on how it's considering user feedback.

Microsoft breaks down user feedback response over Recall

Copilot Recall (6)

First, the company covers ways it listened to users when the feature was first announced. A lot of people were worried because Recall would be enabled by default, but Microsoft states that there will now be a prompt that asks if you want to enable Recall once the update is installed. If you say no, it stays off.

Next, the company states that the user needs to set up Windows Hello to use Recall. Windows Hello is an additional layer of security that lets users use biometric logins, so Microsoft is really working hard to ensure that only you gain access to your own Recall data.

Finally, Microsoft states it's encrypting both the Recall snapshots and its usage logs. Honestly, this should have been Microsoft's focus from the very beginning, but it's good the company delayed Recall to get it put in instead of releasing it as-is.

Microsoft goes over how Recall's snapshots will work

Copilot Recall (4)

When Recall first hit the scene, and before any of the privacy issues came to light, consumers were mostly concerned about how Recall performs its job. Recall takes periodic screenshots of what you see on your screen, then uses OCR to read any text it can find. It then stores its findings in a database that it can use as a "digital memory" of what you were doing at the time.

Microsoft stated that Recall's snapshots obey the following rules:

  • The snapshots are stored on the PC and not uploaded to the cloud.
  • Microsoft will not receive the snapshots.
  • Recall will let you know when it's taking a snapshot via a system tray icon.
  • Any apps with digital rights management or InPrivate browsing will not show up in a snapshot.
  • You can stop Recall from taking pictures at any time.
  • You can also search through snapshots and delete any that you don't want saved.
  • IT admins in a company setting can tell all PCs to stop using Recall. However, they cannot tell your PCs to begin taking snapshots without your permission. You need to give it that permission yourself.

Whether or not this will be enough to regain people's confidence in Recall is yet to be seen. Plus, its security really needs to undergo proper checking by experts before we can believe Microsoft's claims that Recall is now safe for use. Until then, we can only speculate.