When Microsoft launched the AI tool Windows Recall earlier this year, they were hopeful about its reception.
The core idea behind Recall was to give users AI-based access to their prior activities on Windows PCs. The tool was designed to automatically capture screenshots every five seconds, analyze the content, and allow users to interact with it through natural language queries.
However, the rollout faced considerable pushback. Privacy and security advocates highlighted several crucial concerns:
- Recall would automatically activate after the initial setup, making it an opt-out feature rather than an opt-in one.
- The data and database lacked adequate security safeguards during operation.
In light of this criticism, Microsoft quickly decided to discontinue Recall and vowed to implement improvements. Recently, the company outlined the changes made to Recall in a new post on the Windows Experience blog.
Updates to Recall: Stronger Security and Privacy
Microsoft has addressed the issues in several ways. Firstly, Recall is now an opt-in feature. The company mentions that users will have the option to enable Recall during the initial setup process.
Users can also choose to activate it later if they wish. Moreover, those who prefer not to use Recall can uninstall it now, contrary to previous statements indicating that this would not be an option.
Secondly, the company is enhancing security by encrypting the Recall database and ensuring that critical Recall-related processes operate within a secure, isolated environment.
This added level of protection makes it harder for malware to access the data during use.
Additionally, Windows Hello is now required for specific actions within Recall. Microsoft states that prompts will appear when users try to change Recall’s settings or access its features.
There are also protections like rate-limiting and anti-hammering measures in place to reduce the potential for malware attacks.
Overview of Windows Recall: User Privacy Controls
The blog entry outlines various controls that users have regarding Recall; however, not all features are new.
Here’s a summary:
- Users can manage the disk space used by Recall and the length of time that activity data is stored.
- Options are available to delete data from specific time frames, clear all information tied to a certain app or website, or remove anything retrieved from searches.
- Private browsing data is never recorded in web browsers like Edge, Chrome, Firefox, Opera, and other Chromium-based platforms.
- Website activity can be disabled in Edge, Chrome, Firefox, and Opera.
- A system tray icon shows activity and offers quick access to Recall.
- Recall works with sensitive content filtering through Microsoft’s Purview information protection product.
Final Thoughts
The recent updates effectively tackle two major concerns: the opt-out nature of Recall and the inadequate security of user data.
While some aspects of its implementation during setup remain unclear, shifting to an opt-in feature reduces the likelihood of it functioning in the background without users’ knowledge.
Image Source: StockStudio Aerials / Shutterstock