Skip to content

Microsoft caves to public pressure; Disables Recall by default

  • by
  • 3 min read

After facing heavy scrutiny on the privacy implications of its recently announced Recall feature, which enables users to go back and search for specific actions on their PC, Microsoft has announced that the feature will be disabled by default, requiring users to “proactively choose to turn it on” when setting up their Copilot+ PCs.

In addition to giving users a clear choice to opt into Recall, Microsoft now also requires Windows Hello enrollment to enable the feature. Users must provide proof of presence to view their timeline and search in Recall. Windows Hello Enhanced Sign-in Security (ESS) will also encrypt Saved Recall snapshots. This means that Recall snapshots can only be accessed upon authentication from the user. Last but not least, the search index database has also been encrypted.

Recall is part of a new lineup of PCs called “Copilot+ PCs” that Redmond is launching with Windows 11 reworked to perform better on ARM architecture. These new PCs feature Qualcomm’s Snapdragon X Plus or Elite SoCs, which promise massive performance and efficiency improvements.

Recall is one of the biggest features of the new Copilot + PC lineup. | Source: Microsoft

Another major marketing point of this new PC lineup is its ability to run AI models locally and efficiently, allowing for a slew of AI-based features, including Recall. Microsoft had made some bold claims about Recall’s security measures, claiming that an attacker would need physical access and access credentials to a machine to extract the data collected by Recall.

However, security researchers debunked these claims after showing that extracting data from Recall wasn’t that hard, after all, only requiring slight modifications to pre-existing info stealers. Recall data was also found to be accessible via other user accounts on the same PC and exposed to remote access—contrary to Microsoft’s claims.

To further reassure users of Recall’s added privacy protections, Redmond also added that Recall snapshots are saved locally on users’ PCs, aren’t used to train any AI models present on the device, aren’t shared with Microsoft or any other companies/applications, and the user will be informed every time a Recall snapshot is saved. Digital rights-managed or incognito-growing snapshots won’t be saved, and users can pause, filter, and delete what’s saved at any time.

In the News: UNC5537 targets Snowflake customer databases in extensive data theft

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: