“Microsoft’s Recent Windows 11 Recall Raises Privacy Concerns

Microsoft's unveiling of the new AI-driven Windows 11 Recall feature has stirred significant apprehension, as it is perceived to introduce substantial privacy vulnerabilities and a potential avenue for threat actors to exploit for data theft. Unveiled at a recent AI event on Monday, the feature aims to facilitate the retrieval of previously viewed information through a straightforward search function.

Currently exclusive to Copilot+ PCs equipped with Snapdragon X ARM processors, Microsoft has indicated plans to collaborate with Intel and AMD to develop compatible CPUs for broader accessibility of the Windows 11 Recall feature. The Recall feature operates by capturing screenshots of the active window at regular intervals, documenting user activity within Windows for a default period of up to three months.

These snapshots are then processed by the on-device Neural Processing Unit (NPU) and an AI model to extract information from the screenshots. The extracted data is stored in a semantic index, enabling Windows users to navigate through their snapshot history or conduct searches using natural language queries.

Microsoft assures that all data collected through the Recall feature is encrypted using BitLocker and linked to the user's Windows account, ensuring that it remains inaccessible to other users on the same device. However, despite the intriguing functionality of the feature, it has sparked immediate concerns regarding potential privacy implications and speculation about Microsoft's intentions with the amassed data.

Microsoft has emphasized that the Recall feature is structured in a way that ensures all data is stored directly on the user's device in an encrypted format. This design grants users full control over the feature, enabling them to manage its activation and specify the applications from which screenshots can be taken.

During a press event on Monday, Yusuf Mehdi, Corporate Vice President & Consumer Chief Marketing Officer at Microsoft, stated that the Recall feature will not generate screenshots of Microsoft Edge's InPrivate windows (and other Chromium-based browsers) or content safeguarded by DRM. However, Microsoft has not yet confirmed whether private modes in other browsers, such as Firefox, will be supported. Mehdi emphasized that Microsoft is adopting a cautious approach with Recall.

Mehdi affirmed, "We're committed to maintaining the privacy and security of your Recall index by keeping it private, local, and secure solely on your device. We will not utilize this information for training AI models, and we empower you with full control, allowing you to edit and delete any captured data as desired."

Microsoft has reiterated to BleepingComputer that data generated by the Recall feature will exclusively remain local and will not be stored in the cloud. The company has emphasized that "data is not accessed by Microsoft." Additionally, Microsoft has begun sharing technical specifics, including group policies that can be implemented to deactivate Recall across an organization and instructions for end users to disable the feature individually.

Despite Microsoft's assurances, the cybersecurity community and customers remain skeptical, as evidenced by the negative response to a tweet from our platform regarding the Recall feature, which garnered over 90 critical comments.

Cybersecurity experts, researchers, and analysts express concerns about the Recall feature primarily due to the historical exploitation of user data by large companies for profit. This track record makes it challenging for users to trust Microsoft's assurance that they will not access Recall data.