Microsoft unveiled new artificial intelligence (AI) features with the introduction of the Copilot+ PC at last month’s Microsoft Surface and AI event. However, one feature, called Recall, received backlash from users after it was added to the preview for users to test the feature. Many users have expressed concern on social media about its privacy and lack of opt-in mechanism. Now, the tech giant has addressed the concerns by introducing three new security features so users can trust the AI-powered feature that allows visual tracking of user history.
Microsoft Recall is getting three new features
In a post on the Windows blog, the company acknowledged user criticism and highlighted the changes it made. The announcement said: “We heard a clear signal that we can make it easier for people to choose to enable revocation on their Copilot+ computers and improve privacy and security protections. With that in mind, we’re announcing updates that will take effect before Recall ( view ) ships to users on June 18.”
There are three changes in total. First, Revocation will be fully enabled. The feature setup process displays a screen where users can disable it. Furthermore, the feature will remain off by default, so the only way to turn it on is to proactively go through the setup process.
Next, Microsoft is integrating Windows Hello, a security feature that requires biometrics or a PIN code to allow a user to access a device, with revocation. Now, to enable the feature, users need to enable and set up Windows Hello. In addition, the tech giant said the device will require “proof of presence” to view the timeline and search in recall.
Finally, the Windows maker adds encryption to Recall to make it harder for bad actors to access data. The first layer of encryption comes from Windows Hello, and in addition, it also encrypts the search index database of Recall recordings so that hackers cannot access them.
What is the recall feature
Announced on May 20, Recall is a device-wide search history tracking function powered by artificial intelligence. It occasionally takes screenshots of the computer and can respond to user queries through computer vision. Users can ask the AI about a specific task done on a specific day or show the highlight of the day, and Recall will quickly be able to share the information.
Even at launch, Microsoft added some security features to make the invasive nature of the feature more user-friendly. Recordings made by Recall are stored locally and locked to each user account on the computer. Once the revocation is activated, users are also sent persistent notifications reminding them that the feature periodically takes screenshots. Users could also choose to disable the feature for certain apps.
Furthermore, Recall did not capture digital rights-managed content or InPrivate browsing, which is supported on some computers. Users also have control over the screenshots that are saved. The feature can be paused or filtered, and users can manually delete recordings. Additionally, the feature is also protected by Copilot+ chip-to-cloud computing security technology, a Microsoft Pluto security processor based on Zero Trust principles.
Despite these features, many netizens complained that the recordings were not encrypted and that the lack of mechanism to enable this feature was forced. Microsoft has now solved all those doubts.
