Microsoft Overhauls Controversial AI-Driven Recall Functionality Amid Privacy Concerns

Jun 08, 2024NewsroomArtificial Intelligence / Privacy

On Friday, Microsoft announced that it will deactivate its highly criticized artificial intelligence (AI)-driven Recall feature by default and make it an opt-in choice.

Recall, presently in beta and set to debut exclusively on Copilot+ PCs on June 18, 2024, operates as an “explorable visual timeline” by taking snapshots of what users see on their screens every five seconds, which are then examined and processed to display relevant information.

However, the function, envisioned as a form of AI-enhanced photographic memory, was met with immediate criticism from the security and privacy community, which condemned the company for not thoroughly thinking through and implementing sufficient protections to hinder malicious individuals from easily peeking into a user’s digital life.

The captured data could include snapshots of documents, emails, or messages containing confidential information that may have been deleted or shared temporarily using vanishing or self-destructing formats popular on instant messaging platforms.

WIRED’s Andy Greenberg referred to Recall as an “unrequested, pre-installed spyware built into new Windows computers.” Windows Central stated that Microsoft was “excessively secretive” about Windows Recall during its development and opted not to test it publicly.

In an attempt to address the growing wave of criticism, Microsoft emphasized that users have full control over the entire Recall process and that it launched the feature in beta to collect customer feedback.

Significant changes made to the feature include security enhancements and a new configuration process to activate it, allowing users the option to completely opt out of saving snapshots periodically through Recall.

The security upgrades also mandate users to register for Windows Hello biometric scanning to enable Recall, with user presence verification required to access the timeline and conduct searches.

In addition to encrypting the search index database (previously stored in an unencrypted SQLite database), the technology behemoth highlighted that Recall snapshots will only be decrypted and accessible post user authentication.

“Copilot+ PCs will debut with ‘just in time’ decryption safeguarded by Windows Hello Enhanced Sign-in Security (ESS), ensuring Recall snapshots are decrypted and accessible only upon user authentication,” stated Pavan Davuluri, Microsoft’s corporate vice president for Windows + Devices.

“This provides an additional layer of protection for Recall data in addition to other default security features in Windows like SmartScreen and Defender, leveraging advanced AI techniques to thwart malware from accessing data such as Recall.”

Redmond reiterated that Recall snapshots are stored and processed locally on the device and are not shared with other entities or applications. Users can also pause, filter, and delete saved data at any given moment.

For users on managed work devices within corporate environments, IT administrators have the authority to deactivate Recall, though they are unable to activate it themselves. Microsoft stressed that the decision lies entirely with the users.

“Once you reach your desktop, Recall will appear on the taskbar,” Davuluri stated. “An icon in the system tray will indicate when Windows is saving snapshots through Recall.”

“Speaking out has been effective,” noted security researcher Kevin Beaumont, a vocal opponent of Recall’s initial implementation. “The devil is in the details – potentially significant ones – but there are promising elements here. Microsoft must commit to not attempting to surreptitiously enable it in the future.”

“I believe that having the option to opt in on personal systems will prevent numerous security issues down the road. It should never have been automatically activated.”

Microsoft’s decision to reverse course comes in the midst of a series of security setbacks the company has encountered in recent years at the hands of nation-state actors from Russia and China, prompting a shift to prioritize security above all else as part of its Secure Future Initiative (SFI).

“When faced with a choice between security and another priority, the answer is evident: Prioritize security,” remarked Microsoft CEO Satya Nadella in a memo issued to his employees last month. “At times, this will entail giving precedence to security over other activities, such as releasing new features or providing ongoing support for legacy systems.”