Microsoft’s controversial Recall feature is officially out of beta and is now available to Windows 11 Copilot+ users. After a lengthy delay due to security concerns, the feature is part of the latest update to Windows 11 today. While the idea behind Recall is to help users retrieve lost folders, emails, or browser tabs, its introduction has raised privacy and security alarms. Microsoft has taken steps to address these issues, and the feature is now set to provide users a secure and private experience.
What’s Happening & Why This Matters
Recall is designed to simplify the user experience by allowing Windows 11 users to recover closed or misplaced items, such as browser tabs and emails. However, when it was first introduced, many feared that the feature resembled spyware due to its ability to capture screenshots of user activity on the PC. This raised concerns about potential hackers, malware, and government agencies’ potential misuse.
After hearing from Windows Insiders, Microsoft delayed the Recall feature to focus on building safeguards to protect users’ privacy and security. The company has now implemented multiple layers of protection to ensure data security and prevent misuse. The feature is exclusive to Copilot+ Windows 11 PCs and requires users to opt in to use it.
One of the primary concerns was the potential for malicious actors to enable Recall on a device secretly. To address this, Microsoft added an uninstall option to remove Recall from the system easily. Furthermore, users must prove their identity using Windows Hello, which requires a fingerprint or facial scan, to activate Recall for the first time.
In a statement, David Weston, Microsoft’s VP of Security, emphasized that Recall is designed to be the “most secure experience in Windows.” The added biometric security ensures that only authorized users can enable and use Recall. Additionally, Recall’s encryption capabilities ensure that all data remains on the user’s PC and is never sent to Microsoft, significantly enhancing privacy.
Another safeguard is the Trusted Platform Module (TPM) chip, which stores encryption keys and screenshot data separately from the rest of the system. This means the encrypted data remains secure even if a user’s PC is infected with malware.
Despite these security measures, concerns persist. Security researcher Kevin Beaumont criticized the feature for data capture issues, including instances where Recall took screenshots of sensitive information, like credit card numbers and encrypted messages. He also pointed out that users can access Recall using just N after the initial biometric setup, bypassing the biometric verification.
Microsoft has responded to these concerns by introducing application filters that lock sensitive data, such as Social Security numbers, from being captured in screenshots. These filters are continuously updated to improve their accuracy. While these safeguards provide peace of mind, experts like Beaumont still warn that Recall may not be suitable for high-risk users, such as journalists or individuals concerned about surveillance.
The Recall feature is being rolled out gradually, starting with the April 2025 Windows nonsecurity preview update. Microsoft plans to release it to all Copilot+ Windows 11 PCs through a controlled feature rollout over the coming months.
TF Summary: What’s Next
As Microsoft launches Recall, users must weigh the security measures against the potential risks of using the feature. With strong encryption, biometric activation, and data privacy safeguards in place, Recall is designed to offer a safer user experience. However, opting out might be the best course for those concerned about privacy and security, especially in high-risk environments.
The rollout continues, and it will be interesting to see how Recall evolves and whether future updates can address lingering concerns about its reliability in filtering sensitive information and its accessibility through less secure methods.
— Text-to-Speech (TTS) provided by gspeech