Microsoft details Windows Recall security and privacy features
Microsoft has outlined plans to secure its controversial Windows Recall feature ahead of launch.
Microsoft unveiled Recall in May, pitching it as an “explorable timeline of your PC’s past.” When enabled, Recall will record all user actions on Copilot Plus PCs, taking “snapshots” of the screen at 5-second intervals. Users can then access a searchable timeline of everything they’ve interacted with on their device, whether that’s an application, website, document, image, or anything else.
Microsoft initially intended to release Recall in June as a flagship feature for its Copilot Plus PCs. Those plans were put on hold amid a data security and privacy backlash, as experts claimed it would create a treasure trove of data for hackers, with some comparing it keylogger malware.
Microsoft has since announced it would make Recall available to Windows Insider members in October.
On Friday, the company detailed some of the ways it will protect user data in a blog post spelling out its security architecture. As Microsoft previously stated, Recall is now opt-in, so Copilot Plus users must turn the feature on or it won’t be record their screen. Biometric authentication is also required via Windows Hello each time a user wants to turn Recall on.
Recall snapshots and related data are stored and encrypted on a user’s device, Microsoft said, and are protected by a “virtualization-based security enclave” (VBS Enclave).
“VBS Enclaves use the same hypervisor as Azure to segment the computer’s memory into a special protected area where information can be processed,” said David Weston, vice president for Enterprise and OS Security at Microsoft. “Using Zero Trust principles, code in these enclaves can use cryptographic attestation protocols to safeguard that the environment is secure before performing sensitive operations, such as snapshot processing.”
Microsoft will provide users with a range of privacy controls, said Weston. Users can delete recorded snapshots individually or in bulk over a specified period and select how long Recall content is retained, for example. Content filtering is on by default to help prevent Recall from taking screenshots of information such as credit card details and websites — health or finance-related sites, for instance.
“With the Recall controls, a user can store as much or as little as they would like and remain in control,” he said.
Microsoft didn’t specify a release date for Recall, and didn’t respond to a request for more information on the planned launch.