Should I Be Concerned About Microsoft’s Recall Feature?

No.

That’s a sampling of some of the hysteria surrounding the new Recall feature announced by Microsoft. Recall is an AI-assisted feature that helps you find things on your computer, using natural-language searches. The kerfuffle is about one aspect of how it works: it will apparently capture periodic screenshots of what you are doing as you’re using your computer, saving those so you can search your own past activity. Hence the name: “Recall”.

It’s certainly brought out the Microsoft haters in droves.

Let’s look at what’s been said, who’s affected, and why this hysteria might be somewhat hypocritical.

Microsoft's Recall Feature

The hysteria over Microsoft’s Recall feature is unwarranted. It only affects users with Copilot+ PCs, is entirely opt-in, and can be removed. Windows already sees your data, so if you don’t trust Recall, perhaps you should question whether you trust Windows at all.

It’s not on your machine and likely won’t be

Recall only operates on Copilot+ PCs.

That’s a quote from a lengthy Microsoft write-up on what Recall is and how it operates: Update on Recall security and privacy architecture.

Unless you have a Copilot+ PC, Recall is a complete non-issue for you. You have nothing to worry about.

There may be software on your machine that references Recall, but that doesn’t mean you have it. It’s common to refer to features that aren’t present or aren’t enabled so as to streamline the software for when they are.

This is only an issue if you purchase a new Copilot+ PC.

It’s opt-in

From the same Microsoft blog:

Recall is an opt-in experience. During the set-up experience for Copilot+ PCs, users are given a clear option whether to opt-in to saving snapshots using Recall. If a user doesn’t proactively choose to turn it on, it will be off, and snapshots will not be taken or saved. Users can also remove Recall entirely by using the optional features settings in Windows.

Microsoft marketing stumbled when the feature was first announced and indicated it was always on. This is not the case. You have to agree to it before it’ll do anything. And you can uninstall it if you’re so inclined.

Unless you turn it on, Recall does nothing.

Recall’s security and privacy

The Microsoft post goes on to discuss many of the security and privacy steps Microsoft takes when Recall is turned on. This leads to even more restrictions on when it can be used.

The encryption keys are protected via the Trusted Platform Module (TPM), tied to a user’s Windows Hello Enhanced Sign-in Security identity, and can only be used by operations within a secure environment called a Virtualization-based Security Enclave (VBS Enclave1). This means that other users cannot access these keys and thus cannot decrypt this information.

Put another way, you’ll need:

• BitLocker (Windows 11 Pro) or Device Encryption (Windows 11 Home)
• TPM (Trusted Platform Module) 2.0
• Windows Hello
• Hyper-V (used by VBS Enclave)

But wait. If you don’t trust Microsoft…

This is going to sound snarkier than I mean it, but if you don’t trust Microsoft’s implementation of Recall, why are you running Windows?

I’m not saying you should trust blindly or that scrutiny isn’t called for, but there’s an odd dichotomy here:

• I don’t trust Microsoft with my data in Recall (or OneDrive)…
• But it’s the same data that Microsoft already has access to on my machine.

There’s nothing Microsoft can do in Recall or using OneDrive that they can’t already do by virtue of controlling Windows itself. They don’t need either Recall or OneDrive to “see” your data, since Windows “sees” it constantly as you use your PC.

Again, I’m not trying to be snarky here, but I want to point out that by using Windows, you’re already implicitly trusting Microsoft. Recall and/or OneDrive don’t add much more exposure to the mix.

Podcast audio

Download (right-click, Save-As) (Duration: 7:03 — 6.5MB)

Subscribe: RSS

Related Video