'One of the most secure experiences we have ever built' -- Microsoft overhauls controversial Recall feature with enhanced privacy and security controls

It’s fair to say Microsoft’s Recall feature for Copilot+ PCs proved to be incredibly divisive when the company announced it earlier this year. The tool is designed to retrieve and summarize relevant information from your past interactions, documents, and apps, providing quick context and insights.

Recall works by taking “snapshots” of your screen at regular intervals and storing them either locally on your device or synced through Microsoft 365. Users can search these snapshots using natural language to locate specific content, such as images or text they've viewed on their PC. While some users praise the feature's convenience, others have raised concerns about privacy and data security due to the extensive integration required for Recall to function effectively. Companies concerned with safeguarding sensitive data are understandably the most wary.

Recognizing its less than stellar reputation regarding user privacy, Microsoft announced significant changes to Recall for business use at its Ignite 2024 conference.

Pavan Davuluri, Corporate Vice President of Windows and Devices, addressed these concerns directly, saying: “We heard your feedback on needing a secure and controllable experience for using Recall in your organizations, and it will be.”

To address those privacy and security worries, Recall will now be disabled by default. IT administrators will have the ability to enable the feature through updated policies, allowing employees to opt in. The revamped version will also include security enhancements, such as additional layers of data encryption and Windows Hello protection, which Microsoft claims make it "one of the most secure experiences we have ever built."

As you can see from the Settings for Recall in the screenshot above, users have privacy controls to filter sensitive information from snapshots, such as passwords and credit card details. It also allows users to add or remove specific apps and websites from being included in snapshots, ensuring greater control over what data is captured. Additional options include enabling or disabling Recall and accessing privacy resources for detailed guidance.

“Our goal is to ensure that your employee and organization data is protected from the beginning," said Davuluri, "and we look forward to hearing your feedback on this new experience."