Geeklinko

Microsoft Recall Privacy Issues ( Explained )

January 3, 2025 | by Abhishek Tiwari

microsoft-recall.jpeg

The recent features of Microsoft Recall have drawn fire for privacy issues because of how they work, including constantly taking screenshots no matter what the user does on a PC with the feature enabled.

Here is a list of some of the privacy controls users have over Microsoft Recall, and what Microsoft has disclosed about privacy issues related to this feature.

1. What is Microsoft’s recall

With a new neural processing unit, the new Copilot + PC artificial intelligence initiative from Microsoft has a new feature: Microsoft Recall.

This add-on is available to any computer or laptop with new NPU-integrated CPUs with at least 40 TOPs.

Microsoft Recall saves frequent snapshots to a secure database, allowing users to search images and text that they’ve done on their computer, with a large language model that then processes this information.

2. Minimum sys requirement to use Microsoft recall

So can your PC run Microsoft recall features, here are the system requirements for Microsoft recall features,

  • 1. A Copilot+ PC that meets the Secured-core standard
  • 2. 40 TOPs NPU (neural processing unit)
  • 3. Minimum 16 GB RAM
  • 4. 8 logical processors
  • 5. 256 GB storage capacity

To run MicrosoftRecalll on a PC, you will need to meet the following minimum system requirements:

1. Ensure your PC is at least a Copilot+ PC with Secured-core support.

2. Make sure your device has an NPU (neural processing unit) that has at least 40 TOPs.

3. Your computer must have 16 GB RAM or more.

4. The device needs 8 or more logical processors.

5. At least 256 GB of storage is required.

6. For storage capacity, 50 GB is required for enabling Microsoft recall, and saving snapshots automatically pauses when the device has less than 25 GB of storage.

7. To run this feature, you’ll need to enable Device Encryption or BitLocker.

8. Lastly, you’ll need to enroll in Windows Hello Enhanced Sign-in Security with at least one biometric sign-in option.

3. Which control does user have over Microsoft recall

recall home screen screenshot

Microsoft Recall supports all major browsers in private browsing windows, where the Recall AI snapshots should not be taken to preserve user control over privacy.

here is a list of supported browsers,

  • 1. chrome
  • 2. safari
  • 3. edge
  • 4. opera

Microsoft Recall Feature is opt-out, so it’s turned off by default, and it stays that way unless you explicitly enable it when you set up Windows 11.

If you don’t turn it on, it can’t be reactivated. But even if you turn it off, you can’t permanently remove it from your PC, so even if you disable the feature it will remain on your computer.

1. Sensitive data in Recall is always encrypted and keys are protected

Microsoft claims that Microsoft Recall’s snapshot-taking and data-saving features use secure mechanisms and work entirely on the device. In other words, it utilizes device hardware to perform its functions and operate everyday tasks.

Microsoft Recall is designed in a way that its screenshots are saved to a cloud database in fully encrypted form, so nobody has access to them.

2. Recall services that operate on snapshots and associated data are isolated.

Recall operations all happen within an isolated enclave called VBS, meaning they’re separated from other main PC functions for better security. It also means that the information is only retrieved when users actively use the recall feature.

4. What privacy controls users have

1. In private browsing won’t record: If you use in-private mode in Microsoft Edge to check your bank account, this activity won’t be recorded by Recall.

2. uThe user has the option to exclude any site or app: You can set Recall to ignore all activities from the “SocialNetworkApp” or block snapshots from “www.example.com”.

3. users have control over how long snapshots get saved: You might decide that Recall should only keep snapshots for 30 days and allocate no more than 5GB of your hard drive to it.

4. Block sensitive data by default: Sensitive content filtering is on by default and helps prevent the storage of passwords, national ID numbers, and credit card numbers in Recall. Recall uses the same libraries that power Microsoft’s Purview information

5. protection product, which is deployed in enterprises globally  If you type your credit card number into an online form, Recall’s filtering system will ensure that number isn’t saved in snapshots, similar to how Microsoft’s Purview would protect sensitive data in a corporate environment.

6. have the option to delete specific time frame data: You accidentally captured a private conversation in a snapshot. You can go to Recall, search for that conversation, and delete all related entries or choose to delete all snapshots from the “ChatApp” for the last week.

7. instant pause and play feature: While working, you notice the Recall icon in your system tray blinking, indicating snapshots are being taken. If you’re about to enter sensitive information, you can right-click the icon and select “Pause Snapshot” to momentarily stop Recall from capturing data.

RELATED POSTS

View all

view all