How Microsoft promises to keep Windows Recall data safe on Copilot+ PCs

Surface Laptop 7
(Image credit: Windows Central)

Since Microsoft announced Windows 11's big next-gen AI feature push, the internet has been up in arms over Windows Recall, the company's magnum opus AI experience that's exclusive to Copilot+ PCs launching this summer. While some responses have been sane, a large percentage of people have wasted no time spreading FUD (fear, uncertainty, and doubt) over this new feature without really understanding it.

In case you've been living under a rock: Windows Recall is a new feature that will take snapshots of your screen every few seconds and use on-device AI to analyze and triage that content. This allows you to semantically search for anything and everything you've ever done on your computer using natural language, and is arguably the next generation of search of Windows.

Unsurprisingly, this has led to many people calling Recall a spyware tool for Microsoft to watch everything we do on our computers, but the company is clear: It has no plans to upload the data recorded by Recall to the cloud. It's all handled locally on the device. With that said, there are still some security concerns to be aware of.

So, here's what is and isn't safe about Windows Recall.

Windows Recall data is encrypted on your device

Windows Recall is encrypted on your device, and its data is not shared across accounts. (Image credit: Microsoft)

First thing is first, the snapshots and strings of text that Windows Recall logs are safely encrypted on your PC using Device Encryption and Bitlocker. This means if your laptop is ever stolen, intruders can't access the contents of your storage without an encryption key, and they won't be able to gain access to any stored snapshots without being logged in to your account.

Additionally, Microsoft also says that Windows Recall does not integrate with other apps or services. The only time it does share a snapshot is when the user manually initiates the share button in Recall. When this happens, Recall will make a copy of the snapshot and place it in C:\Users\[username]\AppData\Local\Temp. Once the share is complete, Windows will delete the snapshot from that temp directory. 

While Windows Recall does have an API, this is only for developers to create a seamless experience, jumping from snapshot into a live app. It does not allow the app access to Recall's stored snapshots.

Windows Recall does not send your data to the cloud

Microsoft cannot see your snapshots as they don't get uploaded to the cloud. (Image credit: Microsoft)

This is arguably the most important point to hammer home: Windows Recall does not talk to the cloud. It does not send your data from your device to Microsoft servers. This includes snapshots, strings of text, and search queries. Microsoft cannot see anything that Windows Recall collects, and this is by design.

The entire Windows Recall experience is processed on device, which is partly why it requires a Copilot+ PC to function. Microsoft is offloading the resources required to process a feature like this onto the NPU, which is a secure chip that's powerful enough to handle the processing of snapshots using AI with little power draw.

This means Windows Recall works 100% offline, and you don't need an active internet connection to take advantage of it. It doesn't even require a Microsoft Account, and as a result is missing some quality of life features such as cross-device syncing. None of that is possible here, because Windows Recall does not upload your data anywhere.

Microsoft is not training any AI models on your data

Recall is an entirely offline experience. No internet required (after initial setup) (Image credit: Microsoft)

Microsoft said this on stage, but just to reiterate: Microsoft does not train its AI models on Windows Recall data. This is because, once again, Windows Recall does not upload your data to the cloud. Microsoft cannot see it, because it's encrypted on your device, and so it cannot train AI models on the snapshots that Recall has captured on your device.

This also means Windows Recall cannot be used to tailor ads and services in your favor, as the data Recall collects is only ever used by the Recall app.

Windows Recall is completely optional

You can configure pretty much all aspects of Recall. (Image credit: Microsoft)

If all of that doesn't settle your nerves, Windows Recall is a completely optional experience. You absolutely do not have to use it if you don't want to. On a Copilot+ PC, you will be prompted during the out of box setup experience to enable Windows Recall. 

If you choose not to, the Windows Recall feature will be rendered inoperable. It can't function because Windows Recall requires a large initial download before it can be used, as it's an entirely offline experience and does not rely on cloud services to function. Without this download, Windows Recall isn't able to run. 

Windows Recall cannot run "secretly" in the background

There is a visual indicator always on-screen when Recall is active. (Image credit: Microsoft)

One big conspiracy theory I've heard is that Microsoft will automatically enable Windows Recall in the background without the user knowing. This isn't possible, as Windows Recall places a permanent visual indicator in the Taskbar's system tray when it's enabled. 

Additionally, for Windows Recall to be automatically enabled, it would need to download that large initial patch to even function. This is all to say that Windows Recall won't be randomly enabled on your computer without your knowledge. There are visual indicators permanently in view when Recall is active. 

You can choose what Windows Recall even sees

You can filter out websites and apps, which works in the most popular browsers. (Image credit: Microsoft)

Windows Recall has built-in filtering options that allow users to control exactly what Windows can see and store. If you don't want Windows Recall to take snapshots of a particular app or website, you can filter those out with just a few clicks. If Recall happens to capture something you weren't expecting, you can immediately delete the snapshot directly within the Recall app.

You can even pause snapshots whenever you like, just by selecting the Windows Recall icon that's permanently present on the Taskbar. You can also choose how frequently Windows Recall deletes old snapshots, and limit the amount of storage it takes up on your PC. Windows Recall also cannot see DRM content, or any private browsing sessions in Edge, Chrome, Opera, and Firefox.

Malware may be able to read the data

The biggest concern with Windows Recall isn't that Microsoft might be uploading the data to the cloud (because it's not,) but rather malware that could be installed by the user. Malware could be developed to reach into Recall's application data to scrape text stored by the Recall app, which could pose as a security threat.

Access to Windows Recall's app data does require an administrator account with system-level access, but this is still something to be aware of. Microsoft needs to ensure the data collected by Windows Recall is only readable by the Recall app, which it hasn't yet done.

The good news is malware doesn't just magically appear on your computer. Malware is often installed by unknowing users who have downloaded the wrong thing, which is why it's important to run an up to date antivirus to ensure malware is caught before it can do any damage.

It's good to be skeptical

Microsoft is doing everything it can to assure users that Windows Recall is safe to use, but there are still some concerns. The biggest concern is malware that may be able to read Recall data, followed by an intruder gaining physical access to your device while you're logged in. If that happens, yeah, you're kinda screwed. Microsoft needs to ensure the data that is stored on your device is only readable by the Windows Recall app, and perhaps offer an option to guard access to the Recall app with Windows Hello unlock.

It's good to be skeptical of Microsoft and their claims, but much of the outrage around Recall is seriously unfounded. It will be very easy to prove if Recall does or doesn't upload personal data to Microsoft once we get access to Copilot+ PCs, so there is no point in Microsoft lying about it. 

And remember, Windows Recall is entirely optional. If you don't like it, don't use it. There's no way for the feature to be automatically enabled in the background without you noticing either. 

Zac Bowden
Senior Editor

Zac Bowden is a Senior Editor at Windows Central. Bringing you exclusive coverage into the world of Windows on PCs, tablets, phones, and more. Also an avid collector of rare Microsoft prototype devices! Keep in touch on Twitter and Threads

  • JamesDax3
    What a two faced article Zac. 'Recall is safe but don't trust MS.' smdh
    Reply
  • dharmababa
    I generally agree that there is a lot of FUD out there on Recall but curious how it can enable cross-device syncing without uploading anything to the cloud? We can argue and trust that it is stored in the cloud "privately" and not used to train, etc. but some relevant data has to get off the device for cross device scenarios.
    Reply
  • JamesDax3
    dharmababa said:
    I generally agree that there is a lot of FUD out there on Recall but curious how it can enable cross-device syncing without uploading anything to the cloud? We can argue and trust that it is stored in the cloud "privately" and not used to train, etc. but some relevant data has to get off the device for cross device scenarios.
    Across what devices? Your PC and ??
    Reply
  • Zac Bowden
    JamesDax3 said:
    What a two faced article Zac. 'Recall is safe but don't trust MS.' smdh
    The article does not say "don't trust MS," it highlights that it's good to be sceptical of big tech. This includes Apple and Google. But facts are facts: Windows Recall doesn't send personal data to the cloud.
    Reply
  • Zac Bowden
    dharmababa said:
    I generally agree that there is a lot of FUD out there on Recall but curious how it can enable cross-device syncing without uploading anything to the cloud? We can argue and trust that it is stored in the cloud "privately" and not used to train, etc. but some relevant data has to get off the device for cross device scenarios.

    Windows Recall does not have any cross-device support. No sync, as none of the data leaves your device.
    Reply
  • dharmababa
    Zac Bowden said:
    Windows Recall does not have any cross-device support. No sync, as none of the data leaves your device.
    Thanks Zac. I thought the article said it did but maybe I misread.
    Reply
  • dharmababa
    JamesDax3 said:
    Across what devices? Your PC and ??
    A lot of people have multiple PCs.
    Reply
  • whcrumb
    The most likely problems with this "feature" come from scammers, malware, others with physical access to your computer, and, for corporations, legal process. This article rebuts none of them.

    Scammers - like the India call centers who stole over $10 billion from US households in 2022 alone - trick the victim into installing remote access tools like Anydesk. Their criminal gains will only be bolstered by being able to turn on Recall, likely with a hack to hide its visual indicator, and then use AI search to find access paths to all available assets.

    Malware - Readers here are likely plenty familiar with Microsoft's bugs and the weekly patches to address them. Any exploit allowing root access will allow a hacker to turn on Recall, obfuscate its presence, and extract its data.

    Physical Access - Often the people who most want to spy on or obtain passwords from you can be people in your own household. Technical savvy may not be the same for all household members, meaning one person turns it on, and the target won't notice or understand the ramifications.

    Legal Process - Discovery: I'm not a lawyer, but I've been a corporate middle manager, and am all-too familiar with the periodic instructions from legal counsel about the requirement that all emails and other work records be archived for legal discovery, and the not infrequent times it is asked for (even for companies who are not particularly doing anything wrong.) Are all of these Recall snapshots now also fair game, and what implications might be drawn from them, fair or not?

    Extra-Legal Process: OK, you can award me my tinfoil hat for (just) this last one, but at least the US government can issue secret warrants for "national security" demanding information about targets who are never told about them. For example, the NSA serves these warrants on all the telcos to demand and receive the phone numbers called by essentially every American. I'd be surprised if mass-surveillance is on the initial Recall agenda but targeted surveillance certainly seems possible, even probable.

    In short, this article is a disservice to readers. While not all Recall users may experience harmful effects from it, it is near guaranteed that plenty will. Just look at all the problems from the past decade, and ask how is Microsoft going to be able to do any better now?
    Reply
  • sonicscooter
    Zac Bowden said:
    The article does not say "don't trust MS," it highlights that it's good to be sceptical of big tech. This includes Apple and Google. But facts are facts: Windows Recall doesn't send personal data to the cloud yet.
    FTFY ;)
    Reply
  • JamesDax3
    dharmababa said:
    A lot of people have multiple PCs.

    whcrumb said:
    The most likely problems with this "feature" come from scammers, malware, others with physical access to your computer, and, for corporations, legal process. This article rebuts none of them.

    Scammers - like the India call centers who stole over $10 billion from US households in 2022 alone - trick the victim into installing remote access tools like Anydesk. Their criminal gains will only be bolstered by being able to turn on Recall, likely with a hack to hide its visual indicator, and then use AI search to find access paths to all available assets.

    Malware - Readers here are likely plenty familiar with Microsoft's bugs and the weekly patches to address them. Any exploit allowing root access will allow a hacker to turn on Recall, obfuscate its presence, and extract its data.

    Physical Access - Often the people who most want to spy on or obtain passwords from you can be people in your own household. Technical savvy may not be the same for all household members, meaning one person turns it on, and the target won't notice or understand the ramifications.

    Legal Process - Discovery: I'm not a lawyer, but I've been a corporate middle manager, and am all-too familiar with the periodic instructions from legal counsel about the requirement that all emails and other work records be archived for legal discovery, and the not infrequent times it is asked for (even for companies who are not particularly doing anything wrong.) Are all of these Recall snapshots now also fair game, and what implications might be drawn from them, fair or not?

    Extra-Legal Process: OK, you can award me my tinfoil hat for (just) this last one, but at least the US government can issue secret warrants for "national security" demanding information about targets who are never told about them. For example, the NSA serves these warrants on all the telcos to demand and receive the phone numbers called by essentially every American. I'd be surprised if mass-surveillance is on the initial Recall agenda but targeted surveillance certainly seems possible, even probable.

    In short, this article is a disservice to readers. While not all Recall users may experience harmful effects from it, it is near guaranteed that plenty will. Just look at all the problems from the past decade, and ask how is Microsoft going to be able to do any better now?
    OH FOR GODS SAKE STFU. Your tin foil hat is on too tight.
    Reply