Microsoft says AI feature that captures screenshots on new PCs will be off by default after backlash

Microsoft will disable an AI feature on new PCs that captures screenshots and searches user activity by default due to security concerns about data access by attackers.

The Recall feature was one of the main features Microsoft demonstrated during a press briefing last month for upcoming Copilot+ PCs with AI computing power.

“If you don’t proactively choose to turn it on, it will be off by default,” Pavan Davuluri, Microsoft’s head of Windows and Surface devices, wrote in a blog post on Friday.

Microsoft has recently attempted to balance competing interests as it moves to incorporate new generative AI tools into its products and remain competitive. While the market is rapidly evolving, user privacy and security are under close scrutiny. A US government review board recently criticized Microsoft’s response to China’s breach of US government officials’ email accounts.

Microsoft has already integrated the Copilot conversational chatbot into Windows in a way that is similar to OpenAI’s popular ChatGPT. Both ChatGPT and Copilot rely on cloud servers to perform computations and return results to PCs. Recall differs in that it stores data on users’ computers rather than accessing additional computing power via the internet.

Satya Nadella, CEO of Microsoft, directed employees to prioritize security and announced changes to the company’s security practices in response to the US government report.

After Microsoft announced Recall, which can search through a log of previous PC actions, industry experts raised concerns about hackers gaining access to users’ information.

Total Recall, a software developed by security practitioners, displays data collected by Recall.

“Windows Recall stores everything locally in an unencrypted SQLite database, and the screenshots are simply saved in a folder on your PC,” they wrote in a Total Recall GitHub page description. They expressed concern about attackers creating tools that can look for usernames and passwords in Recall screenshots.

When Copilot+ PCs become available on June 18, Microsoft will add security features to Recall and require people to manually turn it on. The search index database will be encrypted, Microsoft stated.

“Windows Hello enrollment is required to enable Recall,” Davuluri explained. “In addition, proof of presence is also required to view your timeline and search in Recall.”

Windows Hello allows users to prove their identity by entering a PIN number, showing their face to the PC camera, or providing a fingerprint.

“I think overall having a choice around opting in on home systems will save a lot of people security problems further down the line,” Kevin Beaumont, a former Microsoft cybersecurity analyst who criticized the original implementation of Recall, said in a Friday post on X. “It never should have been enabled by default.”