Microsoft has announced changes to its controversial Recall feature included in its new range of AI PCs after criticism over security and privacy issues.
Recall, one of the company’s features in Copilot+, regularly captured screenshots of users’ activity.
The feature was described by Microsoft’s executive vice president Yusuf Medhi as giving a computer photographic memory.
Medhi said it uses AI “to make it possible to access virtually anything you have ever seen on your PC”.
However, the AI-powered memory feature created a backlash by security professionals who felt it would give hackers a vast insight into a user’s behaviour.
The tech giant said on Friday (7 June) that it would be overhauling the feature and would allow users to opt-in instead of offering the feature by default.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataMicrosoft said the feature would be fitted with new security measures including better data encryption and tougher authentication access.
“We have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards,” said Pavan Davuluri, corporate vice president of Windows and devices, on Friday.
Douglas McKee, executive director of threat research at cybersecurity company SonicWall said the Recall feature is a reminder of how the advancement of AI can provide great convenience at the potential cost of security.
“While many privacy concerns are expressed with Microsoft Recall, the real threat is the potential usage attackers will gain out of this feature,” McKee said.
“While the Recall database, which contains 3 months of screenshots of every user action by default, is encrypted, the user will have access to it and, therefore, an attacker of a compromised system,” McKee added.
“This means if anything confidential, such as banking information, passwords, trade secrets, and medical records, is put on the screen, an attacker could see it,” he said.
Microsoft has confirmed that the feature will be updated before the release of its Copilot+ PCs on 18 June.