New Microsoft Recall feature is a 'security nightmare' and could make Copilot+ PCs a top target for cyber criminals

Microsoft Recall feature screenshot showing user searching for previous conversations and content on a Copilot+ AI PC.
(Image credit: Microsoft)

Microsoft has stirred up privacy concerns in the tech industry after announcing its latest AI feature that will continually record users’ devices, including sensitive information.

On Monday 20 May, Microsoft announced its latest AI-enabled feature ‘Recall’ for Copilot+ PCs at its Build conference in Seattle. 

The feature, being exclusively rolled out to Copilot+ PCs, will capture encrypted screenshots locally on the device to enable users to search back through their activities.

One aspect of the new feature that has been a particular cause for concern in the tech community is that sensitive information including passwords, financial information, or private keys will not be hidden in the snapshots.

All of the data captured by Recall will be stored on the device’s local hard disk and encrypted, and Microsoft has said Recall screenshots will not be shared between users or with itself for advertising purposes.

In an interview with Business Insider, Satya Nadella, CEO at Microsoft, explained because the Recall feature takes place locally on the edge, user information will remain safe and only available on that device.

But this does not dispel worries around the information cyber criminals may be able to access if they are able to compromise Copilot+ PCs.

The announcement has drawn widespread criticism by those in the security and data protection community, including Kevin Beaumont, director of emerging threats at the Arcadia Group. 

In a blog post discussing the announcement, Beaumont described the move as essentially integrating an infostealer into the base Windows operating system (OS).

“Microsoft are inventing a new security nightmare using Copilot, which will undoubtedly lead to increased fraud for consumers and other woes for businesses.”

Concerns over Recall have already reached fever pitch, with the UK’s Information Commissioner’s Office (ICO) considering a probe into the feature. 

A spokesperson for the data watchdog told ITPro it had serious concerns about the new feature and confirmed it has contacted the tech giant over potential data protection risks. 

“We expect organizations to be transparent with users about how their data is being used and only process personal data to the extent that it is necessary to achieve a specific purpose,” the spokesperson said. 

“Industry must consider data protection from the outset and rigorously assess and mitigate risks to peoples' rights and freedoms before bringing products to market.

“We are making enquiries with Microsoft to understand the safeguards in place to protect user privacy.”

New Microsoft Recall feature is a cyber criminal's dream

Recall will use local AI models and onboard Copilot+ devices to process all of the captured data and make it searchable, even for images.

The search functionality will be semantic rather than keyword-based, which means it will return results based on the meaning of the query, rather than simply matching search terms with similar words that have appeared on your screen previously.

Microsoft said Recall will not be turned on by default, and users can limit which snapshots the feature will collect by specifying the applications or websites in which their activity should not be recorded.

It added content with digital rights management (DRM) will not be stored, nor will any activity conducted in Microsoft Edge’s InPrivate browsing sessions.


Whitepaper cover with top image of trees and blue screen from the ground looking up

(Image credit: Dell Technologies)

Meet your business and sustainability goals

Jake Moore, global cyber security advisor at enterprise security firm ESET, told ITPro the feature will give hackers new opportunities to target Windows users.

“Enabling a feature which has the ability to capture screen data not only offers even more data to the company behind the software but also opens up another avenue for criminals to attack,” Moore said. 

“Whilst this feature is not on by default, users should be mindful of allowing any content to be analyzed by AI algorithms for a better experience.

“Although it may produce better results, there is a balance that must be kept regarding functionality versus privacy and so users must remain aware of the potential risks should any sensitive data ever become compromised.”

Ultimately, Moore argued that the feature appears to create more problems than it solves, offering hackers a golden ticket for stealing sensitive information.

“Creating and storing more private data seems unnecessary when cyber criminals continually look for any given vulnerability to exploit.”

Solomon Klappholz
Staff Writer

Solomon Klappholz is a Staff Writer at ITPro. He has experience writing about the technologies that facilitate industrial manufacturing which led to him developing a particular interest in IT regulation, industrial infrastructure applications, and machine learning.