Windows Recall is an AI-based feature that will be built into new Copilot+ PCs. Recall takes snapshots of your screen every few seconds and uses that data to make a searchable index of everything youve ever done on your PC. But, since that first controversial announcement earlier this year, Microsoft has delayed Recall and made some changes.In late November 2024, Recall became available in a preview form for Windows Insiders running the right hardware. Now its out in the wild.So is there cause for concern about Recall and your privacy or the privacy of data connected to your company? Ive gotten a lot of questions about that from readers. Lets dig in so you can understand exactly whats going on and what decisions youll have to make, whether youre thinking about your work laptop, a home PC, or a fleet of business computers.But first, the good news: Windows Recall is only available on those new Copilot+ PCs. It wont arrive on your current Windows 11 or Windows 10 PC with an update. You wont even have to think about Recall until you buy a new PC branded a Copilot+ PC.Want expert insights on whats actually going on in Windows? Sign up for my free Windows Intelligence newsletter three things to try every Friday. Plus, get free Windows Field Guides as a bonus when you sign up!What is Recall on Windows?Recall will be built into Windows 11 moving forward. And, again: It will only be available on new PCs Microsoft has certified as Copilot+ PCs.These PCs have neural processing units (NPUs) capable of at least 40 trillion operations per second (TOPS.) This hardware is designed to accelerate local AI tasks in other words, AI tasks performed on your PC without any online servers involved in a way that doesnt drain a lot of battery power.If you do have a Copilot+ PC, Recall is an optional feature that can capture snapshots of your screen every five seconds. (It wont capture audio or video just pictures of whats on your screen.) You will then be able to search those snapshots using plain-language search. For example, you could say: Show me that PowerPoint presentation I was looking at three weeks ago, the one with the green bar chart or What was that message Dave sent me about the quarterly budget two months ago? These searches all happen entirely on your device, and theyll even work offline. Microsofts servers arent involved.Its a more plain-language way of your computer remembering what you were doing and allowing you to dig through it its clear how this type of feature could boost productivity for anyone who works on their PC and anyone using it for other tasks, from online shopping to vacation planning to chatting with friends.Macs have something similar with Rewind, which also captures your computer activity and lets you search it. But Rewind is a third-party tool, not something built into macOS by Apple. srcset="https://b2b-contenthub.com/wp-content/uploads/2024/05/1-Microsoft-Windows-Recall-privacy-Search.png?quality=50&strip=all 2272w, https://b2b-contenthub.com/wp-content/uploads/2024/05/1-Microsoft-Windows-Recall-privacy-Search.png?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2024/05/1-Microsoft-Windows-Recall-privacy-Search.png?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2024/05/1-Microsoft-Windows-Recall-privacy-Search.png?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2024/05/1-Microsoft-Windows-Recall-privacy-Search.png?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2024/05/1-Microsoft-Windows-Recall-privacy-Search.png?resize=2048%2C1152&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2024/05/1-Microsoft-Windows-Recall-privacy-Search.png?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2024/05/1-Microsoft-Windows-Recall-privacy-Search.png?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2024/05/1-Microsoft-Windows-Recall-privacy-Search.png?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2024/05/1-Microsoft-Windows-Recall-privacy-Search.png?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2024/05/1-Microsoft-Windows-Recall-privacy-Search.png?resize=444%2C250&quality=50&strip=all 444w" width="1024" height="576" sizes="(max-width: 1024px) 100vw, 1024px">Windows Recall doesnt just take screenshots it uses AI models to analyze the contents so you can search for them in plain language.MicrosoftWhats changed since the original announcement?Since the original announcement of Recall in May, Microsoft has repeatedly delayed it and announced changes to boost privacy and security and make the feature more trustworthy. Here, specifically, is whats evolved:Recall will be off by default unless you choose to turn it on during the Windows setup process.Recall will filter out sensitive information like password, credit card details, and social security numbers by default.Recall requires you use Windows Hello authentication before you can access your snapshots.Recalls data is securely encrypted in a VBS Enclave, which means other users and applications cant access it. The key is only released when you authenticate with Windows Hello.Recall will be disabled by default on managed business PCs. Businesses will have to choose to enable it. If they dont, their employees wont be able to activate it.Recall will be tested with Windows Insiders before it arrives on stable Copilot+ PCs. (Testing began in late November 2024.)These changes were detailed by Microsoft in a blog post in June 2024 as well as an update on Recalls architecture released in September 2024.Overall, its a reasonable selection of changes that addresses many of the criticisms people had with the way Recall was originally implemented. Its also led to a slower release with more testing it doesnt feel like a frantic launch thats catching people off guard, like the original announcement did.Is Microsoft sneaking Recall onto my PC with an update?No. I cant state this emphatically enough: Recall will not arrive on your current Windows 11 or Windows 10 PC. As Microsoft puts it, this feature is exclusive to those new Copilot+ PCs. It wont suddenly arrive on any of your existing PCs via a Windows Update or any other mechanism.As of November 2024, Copilot+ PCs are laptops with Qualcomm Snapdragon X Elite or Snapdragon X Plus processors, Intel Core Ultra (Series 2) Lunar Lake processors, or AMD Ryzen AI 300 series processors.Do I have to use Recall?Recall is completely optional. When youre signing into a new Copilot+ PC for the first time, Microsoft says youll be informed about Recall and allowed to decide. You can choose not to use Recall at that time, in which case it wont do anything or collect any sort of data.If you do enable it, youll see a Recall icon pinned to your taskbar by default, and Recall will have a system tray icon while its running. Its very visible it doesnt just run silently in the background. After all, Microsoft wants you to use Recall to find things.Microsoft says you can use the system tray icon or the options at Settings > Privacy & security > Recall & snapshots to pause Recall at any time. You can turn it on or off, delete existing snapshots, and choose to filter specific apps and websites so Recall doesnt capture them. Recall also wont capture any activity in private browsing windows in browsers like Chrome, Edge, and Firefox.The Settings app provides a lot of options for controlling Recalls snapshots and deleting them.MicrosoftHow can businesses control Recall?Microsoft says Recall will be disabled by default on managed business PCs. Organizations wont have to do anything to disable Recall on their devices. In fact, theyll have to go out of their way to activate it if they want their employees to have access.Businesses that do want to activate Recall can use either group policy or MDM (mobile device management) policy. Microsoft has a guide to controlling Recall for IT administrators.Where are the Recall snapshots stored?Recall stores all the snapshots and other data on your PC. When you perform a search, Recall does the search on your PC. Microsoft says your data is never uploaded to a Microsoft server. It all happens completely locally, without the computer ever phoning home.In a way, this makes Recall a little less useful if you use multiple PCs, your Recall activity wont sync between them. If youre looking for something, youll need to search Recall on the PC you originally saw it on. But that may be a good thing when it comes to privacy considerations, particularly from an enterprise perspective.The Recall data is also stored in an encrypted manner thats specific to each individual user account on a device.You wont be able to access Recall to see any of that activity from that device without first authenticating with Windows Hello authentication. Youll need your face, fingerprint, or PIN to activate it, so people sitting down in front of your PC wont just be able to see your Recall data; its encrypted with a key thats only released to make it accessible when that authentication happens.Is Microsoft taking my Recall data?Microsoft says that the Recall data will be stored only on your PC and never processed by its servers. Since Microsoft isnt so much as ever seeing or receiving this data, your Recall snapshots wont be used for targeting ads to you, training AI models, or any other purpose along those lines.Couldnt someone steal my laptop and look at my snapshots?Modern Windows PCs have encrypted storage, like other modern devices. Someone who stole your PC would need to be able to sign in as you to see your data.Recall is only going to be available on Copilot+ PCs, and Microsoft has set a higher baseline of security for these PCs: They must be Secured-core PCs, for example, and they will include a Microsoft Pluton security processor. In other words, they will ship with encrypted secure storage backed by hardware security features.The reality is that if someone stole a PC from an office worker or a home PC user and managed to sign into it, theyd already have access to a lot of private data. This would include financial documents stored on the PC itself, sensitive business information, email accounts the computer was signed into, and so on.Recall will definitely generate extra data that can be accessed if a criminal breaks into a PC. But, on the whole, its less risky to be using Recall on a securely encrypted Copilot+ PC than to walk around with a Windows 10 laptop that doesnt use BitLocker or another encryption method.Can other people on my PC see the snapshots?The Recall data is stored separately for each user account on a PC. That means even if you share a PC with other people, they wont be able to look through your Recall snapshots not unless they can sign into the computer with your user account and credentials.Will Recall store financial account numbers and passwords?Microsoft originally said that Recall does not perform content moderation. If a password or financial account number is visible on your screen, Recall would save it.But Microsoft changed its mind. Recall will now filter sensitive information like passwords, credit card details, and social security numbers by default. However, you have the choice here: You can head to Settings > Privacy & security > Recall & snapshots and turn off the Filter sensitive information option if you want to see this information in your snapshots.Either way, Recall wont capture most passwords you type, since most websites cloak password entry dialogs by displaying them as ****. And you can choose to filter out specific websites (like financial websites), use private browsing, or even filter out entire applications to have Recall ignore them. Also, you can delete Recall snapshots at any time.Any such data wont appear in your Recall snapshots by default. If you choose not to filter it, its critical to remember that only someone who has physical access to your PC and who can sign into your user account can access this information. And someone with physical access to your PC can do much worse, including installing malware.Recall can reopen documents and websites for you but you can get a lot of information just from the screenshots Recall stores, too.MicrosoftBut couldnt someone else with access to my PC snoop on it?To snoop through your snapshots for your private information, people would need both physical access to your PC and to be signed in as you. And, with Microsofts changes to Recall, theyd also need to authenticate as you with Windows Hello. Even if you stepped away from your PC and left it signed in, they couldnt get access to your Recall data without biometric identification or a PIN.To be fair, even the possibility of that happening does raise concerns. An abusive partner or family member could dig through the snapshots to find private information, for example if Recall snapshots were enabled and they knew the Windows Hello PIN or were granted access.However, this was always a risk. That same person could use their access to install a keylogger and remote-monitoring software to snoop on their partners PC usage, with or without Recall. Someone you give momentary access to your PC could pull up your email or search for sensitive financial documents. The Recall feature introduces a new way for people to find sensitive information if they already have access to a PC but, again, they could do a lot of damage even without Recall in the mix.How concerned should I be about Recall?Its clear why Recall is concerning: It marks a change in the way our computers remember and store information. And it seems like an obvious privacy problem if people with access to our PCs can use AI-style plain language search to dig through our saved PC history.In other ways, its not a change: Its a disabled-by-default feature you can choose to use. Even if you do use it, all the data is stored on your PC, so its arguably more private than many of the cloud-connected services we use every day.Critically, Recall doesnt send any of this data over the internet. There are already many other details were giving to Microsoft and other corporations. If youre worried about the information those companies are receiving about you, Recall isnt the problem but there are a lot of other Windows and web features that might be.Recall could be a big productivity boost for a lot of workers, helping them dig through all the information theyve seen on their work PCs. If you also use Discord to chat while working, you could filter out Discord and ensure Recall doesnt capture anything you say in there while it takes snapshots of all the Word documents, Excel spreadsheets, and Outlook emails you go through all day. And, as weve been saying, Recall offers a lot of control in general. If you dont want Recall to capture a browsing session, you can use Private Browsing mode.Even veteran Windows journalist Paul Thurrott, who is often critical of Microsofts privacy practices, has argued that Recall is not a privacy concern. Its not uploading anything to Microsoft, as he notes its just storing the data on your PC.But arent there still privacy concerns?While I can see the benefits of Recall especially for productivity workers who go through a lot of information on their PCs and could save time if they had a faster way to find it there are some elements of Recall that should give everyone pause. PCs have never captured and stored this kind of information in this way before. Its a bit of a shock.Still, Microsoft has made a lot of good changes after the criticism. Disabling Recall by default on business PCs, filtering private information out of snapshots, and requiring Windows Hello authentication to access snapshots are all smart shifts.But people do have at least some reason to worry about Recall. An attacker with access to a PC could just enable Recall rather than install a keylogger, and then grab private information from the Recall snapshots. That kind of attack could be a little more subtle and difficult to spot than a full install-a-keylogger attack, too. Its a good thing that this feature will be disabled by default on business PCs.The most important answers lie aheadMore than anything, well have to see how the risks shake out in the real world. When I first broached this subject, I suggested Microsoft do more filtering of private information and make efforts to protect Recall snapshots from people with access to a PC. Microsoft made those changes.Perhaps Recall will make everyone realize the risk of giving other people access to their PCs something that was always a risk when sensitive documents, emails, and browser histories are just a few clicks away.Of course, Microsofts big Copilot+ PC push is about more than AI. The PC industry now finally has thin-and-light laptops with incredibly long battery life to compete with MacBooks. Thats huge.Even if you disable Recall and turn off every AI-based feature on those new Copilot+ PCs, theyre a big battery life upgrade over your current laptop.Interested in learning more? Watch this column and sign up for my free Windows Intelligence newsletter to keep up with all the latest intel. Youll also get three new things to try every Friday and free copies of Paul Thurrotts Windows Field Guides as a special welcome bonus.