Microsoft's Copilot+ Gets Ready to Remember Recall

The Copilot+ family includes laptops from HP, Lenovo, Microsoft, Asus, and other PC-makers,
and all include special Windows AI features only available on these systems. But one Copilot+ tool we've been waiting for is finally getting closer to general release, and that's Recall. 

If you don't, ahem, recall (pun intended), Recall is the tool that promises to take snapshots of your PC activity as you use your PC. This allows you to easily find, or "recall," anything or everything you've interacted with, without needing to remember the exact file name or file location. 

Photo: Jacob Bobo

On September 27, Microsoft announced new updates to the still-unreleased Recall, including information about the enhanced security architecture for the powerful organizational tool. The idea here is to balance the utility and power of this tool with the privacy and security concerns of customers. 

Recall will now have new guardrails and new security features that make sure it can still help you find files, websites, images, or anything you've interacted with on the PC -- but simultaneously not hanging onto or providing access to any information you don't want to share with the tool. 

One key thing to keep in mind: Recall is now entirely opt-in.  During setup on Copilot+ PCs, users must actively choose to enable snapshot saving. If not activated, no snapshots are taken or saved. You’ll also have access to a variety of controls to manage how much of your activity is saved, from filtering out specific apps to limiting how much disk space is allocated to snapshots.

While you can set up a PIN later on, biometric security like Windows Hello facial or fingerprint identification is needed to set it up for the first time. You can also delete specific time ranges, app content, or all Recall data at any time. 

Security and privacy first

Security breaches and privacy issues dominate headlines, so Microsoft’s revamped approach to Recall is to ensure it is both secure and useful. The updated Recall model relies on Virtualization-Based Security (VBS) Enclaves, a highly protected space within the PC’s memory. This ensures that any data processed through Recall is isolated from both malicious software and even privileged administrative access. 

Photo: Microsoft 

What does this mean for the average user? For starters, all Recall snapshots are stored locally on your device and encrypted using secure keys protected within the VBS Enclave. To access your Recall data, users must authenticate with Windows Hello biometric credentials, providing an added layer of protection. Also, sensitive content filtering is on by default, helping to reduce storage of passwords, Social Security numbers, and credit card numbers.

The architecture also includes a time-out mechanism, so any decryption of data for searching is temporary, which means you'll need to reauthorize the decryption regularly, usually via Windows Hello. That means someone can't access recall data, even if you leave your PC unlocked and walk away.  

Coming soon to Copilot+ PCs

As Recall nears its general release, keep in mind it will still be exclusive to Copilot+ PCs, leveraging the special hardware and AI capabilities built into these systems. The tool will go into a preview mode first for beta testers, then become widely available at a later date. 

Read more: Copilot+ PCs

• Microsoft Surface Laptop Review: The First Copilot Plus PC
• Asus Vivobook S 15 OLED Copilot+ PC Review
• What is TOPS? The AI Performance Metric Explained
• Copilot Plus PCs vs AI PCs: What's The Difference?