When search works well, we take it for granted. If you're searching for a specific email, photo, or document on your computer and it pops up immediately, you won't think twice about it. But if you spend 10 minutes searching your hard drive for that file, you'll lose your mind. That's where Microsoft hopes its new Recall feature can help, even if it comes with some significant security risks.
What is a recall?
At its core, Recall is simple: the feature quietly takes screenshots of what you do on your PC throughout your session. Whenever you search using Recall, it looks for relevant moments in your PC activity history from all those screenshots that might be what you're looking for, and stitches them together into a scrollable timeline. For example, if you're looking for a slide you created for work, searching for it might bring up times when you worked on that slide in PowerPoint and presentations you gave using that slide. The same goes for pictures: If you're looking for a photo of your dog at the park, you'll probably see it when you open it in your photo library, but also in the messaging app you use to send the photo to friends and family.
Recall also associates these screenshots with the active app: when you scroll through the timeline, not only can you see which window you're using to view it, Recall also tells you which app is running and when. So if you know you want the February PowerPoint session itself, you can skip any screenshots in Teams.
While this is certainly a novel feature, Microsoft isn't the first to roll out something like this. Rewind offers a similar experience on macOS, recording all your activities (including transcribing your audio) to make everything you do on your Mac searchable. Of course, the big difference here is that Recall is a feature built by Microsoft, while Rewind is only offered by third-party developers on macOS.
You also can't use Recall on any PC, even if it's running Windows 11. Instead, it's exclusive to Copilot+ PC, Microsoft's new AI-powered PC standard. The machines come with Snapdragon X Plus and Snapdragon X Elite chips, which feature dedicated neural processing units (NPUs) to handle native AI processes. Unless you own one of these new machines, like the new Surface Pro or Surface Laptop, you won't be able to try Recall when it launches.
Is Recall safe to use?
From Microsoft's perspective, the answer is yes. Because Recall only runs on Copilot+ PCs, it is handled entirely on-device, with no processing outsourced to the cloud. This means everything from the AI processing to the screenshot itself happens on your computer. Microsoft says that screenshots used for Recall are also encrypted on your PC, even from other profiles on your computer: if you lock your PC, your Recall screenshots will be locked as well.
Additionally, you can control which apps and websites Recall takes screenshots for. If you don't want Recall to take screenshots when you use WhatsApp, you can tell it not to do so. You can also choose to pause the call for a period of time and delete recently taken screenshots or all screenshots stored on the device. InPrivate browsing sessions in Microsoft Edge and DRM content such as Netflix shows and movies are also not recorded. (I guess, with InPrivate browsing, your secrets are indeed safe.)
However, while Microsoft places great emphasis on Recall's security, it is not necessarily foolproof. For one, Recall takes screenshots of pretty much everything you do on your PC (assuming you don't adjust those settings yourself). This means it won't stop taking screenshots when you enter or access sensitive information like passwords, Social Security numbers, or banking data: if you can see it on the screen, Recall is probably recording it. While it's good that these screenshots are encrypted when you lock your device, if someone did manage to break into your computer, they would be able to access your entire Recall history, including this sensitive information. It may seem like an unforced mistake for a would-be hacker to open Recall, search for "Bank of America" or "Turbo Tax," and then watch you go over and enter all relevant credentials and private information for them.
In fact, the feature has come under government scrutiny. The UK data regulator, the Information Commissioner's Office (ICO), has contacted Microsoft for more information about Recall. The regulator said all companies must "rigorously assess and mitigate risks to people's rights and freedoms" before offering new products to consumers. Because it's still early days (Microsoft announced the feature just two days before this investigation), it's unclear how regulators will view it or whether other government agencies will launch their own investigations here.
For the average Windows 11 user, Recall probably won't cause them trouble, or at least won't put them at greater risk than they already are. Do you have a photo of your Social Security card in your photo library? Do you save all your passwords in a Word document? (Please don't do this.) But before enabling this feature, it's important to understand exactly what you're agreeing to. Whether it's a hacker looking to break into your financial accounts or a nosy friend snooping around your PC, you can make your entire PC activity easily searchable by anyone with your computer's password.
If you really want to try Recall and any of the other Copilot+ PC-exclusive features, you can pre-order one of Microsoft's new Surface devices below:
Surface Laptop : Starting at $999.99
Surface Pro : Starting at $999.99
