Do you trust Microsoft with a feature like Windows Recall?

Windows Recall is one of the most controversial features Microsoft has announced in years.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Copilot+ PCsare set to start shipping in a couple weeks. Those systems haveNeural Processing Units (NPUs)that power a plethora of AI features. Among those new features isWindows Recall,a powerful tool that can search through your computing history to help you pick up where you left off. Microsoft advertises Windows Recall as a major addition to Windows 11 but the feature has proven controversial.

Windows Recall takes a snapshot of your system every few seconds to create a database that can be searched using AI. That AI processing all happens locally, meaning none of your data goes to the cloud. Microsoft also promises that none of the data saved for Windows Recall is used to train AI models.

Despite these security measures in place, many have privacy and security concerns about Windows Recall. While the feature is powerful, it creates a searchable database of an incredibly detailed set of information. Recall does not moderate what it takes snapshots of, so if you enter payment details or other sensitive data, it could appear in Windows Recall.

Additionally, security researcher Kevin Beaumont discovered thatWindows Recall only encrypts your data when your device is logged off. If your PC is logged on, data from Windows Recall sits in an SQLite plaintext database that’s easy to access. Of course, anyone with access to a device that’s logged on could extract sensitive information from your PC, but Windows Recall essentially serves the data on a platter.

-“Microsoft should recall Windows Recall”-How to disable Windows Recall-Windows Recall clones are popping up-Hands-on with Windows Recall-How Microsoft keeps Windows Recall data safe

The poll above admittedly presents a layered question. Some may trust the concept of Windows Recall but not trust Microsoft with that feature. Others may not trust Microsoft regardless of what the tech giant works on. Another group of people may be okay with Microsoft and Windows Recall. But the topic of the day is Windows Recall specifically, and that includes the fact that it’s made by Microsoft.

Our Senior Editor Zac Bowdenposed the same question on X(formerly Twitter). I wanted to give people without an X account a chance to weigh in.

I’ve seen reactions online ranging from people thinking Microsoft will enable the feature without your permission to complete trust that Recall is and presents no security risks. Personally, I think the truth lies somewhere in the middle. I don’t think Microsoft will enable Recall without consent, but I do think people will accidentally enable the feature when they set up their PC. I’ve seen people claim Microsoft enabled OneDrive syncing without permission only to later realize they had enabled the feature during the Windows out of box experience (OOBE).

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

When it comes to security, the weakest link in the chain is generally a person, not technology. Companies need to take steps to secure data and devices when human error occurs. For example, Microsoft could require Windows Hello authentication to access Windows Recall data. This could help secure data even if malware was installed onto a PC or someone gained physical access to a device that was logged in.

You can’t make any feature “idiot proof,” but you can add basic security features that add layers of protection against attacks.

What do you think about Microsoft and Windows Recall? Let us know in the poll above and share your thoughts in the comments below!

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He’s covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean’s journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.