Microsoft has begun the broader rollout of its Recall feature to Copilot+ PCs following a significant redesign that the company says addresses the security and privacy concerns that caused it to delay the feature’s original launch in June 2024. Recall, which uses AI to create a searchable visual record of everything a user does on their Windows PC – capturing screenshots at regular intervals and using on-device AI to make the content of those screenshots searchable through natural language queries – was initially revealed as a flagship feature of Microsoft’s Copilot+ PC initiative before being withdrawn ahead of launch following a wave of security research that identified serious vulnerabilities in the original implementation. The redesigned version, which Microsoft began rolling out to Windows Insiders in late 2025 and is now pushing to the broader Copilot+ PC user base, incorporates a series of architectural changes that the company says fundamentally address the security concerns while preserving the core functionality that generated both excitement and alarm when the feature was first announced.

The core concept behind Recall has not changed: the feature captures periodic screenshots of the user’s screen activity (every few seconds by default), processes the images using on-device AI to extract the text, images and context from each capture, and makes this accumulated ‘timeline’ of screen activity searchable through a natural language interface. A user who remembers seeing a specific document, website, email or image but cannot remember when or where can search their Recall timeline with a description (“the presentation with the blue graph about Q3 sales”) and find the relevant moment in their history, with a visual preview and a link to reopen the application or file. The feature essentially functions as a photographic memory for a user’s PC activity, with AI-powered search enabling retrieval that would be impossible through traditional file system navigation.

What Changed After the Privacy Backlash

The original Recall implementation stored its screenshot database in a location that security researchers quickly identified was accessible to other applications and, in some cases, to malicious software running on the same machine. The database’s contents – a comprehensive visual record of everything a user had done on their PC – represented an extraordinarily sensitive data store that could expose passwords, private messages, financial information and other sensitive content if accessed by an attacker. Microsoft’s response to these findings was to withdraw the feature before launch rather than release it with known security vulnerabilities, and the redesign that has now been rolled out incorporates several layers of additional protection.

• Encryption at Rest: The Recall database is now encrypted using the TPM (Trusted Platform Module) chip present in all Copilot+ PCs, with the encryption key bound to the specific hardware and requiring Windows Hello biometric authentication to decrypt. This means the database cannot be accessed by other applications running on the same machine or transferred to another machine and accessed there.
• Sensitive Content Filtering: Recall now automatically filters out screenshots containing content that Windows detects as likely to be sensitive – credit card numbers, passwords entered into password fields, banking information and similar categories – by default, with users able to configure additional filtering rules.
• Application Exclusion: Users can easily exclude specific applications from being captured by Recall, allowing users to conduct sensitive activities – banking, private messaging, confidential documents – without those activities appearing in the Recall timeline.
• Opt-In by Default: In a reversal of the original plan, the redesigned Recall is opt-in rather than enabled by default, requiring users to actively choose to enable the feature and to consent to the data collection it involves after reviewing a clear disclosure of what the feature captures and stores.
• On-Device Only: Microsoft has maintained its commitment that all Recall processing and storage occurs on-device, with no Recall data sent to Microsoft’s servers or to any cloud service.

Where to Buy: Ready to experience these AI features firsthand? Browse the latest Copilot+ PCs on Amazon – filter by brand, screen size and processor.

Is It Actually Useful?

Beyond the security and privacy questions, the practical utility of Recall has been the subject of genuine debate among early users who participated in the Windows Insider preview programme. The feature’s value proposition is compelling in theory: the ability to find anything you’ve seen on your computer through natural language search, without relying on file names, application-specific search tools or memory of exactly where a piece of information was located, addresses a real and common frustration for knowledge workers who spend significant time looking for things they know they’ve seen. The execution in the redesigned version has received more positive assessments from testers than the security concerns might have suggested, with the natural language search working reliably for the types of recall tasks that are most common in practice – finding documents, images, websites and emails seen in a specific time period or containing specific visual or textual content.

The performance overhead of continuous screenshotting and AI processing has been cited as a concern, but Microsoft’s decision to limit Recall to Copilot+ PCs – which feature dedicated Neural Processing Units designed to handle AI workloads efficiently – means that the processing overhead is lower than it would be on conventional hardware. Early users on current Copilot+ PC hardware report minimal impact on system performance during normal use, though the feature does require adequate storage space for the screenshot database (Microsoft recommends at least 25GB of free storage) and will reduce available storage over time if the capture history is set to a long retention period.

Privacy Advocates Remain Sceptical

Despite Microsoft’s redesign efforts, privacy advocates and security researchers have not uniformly embraced the revamped Recall as a resolved issue. Several researchers who examined the original implementation have raised questions about aspects of the new design that they argue still warrant scrutiny: the effectiveness of the sensitive content filtering, the robustness of the biometric authentication requirement under various threat scenarios, and the broader question of whether any implementation of comprehensive screen capture represents an appropriate design for a consumer computing feature regardless of how well the specific security challenges are addressed.

The broader cultural question that Recall raises – whether users should be comfortable with their PC maintaining a comprehensive visual record of their computing activity – is one that will ultimately be answered by usage patterns rather than by security research. If a substantial proportion of Copilot+ PC users choose to enable the feature after being presented with a clear explanation of what it does and how their data is protected, that is meaningful evidence that the value proposition resonates and that users find the security protections adequate for their comfort level. If uptake is low despite the opt-in default giving users an informed choice, that would be an equally meaningful signal that even a well-implemented version of this concept may not find the audience Microsoft anticipated when it announced Recall as a flagship capability of the Copilot+ PC platform at Build 2024.