Security Stop-Press: Controversial Recall Feature in Windows 11 Preview

You may have seen elsewhere that Microsoft has quietly reintroduced its controversial Recall feature in Windows 11 Preview channel for Copilot+ PCs. This is ahead of a broader launch planned for later in 2025.

Recall uses AI to take automatic screenshots every few seconds, storing them locally so users can search their screen history using natural language. It’s pitched as a time-saving tool, but one that, if enabled, effectively logs everything viewed on a PC.

Hand-shaped mouse pointer points at the word Security on a computer screen

The feature was shelved in 2024 after strong backlash from security experts and privacy advocates. Critics warned that Recall could capture sensitive data, like passwords or private messages, that may be exposed if a device is compromised.

Microsoft now says Recall is opt-in, requires Windows Hello authentication, and stores data locally without sharing it with Microsoft or third parties. Users can pause, delete, or switch it off at any time.

Despite these safeguards, experts say the feature still poses risks, including data leaks and privacy issues affecting others whose information is captured without consent.

How do I stay secure?

To stay secure, businesses should consider leaving Recall disabled unless essential. Businesses should also enforce strong authentication, and train staff on privacy risks, especially when deploying Copilot+ devices.

So is Recall really a bad idea then?

Here at Cosurica, we prefer to take a balanced view, so our customers get the full picture.

Recall uses on-device AI to periodically take snapshots of your screen and create a timeline that allows users to scroll back in time to see what they were working on. You can search through these snapshots using natural language queries — like “show me the chart I was working on last week” — and Recall can pull it up, even if you didn’t save the file or remember where it was.

Snapshot frequency: Every few seconds
Storage location: Encrypted, local device only (not cloud synced)
Searchability: Powered by local AI models

Recall is exclusive to Copilot+ devices with an NPU (neural processing unit, special kind of processor optimised for AI), at least 16GB RAM and at least 256GB internal data storage. It’s only being rolled out to Windows 11 Insiders running a preview version of the operating system, so this move really only affects a very limited number of users at the moment.

There’s more information about the Benefits and Risks of Recall here

What does this mean for your business?

We see potential for users reliant on Recall to get a bit ‘lazy’ about where they save data, leading to difficulty keeping important documents organised and backed up! We’re also a little concerned that if users are no longer required to commit anything to memory, the ability to retain and recall information for themselves will likely be affected to some degree, leading to lower employee performance, lower productivity and increased risk of decline in memory function in the longer term.

We’re already seeing evidence of this trend in people who resort to ‘Googling’ everything, rather than retaining, and recalling when needed, the relevant information they have learned at school, university or in the workplace. Not being able to recall information slows people down. When time’s money, you really don’t need to hear an employee say ‘I can’t remember how to do that. I’ll just go and look it up’, especially when you know it’s a routine task they really should have committed to memory.

Is Recall an ‘Enterprise-ready’ feature right now?

Unlikely!

Should business users be running a preview version of Windows?

Probably not! Doing so, can lead to instability and unpredictable events, so is not without risk and is best left to those who are happy to take those risks, or who are actively involved in testing software.

In summary

So whilst Recall may be a potential issue to watch out for later this year, it’s not likely to be a potential headache for SMEs and Enterprises unless you are planning to deploy Copilot+ devices. And if you are, then leave Recall disabled unless you really need it!

If your business has a genuine need to take screenshots, why not consider other options which don’t come with the same risks as Recall? There’s plenty of screen clipping products out there to consider and many of these can be activated only as and when you need them. We use products such as SnagIT in our business very successfully and this has massively improved working life here at Cosurica.

< Back to blog