Originally published on lavkesh.com

Microsoft just announced Recall will ship as opt-in rather than opt-out. That is a complete reversal from the original design, and it matters more than the technical detail itself. It marks a line in the sand for what users will accept from AI features running on their own hardware.

Recall is the AI memory feature announced in May as part of Copilot+ PCs. The premise is genuinely useful: your PC takes periodic screenshots of everything you do and uses an on-device LLM to make it all searchable. You could search "that document I was looking at last Tuesday" and find it, even if you never saved it or cannot remember the filename. Think of it as a photographic memory for your computer.

The reaction from the security community when it was announced was immediate and sharp. A local database of screenshots of everything you do on your computer, including banking, passwords, private messages, medical records, is a single point of failure for your entire digital life. Researchers quickly demonstrated that the Recall database was accessible to any app running as the user, not just Recall itself. The data was not encrypted at rest.

Microsoft pulled Recall from the initial Copilot+ launch in June and spent the summer rearchitecting the security model. The version shipping in October adds encryption for the snapshot database, requires Windows Hello biometric authentication before Recall can be accessed, and moves the whole feature to opt-in. Nothing is captured by default. You have to explicitly enable it.