DocuPoint Radar - Microsoft Recall

February 21, 2026

Microsoft Resumes Marketing Recall Despite Internal Failure Assessment

A new Microsoft marketing campaign pitches 2026 as "the moment for AI PCs" and prominently features Recall as a key selling point. This comes just 18 days after Windows Central reported that Microsoft internally considers Recall a failure and is exploring reworking or renaming the feature.

💡

Key Facts:
Campaign message: "Recall: Search your digital memory by describing how you remember something"
Context: Internal failure assessment reported February 2 by Windows Central
Also notable: Recall has been absent from Windows release notes recently; Click to Do receives updates, but Recall itself is rarely mentioned
Enterprise angle: The marketing focuses entirely on consumer use cases with no mention of Purview integration

The contradiction is striking. Internally, sources describe Recall as having failed, with the possibility of dropping the name entirely. Externally, the marketing machine continues to position it as a flagship Copilot+ PC feature. Windows Latest notes that Microsoft has been quietly adding features to Click to Do (Recall's companion feature) while avoiding direct references to Recall in release notes. The campaign suggests that Recall's marketing and product teams may not be aligned, or that Microsoft has decided to maintain the public narrative while reworking the feature behind the scenes. Either way, European organisations should treat Recall's current status and roadmap as uncertain.

Sources: Windows Latest · Windows Central

By Ulrich Bojko

February 04, 2026

Security Chief Bell Replaced, Secure Future Initiative at Risk

microsoft

Microsoft has replaced Charlie Bell as Executive Vice President of Security with Hayete Gallot, a former Google Cloud executive whose background is in sales and customer experience. The change raises questions about the future of the Secure Future Initiative, the framework under which Recall was rearchitected with VBS Enclaves, encryption, and opt-in controls.

ℹ️

Key Facts:
Who's out: Charlie Bell, who built Microsoft's Security, Compliance, Identity, and Management organization and drove the Secure Future Initiative
Who's in: Hayete Gallot, most recently President of Customer Experience at Google Cloud
Nadella's framing: Focused on "go-to-market efforts," "strong Purview adoption," and "continued customer growth"
What's missing: No language about the importance of building secure products
External pressure gone: The US Cyber Safety Review Board, which forced Microsoft's 2024 security reckoning, has been disbanded

Bell joined Microsoft in 2021 to fix chronic security failures, but faced internal resistance. It took a damning CSRB report into the 2023 Chinese email breach to give him real authority. Under Bell, Recall was rearchitected from its disastrous 2024 launch into a genuinely more secure product with encrypted local storage and VBS Enclaves. Now that Bell has moved to an individual contributor role and the CSRB no longer exists, the external and internal forces that drove Microsoft's security improvements have both weakened. Lawfare's Tom Uren warns Microsoft's goal may be shifting from making secure products to selling security products. For European organisations evaluating Microsoft 365 security commitments, this leadership change warrants close attention.

Sources: Official Microsoft Blog · Lawfare · CNBC · Windows Central

By Ulrich Bojko

February 02, 2026

Microsoft Internally Considers Recall a Failure, Explores Rework

Microsoft Recall

copilot

AI Strategy

Windows 11

Windows Central reports that Microsoft internally views Recall as a failure and is exploring reworking or renaming the feature as part of a broader AI strategy pullback on Windows 11.

Microsoft internally considers Recall's current implementation a failure and is exploring ways to rework or rename the feature, according to a Windows Central report citing sources familiar with the company's plans.

ℹ️

Key Facts:
Internal assessment: Microsoft views Recall as having "failed" in its current form
Options explored: Rework the feature entirely, possibly drop the "Recall" name
Broader context: Part of a wider AI strategy pullback on Windows 11
Copilot changes: Integrations in Notepad and Paint under review; new Copilot buttons paused
Official statement: Windows president Pavan Davuluri told The Verge that 2026 will focus on performance, reliability, and "overall experience"

The reassessment follows sustained user backlash against Microsoft's AI-first approach to Windows. Davuluri's November 2025 tweet describing Windows as an "agentic OS" drew thousands of negative replies. A problematic January 2026 update that caused boot failures, shutdown bugs, and cloud app crashes further eroded trust. Microsoft is not abandoning AI entirely: Semantic Search, Windows ML, Agentic Workspace, and developer-facing AI APIs continue, but the strategy is shifting toward background integration rather than visible UI features. The Recall concept may survive in a different form, but the brand appears damaged beyond repair.

Sources: Windows Central (via Slashdot) · TechRadar · DigiconAsia · Windows Latest

By Ulrich Bojko

November 18, 2025

Microsoft Deploys Recall Internally with Purview Integration

Microsoft Recall

Microsoft's internal IT organization deploys Recall across its enterprise fleet, integrating with Purview sensitivity labels and DLP policies to prevent capture of confidential content.

Microsoft's internal IT organization deployed Recall across its enterprise Copilot+ PC fleet in November 2025, acting as "Customer Zero" to validate enterprise-grade controls built in collaboration with the Purview and Intune product teams.

ℹ️

Key Facts:
Deployment: Microsoft Digital (internal IT) across enterprise Copilot+ PCs
Integration: Microsoft Purview sensitivity labels and DLP policies
Protection: Documents labeled "Highly Confidential" are not indexed by Recall
Default state: Disabled on enterprise devices; requires IT admin enablement and individual user opt-in
API: Public DLP provider API available for third-party integrations

Microsoft Digital helped define tenant trust requirements and built exclusion logic ensuring Recall ignores credential-related content such as passwords and certificates. The Purview integration means enterprise DLP policies now extend to Recall's snapshot store, with sensitivity labels controlling what gets captured. Recall is disabled by default in enterprise builds, requiring both IT policy changes and individual user consent before activation.

Sources: Microsoft Inside Track · Microsoft Inside Track - Enterprise

By Ulrich Bojko

October 22, 2025

Gaming Copilot Controversy: Screenshot Capture Without Clear Consent

Microsoft Recall

Gaming Copilot

Xbox

Users discover Gaming Copilot captures gameplay screenshots and sends data to Microsoft servers by default, installed automatically through Xbox Game Bar.

Users discovered in October 2025 that Gaming Copilot was capturing gameplay screenshots and sending data to Microsoft servers without clear consent, installed automatically through Xbox Game Bar.

ℹ️

Key Facts:
Installation: Automatic via Xbox Game Bar update
Behavior: Captures screenshots, extracts text via OCR, sends to Azure
Issue: Network traffic persists even when Game Bar is closed
Microsoft response: Data "not stored or used for model training"

Security researcher Kevin Beaumont confirmed screenshots were being sent to undocumented Microsoft Azure endpoints. Microsoft's response focused on what data was not used for, rather than addressing why the feature was installed without explicit consent or why data collection continued when not in active use. The pattern echoed the original Recall backlash: automatic installation, unclear data practices, and defensive responses.

Sources: WinBuzzer

By Ulrich Bojko

July 30, 2025

Microsoft Recall Rolls Out to European Users

Microsoft Recall

Despite initial delays due to GDPR concerns, Microsoft begins rolling out Recall to Copilot+ PC users in the European Economic Area—with a unique data export feature not available elsewhere.

Microsoft began rolling out Recall to European Economic Area users in late July 2025, ending a months-long delay caused by regulatory concerns. The rollout came via Windows 11 24H2 Release Preview updates, with broad availability following in the August 2025 Patch Tuesday update.

ℹ️

Key Facts:
Initial delay: EU rollout postponed from April 2025 due to GDPR privacy concerns
EU-exclusive feature: Users can export snapshots to trusted third-party apps via encrypted export code
Export limitation: Code shown only once; if lost, requires full Recall reset (deletes all snapshots)
Requirements: Copilot+ PC with 40+ TOPS NPU, BitLocker enabled, Windows Hello configured

Privacy experts noted the irony: Recall arrived in Europe the same week Microsoft excluded the region from Copilot Vision—its cloud-based screenshot analysis feature—citing regulatory complexity. The local-only Recall apparently passed Microsoft's GDPR risk assessment, though independent researchers remain skeptical about third-party data capture and consent mechanisms.

Sources: ITdaily · TechCentral.ie · Dutch IT Channel

By Ulrich Bojko

July 23, 2025

Microsoft Announces Copilot Vision: Recall Goes to the Cloud

Microsoft Recall

Microsoft introduces Copilot Vision, an extension of Recall that sends screenshots to cloud servers for analysis—deliberately excluded from the European Union.

Microsoft introduced Copilot Vision on July 23, 2025, extending Recall's screen-capture approach but sending data to cloud servers for more powerful AI processing. The EU was deliberately excluded.

ℹ️

Key Facts:
Processing: Cloud-based (unlike Recall's local processing)
Data flow: Screenshots sent to Microsoft Azure servers
Availability: Explicitly excluded from European Union
Reason: Tacit acknowledgment of GDPR non-compliance

The EU exclusion was significant: Microsoft's "local processing" promise that defined Recall's security pitch was abandoned for Copilot Vision. While Microsoft claimed data is deleted after each session, the shift to cloud-based surveillance of user activity marked a clear escalation of Microsoft's AI ambitions.

Sources: The Register · WinBuzzer

By Ulrich Bojko

July 22, 2025

Brave and AdGuard Block Recall by Default

Microsoft Recall

Brave browser and AdGuard join Signal in blocking Microsoft Recall, with Brave offering a more surgical approach that preserves accessibility features.

Brave (v1.81) and AdGuard (v7.21) announced they would block Microsoft Recall by default in July 2025, joining Signal in the growing coalition of privacy software rejecting Microsoft's safeguards.

ℹ️

Key Facts:
Brave approach: Marks tabs as "private" so Recall excludes them; preserves normal screenshots
AdGuard approach: System-wide Recall blocking via Tracking Protection settings
Advantage: Brave's method keeps accessibility tools and legitimate screenshots working
Pattern: Privacy software industry consensus that Recall cannot be trusted

Brave cited "highly-privacy-sensitive cases such as intimate partner violence" as justification. AdGuard called the very idea of background screen captures "unsettling." Mozilla Firefox engineers confirmed they were working on similar protections.

Sources: Brave · Engadget · gHacks · The Register

By Ulrich Bojko

May 01, 2025

Recall Rolls Out to Public + Signal Announces Countermeasure

Microsoft Recall

Microsoft makes Recall available to all Copilot+ PC users. Signal immediately releases "Screen security" to block Recall from capturing encrypted messages.

Microsoft made Recall available to all Copilot+ PC users in May 2025. Within days, Signal released "Screen security" to block Recall from capturing encrypted messages.

ℹ️

Key Facts:
Availability: All Copilot+ PCs (except EEA, delayed for regulatory review)
Activation: Requires double opt-in during setup
Signal response: "Screen security" uses DRM to show black rectangles to any screen capture
Trade-off: Signal's approach blocks all screenshots, including accessibility tools

Signal stated it "does not trust that Microsoft's safeguards can be universally effective now or in the future." The same month, Penn's Office of Information Security issued a formal warning calling Recall an "unacceptable security, legality, and privacy" risk.

Sources: GeekWire · TechRepublic · Windows Forum

By Ulrich Bojko

April 10, 2025

Recall Returns for Windows Insiders

Microsoft Recall

microsoft

Windows Insider

Preview

After 10 months of rework, Microsoft releases the updated Recall to Windows Insider testers with new security features in place.

Microsoft released the redesigned Recall to Windows Insider testers in April 2025, nearly a year after pulling the original version due to security concerns.

ℹ️

Key Facts:
Release: April 2025 (Insider channel only)
Changes: Opt-in by default, encrypted database, biometric auth required
New option: Can now be completely uninstalled
Hardware: Still requires Copilot+ PC (less than 2% of Windows laptop sales)

Security researcher Kevin Beaumont acknowledged "serious efforts" to secure Recall but noted remaining concerns: the sensitive info filter still missed some data, PIN fallback could allow reactivation without biometrics, and self-destructing messages from Signal/WhatsApp could still be captured.

Sources: Gizmodo · DoublePulsar

By Ulrich Bojko

September 27, 2024

Microsoft Announces Recall Security Overhaul

Microsoft Recall

microsoft

Security

Encryption

Microsoft reveals significant security architecture changes for Recall, including encryption, biometric authentication, and opt-in activation.

Microsoft published a detailed security architecture overhaul for Recall on September 27, 2024, addressing the critical flaws that forced the June withdrawal.

ℹ️

Key Facts:
Database: Now fully encrypted with TPM-protected keys
Access: Windows Hello biometric authentication required
Activation: Completely opt-in (no longer default-on)
Filtering: Automatic sensitive info detection via Microsoft Purview engine
Processing: Operations run within Virtualization-based Security Enclave

Microsoft emphasized that snapshots are not sent to their servers and all AI processing occurs locally. However, security researchers remained cautious: the sensitive info filter was not 100% reliable, PIN fallback could bypass biometrics, and there was no way to verify settings were not reset by updates.

Sources: Windows Blog

By Ulrich Bojko

June 13, 2024

Microsoft Pulls Recall After Security Backlash

Microsoft Recall

microsoft

privacy

Security

Facing overwhelming criticism from security researchers and privacy advocates, Microsoft pulls Recall entirely just days before its planned release.

Microsoft pulled Recall from its planned June 18, 2024 release, shifting it to the Windows Insider Program after overwhelming backlash from security researchers, privacy advocates, and regulators.

ℹ️

Key Facts:
Original launch: June 18, 2024
Action taken: Pulled entirely, moved to Insider testing
Reason: Security flaws, regulatory pressure, media backlash
Promises made: Opt-in activation, encryption, biometric auth

The backlash was swift: security researchers demonstrated trivial database exfiltration, the UK ICO announced formal inquiries, and media headlines called it a "privacy nightmare." Microsoft committed to making Recall opt-in, adding encryption, and requiring biometric authentication before any future release.

Sources: BleepingComputer · Windows Blog

By Ulrich Bojko

June 01, 2024

Microsoft Announces Recall: AI Screenshots Everything You Do

Microsoft Recall

microsoft

privacy

AI

Microsoft unveils Recall as part of Copilot+ PC experience, promising AI-powered "photographic memory" for your PC. Security researchers immediately raise alarms.

Microsoft unveiled Recall as part of Copilot+ PCs in June 2024, marketing it as AI-powered "photographic memory" that screenshots your PC every few seconds to create a searchable timeline.

ℹ️

Key Facts:
What it does: Captures screenshots continuously, stores in searchable timeline
Processing: On-device AI (requires NPU with 40+ TOPS)
Initial state: Enabled by default, no removal option
Storage: Unencrypted plaintext SQLite database

Security researchers immediately found critical flaws: passwords, credit cards, and personal data captured without filtering, and the database accessible to any malware with basic file access. The UK ICO announced an inquiry within days. Security researcher Kevin Beaumont called it "a potential security nightmare."

Sources: Wikipedia · ComputerWorld · Windows Blog

By Ulrich Bojko