Statement on Microsoft Recall
In April 2025, Microsoft introduced a feature in Windows 11 named Recall, available exclusively on Copilot+ PCs. This feature continuously captures screenshots of user activity to create a searchable timeline, aiming to improve productivity through AI-powered recall of past actions and content.
While Recall offers potential benefits, it also introduces significant privacy and technology risks:
Continuous Data Capture: Recall takes screenshots every few seconds, potentially capturing sensitive or confidential information, including emails, financial data, and private communications.
Security Vulnerabilities: Despite Microsoft's implementation of encryption, virtualization-based isolation, and biometric access controls, researchers have identified scenarios where sensitive data may still be exposed.
User Autonomy and Consent: Although Recall requires manual opt-in and provides visual indicators when active, the default behavior and complexity of managing exclusions raise concerns about informed consent and user control.
Given these risks, and in alignment with our commitment to safeguarding the privacy and security of our students, faculty, and staff, Microsoft Recall will be proactively disabled and not supported on managed Windows 11 devices within the University of Guelph computing environment.
We will continue to monitor developments around Recall and similar technologies to ensure our digital environment remains secure and protective of institutional data.
For questions or support, please contact the CCS Help Centre.
References:
https://learn.microsoft.com/en-us/windows/ai/recall/
https://learn.microsoft.com/en-us/windows/client-management/manage-recall
CCS Information Security
Last Updated: September 8, 2025