Brave Browser Blocks Windows Recall from Capturing Your Data
▼ Summary
– Brave Software will block Windows Recall from capturing screenshots of its browser windows by default to protect user privacy.
– Windows Recall is an opt-in Windows 11 feature that captures and analyzes screenshots to help users search past activities, but it has raised privacy concerns.
– Microsoft improved Recall’s security by allowing software opt-outs and securing data with Windows Hello Enhanced Sign-in Security (ESS).
– Brave uses Microsoft’s SetInputScope API to mark all browser windows as private, preventing Recall from saving browsing history.
– The change is already in Brave Nightly builds and will reach stable releases soon, with an option to enable Recall in settings if desired.
Brave Browser takes a firm stand against Windows Recall’s data collection by automatically blocking the feature to safeguard user privacy. The privacy-focused browser has implemented technical measures to prevent Microsoft’s controversial screenshot tool from capturing any activity within Brave windows without explicit user consent.
Microsoft designed Windows Recall as an optional feature for Windows 11 that periodically captures screen content, analyzes it, and allows users to search through past activities using natural language queries. While intended as a productivity tool, security experts quickly raised alarms about its potential to inadvertently store sensitive personal information including login credentials, private messages, and confidential documents.
Following significant backlash, Microsoft introduced additional security controls, allowing applications to exclude themselves from Recall’s data collection. Brave has now become one of the first major browsers to implement these opt-out mechanisms by default across all versions of its software.
The browser’s development team explained their decision stems from Brave’s core philosophy of prioritizing user privacy above all else. They emphasized how browsing histories represent particularly sensitive data that could have serious consequences if exposed, especially in situations involving domestic abuse or other privacy-critical scenarios.
Technically, Brave achieves this protection by utilizing Microsoft’s own SetInputScope API, marking all browser windows with the IS_PRIVATE flag. This system-level indicator instructs Windows to exclude Brave’s content from Recall’s screenshot database while maintaining normal functionality for all other features.
Early adopters can already test this protection in Brave’s Nightly builds, with the update scheduled to reach all users in upcoming stable releases. Those who specifically want to use Recall with Brave can manually adjust settings to allow data collection, though this requires explicit action from the user.
Signal messenger previously implemented similar protections using a different technical approach involving DRM flags, though their method came with potential accessibility tradeoffs that Brave’s solution avoids. This development highlights growing industry pushback against operating system-level data collection features that could compromise user privacy.
(Source: BLEEPING COMPUTER)
