Nothing to see here: Brave browser blocks privacy-busting Microsoft Recall
- Reference: 1753301706
- News link: https://www.theregister.co.uk/2025/07/23/brave_browse_block_microsoft_recall/
- Source link:
Microsoft introduced Recall, you may recall, [1]in May 2024 as a way to record screen activity for people using Copilot+ PCs, in order to pass that information to the resident AI model. The feature repeatedly captures images of the user's screen and stories the snapshots, so the data can be resurfaced on-demand via local image recognition software and natural language queries.
Forgot the name of the website you visited which had a pic of blue shoes on it? Recall will find it for you.
[2]
After its debut, critics savaged the feature [3]as a privacy nightmare . Microsoft ended up [4]delaying the technology and [5]making some adjustments to make it more acceptable .
[6]
[7]
In April 2025, Microsoft [8]announced the Recall would be available to those on the company's Windows Insider channel via a preview version of Windows 11 Build 26100.3902 for Copilot+ PCs. Originally offered on an opt-out basis, Recall is [9]now opt-in and has new local data protections it didn't have in its first iteration.
Brave Software, which offers a Chromium-based browser tricked out with extra privacy controls, argues that Recall still presents a risk, even if transitioning it from opt-out to opt-in has mitigated concerns.
[10]
"Recall is antithetical to Brave's goals as a privacy-first browser, and as such we should disable Recall's ability to capture what the user does on Brave," explained Shivan Kaul Sahib, VP of privacy and security at Brave Software, in the [11]initial GitHub Issue post outlining the browser code change.
In a [12]blog post on Tuesday, Sahib argued that disabling Recall by default in all Brave tabs is necessary to protect the user's browsing history.
"We think it’s vital that your browsing activity on Brave does not accidentally end up in a persistent database, which is especially ripe for abuse in highly-privacy-sensitive cases such as intimate partner violence," he wrote.
[13]
If you want Recall to screenshot Brave, the browser's settings menu allows you to override the block.
According to Sahib, Brave's implementation was inspired [14]by secure messaging app Signal , which instituted a Recall block in May. Signal Desktop for Windows 11 includes a default Screen Security setting that tells the operating system that messages are protected with digital rights management (DRM), thereby blocking any and all screenshots from being taken - including the automated screenshots Recall uses.
"The integration of AI agents with pervasive permissions, questionable security hygiene, and an insatiable hunger for data has the potential to break the blood-brain barrier between applications and operating systems," wrote Signal developer Joshua Lund at the time. "This poses a significant threat to Signal, and to every privacy-preserving application in general."
Sahib maintains that Brave's approach is better because Signal's reliance on the Windows DRM flag disables all screenshots, including those taken by accessibility software like screen readers. Brave, on the other hand, only blocks browser screenshots initiated by Recall.
Redmond on Tuesday doubled down on its AI shoulder-surfing gambit by [15]introducing Copilot Vision , an opt-in extension of Recall that streams captured screenshots back to Microsoft's servers, where user activity data can be processed by more capable AI models.
"We currently don't have plans regarding Copilot Vision but are looking into this," a spokesperson for Brave told The Register . "We prioritized blocking Recall because it had a history of bad security and privacy decisions."
Brave 1.81 is [16]scheduled to be released on August 5, 2025. ®
Get our [17]Tech Resources
[1] https://www.theregister.com/2024/05/21/qualcomm_windows_microsoft/
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/personaltech&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aIZNPNJAbqbT_UXxyh41GwAAAI0&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://www.theregister.com/2024/05/22/windows_recall/
[4] https://www.theregister.com/2024/06/04/microsoft_analysts_recall/
[5] https://www.theregister.com/2024/09/27/microsoft_has_some_thoughts_about/
[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/personaltech&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aIZNPNJAbqbT_UXxyh41GwAAAI0&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/personaltech&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aIZNPNJAbqbT_UXxyh41GwAAAI0&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[8] https://blogs.windows.com/windows-insider/2025/04/10/releasing-windows-11-build-26100-3902-to-the-release-preview-channel/
[9] https://blogs.windows.com/windowsexperience/2025/04/25/copilot-pcs-are-the-most-performant-windows-pcs-ever-built-now-with-more-ai-features-that-empower-you-every-day/
[10] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/personaltech&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aIZNPNJAbqbT_UXxyh41GwAAAI0&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[11] https://github.com/brave/brave-browser/issues/46284
[12] https://brave.com/privacy-updates/35-block-recall/
[13] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/personaltech&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aIZNPNJAbqbT_UXxyh41GwAAAI0&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[14] https://signal.org/blog/signal-doesnt-recall/
[15] https://www.theregister.com/2025/07/23/microsoft_copilot_vision/
[16] https://github.com/brave/brave-browser/wiki/Brave-Release-Schedule
[17] https://whitepapers.theregister.com/
Re: Ludicrous
A decent company like BT, Southern Water (or Any Water), countless other UK ones?
Re: Ludicrous
Twats, and no doubt about it, but they're not in the same league as the sinister US big tech companies.
Re: UK not in the same league
I don't know about that: the YT stories of BBC license enforcers banging on your door with a "search warrant" for your TV sounds rather 1984 to me...
Re: UK not in the same league
I don't know about that: the YT stories of BBC license enforcers banging on your door with a "search warrant" for your TV sounds rather 1984 to me...
This is the problem with Totalitarian Recall. Currently the Bbc News site constantly nags for an email signup. There's no real need for this, but could allow the Bbc to correlate email to iPlayer usage and then prosecute. Recall could allow the Bbc to demand all users who've had iPlayer usage screenshotted, correlate with their licence database and prosecute.
It has huge privacy implications for a 'feature' that nobody apart from MS and their data rapists actually want or need.
Re: UK not in the same league
Yep. When my wife and I gave up the TV license and no longer paid the first thing my wife insisted on was everyone in the house deleting their BBC logins and removing iPlayer wherever possible. Smart cookie and a non-techie.
Re: Ludicrous
Thats where they learnt their craft.
Re: Ludicrous
It happened way before Anti-virus, Microsoft has been at this for decades. Common Microsoft related slogans:
Embrace, Extend, Extinguish
Windows is not done until WordPerfect won't run!
Important court cases:
Microdoft Vs Novell over DR DOS
Missed opportunities:
The antitrust case presided over by Judge Jackson, where Microsoft was not broken up (to separate Windows and Office into separate companies)
Re: Ludicrous
Oh, and US companies are required BY LAW to "maximise shareholder value" so they so not get shareholder lawsuits AKA screw everyone else, make money at all costs, if there are law but the profits for breaking them are higher than the penalties then they break the laws.... I never trust a US company to put ethics above profits
Re: Ludicrous
> US companies are required BY LAW to "maximise shareholder value"
That's a myth:
https://financefacts101.com/maximizing-shareholder-value-unraveling-the-myth-and-factors-influencing-it/
Re: Ludicrous
It may be a myth that they are legaly obliged to maximise shareholder value, but they certainly act as though it is a requirement.
Brave rocks. Told you...
AI BS
FO
Thank you Brave !
Thank you for standing up to the industry that is endlessly trying to milk our private lives under any excuse they can find.
You don't remember what site you were on when you saw those shoes ? Too bad. Live with it.
"Signal Desktop for Windows 11 includes a default Screen Security setting that tells the operating system that messages are protected with digital rights management (DRM), thereby blocking any and all screenshots from being taken - including the automated screenshots Recall uses."
The lesson learned here is that copyright is stronger than privacy.
Hey, Microsoft, remember that _I_ have implicit copyright in everything that I write, including this comment.
Microsoft and every AI company are laughing at you.
Recall is opt in (for now) but i am willing to bet a months wages that won't stay like that forever when MS realises no one is actually using their shiny shiny AI tool, so make it opt out.
Just like co-pilot was opt-in for Office 365. But since so few people were rightly not getting in, Microsoft made it opt-out.
Recall is "opt-in" for about an hour. then it 'accidentally' turns itself back on due to 'bugs'.
It literally waits until your internet connection is idle and starts PUMPING data to microsoft's new $50 billion data storage centre in the US. No-one spends 50 BILLION USD on a data storage point thats NOT hooked into sharepoint or any other microsoft product except recall, unless its going to generate profits down the line.
The centre was built with the express purpose of saving blackmail material to use against future company bosses, politicians and presidents across the world.
The encryption they used has multiple known backdoors, so the data can be decrypted on a whim. There's essentially zero anonymization of what data belongs to who.
Their TCs state THEY will store data only for the short-term, but further down buried in legalese, MICROSOFT alone gets to decide arbitrarily what the definition of 'short-term' is.
So if they want to keep your data for 10,000years they can.
searching what you've seen..
Ok, I don't want anyone - least of all ****ing microsoft - recording my screen, but I'd love a browser search engine on "what I've seen". You know for those articles and links that you know you've seen some time over the last four months but can't remember where..
Re: searching what you've seen..
Mozilla based browser
From the main meu bar: Go>History
Maybe not a complete search but a good start. Local. Delate as required.
Re: searching what you've seen..
I thought all browsers offered a history search. In Brave, Command-Y (or your OS's equivalent) opens history, and there click the "search history" icon. It only searches the text of page titles, not page content text. If you're looking for the latter, I don't know of a privacy-respecting way to do that today.
Who TF wan't this recall crap?
Microsoft, obviously.
"wants"
Thanks auto correct, always so useful.
This is one of the reasons why I have left Microsoft Windows...I don't hate all their apps but I am done with the operating system and its been a breath of fresh air moving to Linux.
I predict an exodus users will go to Linux or Mac OS (until Apple admit they are spying on people as well) and Linux is very accessible now combined with Warp Terminal for example makes using and administering (and learning) less painful I can get Warp to document what is done so I can repeat the steps (and learn) in the future as well as automate stuff with bash scripts so adios Windows thank you for the memories had some good times thankful for the career I got from this OS but I am well and truly done.
Ludicrous
It's deja vu all over here: Microsoft kickstarting another industry to cope with its deficiencies and behaviour. First it was anti-virus, then anti-spy, now it's anti-AI.
Wouldn't it be nice if they actually just behaved like a decent company?
No, wait, it's a US company. Forget I asked.