Interesting phrasing. Not "Recall does not upload any data it captures". Just not"to the cloud". Could Microsoft upload it to some of their servers, but just not to ones that are generally accessible? Maybe to run AI on the images to see which ads you would "enjoy"? Or to the NSA? See, that's not "the Cloud". I also didn't see anywhere in that list of controls in Recall the option to not do it at all and save nothing. Not merely having some apps turned off or some webpages turned off. Save nothing! If I want a screenshot I can hit print screen and save the image myself.
Microsoft designed Recall to act as “end-to-end encrypted” to prevent malware, or even Microsoft itself, from accessing Recall files. In addition, all of Recall’s data remains on the user’s PC, and is never sent to the company.
the first time you go to enable Recall, you actually have to biometrically prove that you’re the logged-in user,” [Microsoft VP for Security David] Weston adds in Windows Hello, the company’s login method that requires a fingerprint or facial scan.
Redmond further tightened the security by moving Recall’s encryption keys and the screenshot data out of the Windows 11 OS to the security-focused TPM chip. “All of the information done around this is done in a separate virtual machine," Weston says. "What that means is even in the event you got malware, your main system was compromised, that encrypted information never touches the main system."
- https://www.pcmag.com/news/microsoft-finally-launches-its-controversial-recall-feature
Now tell us about the NSA's secret access to this. Recall is a feature no one was asking for.