Brave Browser Blocks Microsoft Recall by Default, Citing Major User Privacy Concerns
Brave Software has decided to block the Windows Recall feature by default in its browser, citing the protection of user privacy as the driving force behind the move. This policy now applies to all Brave windows in nightly builds and will be rolled out to the stable release in the coming weeks.
Windows Recall was introduced by Microsoft as a tool capable of capturing screenshots of active windows every few seconds and analyzing their contents using natural language processing algorithms. The intention was to offer users a seamless way to retrieve information about past activities on their systems. However, from the moment of its announcement, Recall has been at the center of fierce criticism due to the potential exposure of sensitive data — including passwords, private conversations, medical records, and financial documents.
In response to the backlash, Microsoft introduced a developer option to block Recall from capturing screenshots of certain applications. The company also enhanced the security of stored captures through Windows Hello Enhanced Sign-in Security (ESS), which mandates biometric authentication.
Brave, however, opted not to rely on user configuration and instead implemented an automatic restriction on screenshot capture within its browser. In the company’s announcement, it emphasized that storing a comprehensive visual history of user activity poses a serious threat, particularly in contexts where heightened privacy is critical — such as in cases involving domestic abuse. As a result, the browser will actively prevent any visual capture of its tabs.
Technically, the block is enforced through the Windows API — the development team leveraged the SetInputScope function with the IS_PRIVATE parameter. This flags to the operating system that the window’s contents are off-limits for capture or indexing by Recall. Microsoft’s own documentation recommends this method specifically for browsers, to prevent the retention of web browsing histories.
The change has been implemented at the renderer_widget_host_view component level, ensuring comprehensive protection across all Brave windows. For users who wish to use Recall regardless, the restriction can be manually disabled through the browser’s settings.
This is not the first instance of software developers taking similar action. In May, the encrypted messaging app Signal also blocked screenshot capture by Recall, using a DRM flag for digital rights management. However, this approach proved incompatible with certain accessibility tools, prompting Signal to offer users a choice — allowing them to enable or disable the protection based on individual needs.
The evolving debate over Recall underscores a growing tension between privacy-focused software developers and Microsoft’s push to integrate new system-level features. Brave’s decision signals that the battle for digital privacy will increasingly play out in the realm of low-level APIs and system governance.
