Services
Affected Platforms
Summary
Microsoft Purview Data Loss Prevention will add inline protection in Microsoft Edge for Business to prevent sensitive data leaks when interacting with AI apps like ChatGPT, Google Gemini, and DeepSeek. Rolling out May to November 2025, admins can configure policies but no action is needed before rollout.
Details
Updated September 9, 2025: We have updated the timeline. Thank you for your patience.
Coming soon for Microsoft Purview | Data Loss Prevention (DLP): We will introduce new inline protection capabilities for Microsoft Edge for Business that prevent data leakage for the various ways that users interact with sensitive data in the browser, including typing text directly into a web application or sending a prompt to a generative AI app. Inline protection is built natively into Edge for Business, meaning it can be enabled even without deploying Endpoint DLP, and the inline protection complements existing Endpoint DLP protections for uploading or pasting sensitive content to the browser. This capability will be available starting with several top consumer generative AI apps (ChatGPT, Google Gemini, and DeepSeek), and will expand to support a growing list of unmanaged apps over time.
Learn more in our blog: Building layered protection: New Microsoft Purview data security controls for the browser & network | Microsoft Community Hub
This message is associated with Microsoft 365 Roadmap ID 486368.
When this will happen:
Public Preview: We will begin rolling out late May 2025 (previously early April) and expect to complete by late July 2025 (previously early June).
General Availability (Worldwide): We will begin rolling out early November 2025 and expect to complete by early November 2025.
How this will affect your organization:
After this rollout, admins can block prompts typed by users containing sensitive data, starting with ChatGPT, Google Gemini, and DeepSeek. Inline protection can also leverage Adaptive Protection policy conditions for activities in generative AI apps. This rollout enables data security admins to tailor the level of enforcement to the risk level of the user interacting with the data, minimizing disruption to day-to-day AI usage.
This change will be available by default for Admins to configure in Purview. Features aren't activated by default.
What you need to do to prepare:
This rollout will happen automatically by the specified dates with no admin action required before the rollout. Review your current configuration to assess the impact on your organization. We recommended informing Security admins and Edge admins at your organization about this change to DLP features. You may want to update any relevant documentation.