Services
Affected Platforms
Summary
Microsoft Purview Data Loss Prevention will soon restrict Microsoft 365 Copilot from processing emails labeled with sensitivity starting January 1, 2025. The feature rolls out June to September 2025, requires no Copilot license, and allows admins to create or extend DLP policies via the Purview portal automatically.
Details
Updated August 11, 2025: We have updated the timeline. Thank you for your patience.
Microsoft Purview Data Loss Prevention (DLP) will soon extend to preventing Microsoft 365 Copilot from processing emails with sensitivity labels. This feature will allow existing or new DLP policies to provide detection of sensitivity labels in emails as enterprise grounding data and restrict access of the labeled emails in Microsoft 365 Copilot chat experiences. This feature only works for emails sent on or after January 1, 2025.
The preview does not support alerts, audit records, and policy simulation.
A Microsoft 365 Copilot license is NOT required to access this feature.
This message is associated with Microsoft 365 Roadmap ID 489221.
When this will happen:
Public Preview: We will begin rolling out early June 2025 and expect to complete by late June 2025.
General Availability (Worldwide): We will begin rolling out late August 2025 (previously early August) and expect to complete by late September 2025 (previously late August).
How this will affect your organization:
Organizations with no existing DLP for Microsoft 365 Copilot policies are not impacted.
Customers with the required licenses will be able to go to the Microsoft Purview portal to create policies in the Data Loss Prevention solution. Admins can also go to Data Security Posture Management for AI (DSPM for AI) to see recommendations for creating Microsoft 365 Copilot policies.
Admins should create a new DLP policy using the Copilot location to use this feature:
This new feature will be available by default for admins to configure.
What you need to do to prepare:
This rollout will happen automatically by the specified dates with no admin action required before the rollout. Review your current configuration to assess the impact on your organization. If your tenant already created DLP policies at the Copilot location, the policies will automatically extend to include emails without admin action.
You may want to notify your users or admins about this change and update your relevant documentation.
Learn more
- Learn about data loss prevention | Microsoft Learn
- Learn about the Microsoft 365 Copilot location (preview) | Microsoft Learn for details about DLP for Microsoft 365 Copilot