Services
Summary
Starting mid-May 2026, Microsoft Purview eDiscovery will restrict the use of +, -, =, @, /, and * in naming and description fields for cases, holds, searches, and review sets. Existing entities remain unaffected unless edited, which will trigger validation. No admin action is required, but user communication is recommended.
Details
Introduction
We’re making a change to the characters allowed in naming and description fields across Microsoft Purview eDiscovery. As part of ongoing security hardening efforts, this update strengthens input validation for eDiscovery cases, holds, searches, and review sets to improve service resilience and reliability.
When this will happen:
General Availability (Production, GCC, GCC High, DoD): This change will begin rolling out in mid-May 2026 and is expected to be completed by late May 2026.
How this affects your organization:
Who is affected:
Organizations with users or administrators who create or manage Microsoft Purview eDiscovery:
- Cases
- Holds
- Searches
- Review sets
What will happen:
- Beginning May 15th, 2026, the following special characters will no longer be permitted in naming or description fields when creating or editing:
- + (plus sign)
- - (hyphen)
- = (equals sign)
- @ (at sign)
- / (forward slash)
- * (asterisk)
- This restriction applies to:
- Case name and description
- Hold policy name and description
- Search name and description
- Review set name and description
- Existing entities are not affected.
- Cases, holds, searches, and review sets that already contain these characters will continue to function normally.
- Editing triggers enforcement:
- If a user edits an existing entity that contains a restricted character in the name or description, they will see a validation message prompting them to update the value before saving.
- The original name and description are preserved until the user chooses to make changes.
- New entities are enforced immediately:
- Any newly created case, hold, search, or review set must not contain restricted characters in name or description fields.
What you can do to prepare:
No admin action is required to enable this change. However, we recommend the following:
- Inform your eDiscovery users that the characters + - = @ / and * will no longer be accepted in entity names and descriptions.
- Review and update existing naming conventions or templates that include these characters.
- Update internal documentation or guidance for eDiscovery naming standards.
- Communicate this change to helpdesk and compliance teams to prepare for validation messages when editing existing entities.
Learn about eDiscovery (Premium) | Microsoft Learn
No data loss will occur. Existing entities retain their current names and continue to function. Enforcement applies only at the time of creation or editing.
Compliance considerations:
No compliance considerations identified, review as appropriate for your organization.