Microsoft Expands Purview Protections to Block Copilot From Analyzing Confidential Files

Microsoft is preparing an update to Microsoft Purview that will strengthen protections for confidential documents across Copilot, AI-powered services, and Microsoft 365 applications.

According to a recent Microsoft 365 Message Center notification (MC1297982), the company is expanding how Purview sensitivity labels are enforced, helping organizations prevent protected files from being analyzed by AI tools and connected experiences.

How Purview Sensitivity Labels Protect Data

Purview sensitivity labels allow organizations to classify and secure sensitive content. Companies often use these labels to mark documents as Confidential, Highly Confidential, or other internal classifications. Labels can also apply encryption, restrict access permissions, and add visual indicators such as watermarks and headers to remind users that the content requires special handling.

Until now, organizations could apply sensitivity labels to files, but some connected experiences and AI-powered services could still process or analyze the content under certain circumstances. This created concerns for companies that rely on data loss prevention (DLP) policies and strict compliance requirements, especially as AI tools become more deeply integrated into workplace productivity workflows.

Expanded Restrictions for Copilot and AI Services

With the upcoming change, Microsoft will enforce an existing Purview sensitivity label setting more consistently across connected services. As a result, files protected by the relevant sensitivity label configuration will be blocked from use in Copilot and other AI-powered experiences.

The updated behavior will also extend to core Microsoft 365 applications, including Word, Excel, and PowerPoint. Organizations that already use the applicable sensitivity label settings will not need to take any action for existing documents. Protected files will automatically receive the enhanced safeguards once the rollout reaches their tenant.

What Organizations Need to Know

Microsoft is encouraging IT administrators to prepare for the change by informing helpdesk staff and compliance teams, reviewing sensitivity label configurations, and updating internal documentation where necessary. The company notes that users may notice differences in how protected files interact with AI and connected experiences after the update becomes available.

The rollout will apply only to commercial customers who have a Microsoft Purview license. Microsoft plans to release the update in phases, with general availability expected to be completed by the end of next month.

The change reflects Microsoft’s broader effort to strengthen enterprise data protection as organizations increasingly adopt AI-powered productivity tools while maintaining compliance and security requirements.

In other Microsoft news, the company recently made Copilot Cowork available to all Microsoft 365 users and addressed the Copilot SearchLeak vulnerability.

Via Neowin