New inline protection controls for AI apps in Microsoft Edge for Business will be introduced in Microsoft Purview Data Loss Prevention (DLP). This feature, available from April 2025, will prevent data leakage when interacting with sensitive data in the browser. Admins can block sensitive prompts in AI apps like ChatGPT, Google Gemini, and DeepSeek. No action is required before the rollout.
Coming soon for Microsoft Purview | Data Loss Prevention (DLP): We will introduce new inline protection capabilities for Microsoft Edge for Business that prevent data leakage for the various ways that users interact with sensitive data in the browser, including typing text directly into a web application or sending a prompt to a generative AI app. Inline protection is built natively into Edge for Business, meaning it can be enabled even without deploying Endpoint DLP, and the inline protection complements existing Endpoint DLP protections for uploading or pasting sensitive content to the browser. This capability will be available starting with several top consumer generative AI apps (ChatGPT, Google Gemini, and DeepSeek), and will expand to support a growing list of unmanaged apps over time.
Learn more in our blog: Building layered protection: New Microsoft Purview data security controls for the browser & network | Microsoft Community Hub
This message is associated with Microsoft 365 Roadmap ID 486368.
When this will happen:
Public Preview: We will begin rolling out early April 2025 and expect to complete by late April 2025.
We will update this message when the plan for General Availability is finalized.
How this will affect your organization:
After this rollout, admins can block prompts typed by users containing sensitive data, starting with ChatGPT, Google Gemini, and DeepSeek. Inline protection can also leverage Adaptive Protection policy conditions for activities in generative AI apps. This rollout enables data security admins to tailor the level of enforcement to the risk level of the user interacting with the data, minimizing disruption to day-to-day AI usage.
This change will be available by default for Admins to configure in Purview. Features aren't activated by default.
What you need to do to prepare:
This rollout will happen automatically by the specified dates with no admin action required before the rollout. Review your current configuration to assess the impact on your organization. We recommended informing Security admins and Edge admins at your organization about this change to DLP features. You may want to update any relevant documentation.