Microsoft 365 Message Center Archive

MC1181998 - Microsoft Purview | Data Loss Prevention for Microsoft 365 Copilot to safeguard prompts

Message ID

MC1181998

View in Message Center

Service

Microsoft Purview

Last Updated

Nov 12, 2025

Published Oct 31, 2025

Tag

Major change
Updated message
New feature
User impact
Admin impact

Roadmap ID

515945

View in M365 Roadmap

Platforms

Web

Summary

Microsoft Purview Data Loss Prevention (DLP) is expanding to support Microsoft 365 Copilot, preventing sensitive data in prompts from being used or returned in responses. Public preview starts mid-November 2025; general availability begins late March 2026. Admins can configure DLP policies via the Purview portal.

More information

Updated November 12, 2025: We have updated the content. Thank you for your patience.

Introduction:

We are expanding Microsoft Purview Data Loss Prevention (DLP) to support Microsoft 365 Copilot, helping organizations safeguard prompts that contain sensitive data. This real-time control helps mitigate data leakage and oversharing risks by preventing Microsoft 365 Copilot—including pre-built agents—from returning a response or using sensitive data for grounding in Microsoft 365 or the web.

This message is associated with Microsoft 365 Roadmap ID 515945.

When this will happen:

  • Public Preview: We will begin rolling out in mid-November 2025 and expect to complete by late December 2025.
  • General Availability (Worldwide): We will begin rolling out in late March 2026 and expect to complete by late April 2026.

How this affects your organization:

Who is affected:

  • Microsoft tenants with access to Microsoft 365 Copilot (free and paid), including E1, E3, and E5 license holders.
  • Admins managing Microsoft Purview DLP policies for Microsoft 365 Copilot.
Note: Licensing rollout will complete by December 2025. By then, all tenants will have access to this feature regardless of license tier.

What will happen:

  • Admins can configure DLP policies in the Microsoft Purview portal to restrict Copilot from processing prompts containing selected sensitive information types (SITs), including default and custom SITs.
  • Prompts containing sensitive data will not receive Copilot responses and will not be used for external web search or internal Microsoft Graph grounding.
  • By default, a DLP for Copilot policy to safeguard prompts are available in simulation mode. Admins can configure this default policy from the Purview portal or the Microsoft Admin Center. You can learn more about the Microsoft Admin Center experience in Message Center post MC1182689.

    Screenshot 1

    user settings

    Screenshot 2

     user settings

    Important: At this time, DLP for Copilot policies do not support enforcement based on sensitive information types (SITs). Hence, no users will be impacted under SIT-based conditions. Admins need to create a new policy to enforce DLP for Copilot prompt based on SIT.

What you can do to prepare:

  • This feature will be available automatically by the specified date with no admin action required.
  • Admins can opt-in to use the feature by setting up a new policy. Review your current configuration to assess the impact on your organization.
  • To edit or view a DLP for Microsoft 365 Copilot policy, an admin account needs to be a member of a required role group. Data Security AI admins are also able to edit a DLP for Microsoft 365 Copilot policy.
  • You may want to notify your users or admins about this change and update your relevant documentation.

Learn more: