M365 Archive
Back to latest version
You're viewing a historical snapshot from Oct 31, 2025. This is not the latest version.

Metadata at Oct 31, 2025

Message ID

MC1181998

View in Message Center

Published

Oct 31, 2025

Service

Microsoft Purview

Tag

Major change
New feature
User impact
Admin impact

Roadmap ID

515945

View roadmap details

Platforms

Web
View the latest version See what changed since this version

MC1181998 - Microsoft Purview | Data Loss Prevention for Microsoft 365 Copilot to safeguard prompts

Message Center

What changed since this version

removed textadded text

Updated November 12, 2025: We have updated the content. Thank you for your patience.

Introduction:

We are expanding Microsoft Purview Data Loss Prevention (DLP) to support Microsoft 365 Copilot, helping organizations safeguard prompts that contain sensitive data. This real-time control helps mitigate data leakage and oversharing risks by preventing Microsoft 365 Copilot—including pre-built agents—from returning a response or using sensitive data for grounding in Microsoft 365 or the web.

This message is associated with Microsoft 365 Roadmap ID 515945.

When this will happen:

  • Public Preview: We will begin rolling out in mid-November 2025 and expect to complete by late December 2025.
  • General Availability (Worldwide): We will begin rolling out in late March 2026 and expect to complete by late April 2026.

How this affects your organization:

Who is affected:

  • Microsoft tenants with access to Microsoft 365 Copilot (free and paid), including E1, E3, and E5 license holders.
  • Admins managing Microsoft Purview DLP policies for Microsoft 365 Copilot.
Note: Licensing rollout will complete by December 2025. By then, all tenants will have access to this feature regardless of license tier.

What will happen:

  • Admins can configure DLP policies in the Microsoft Purview portal to restrict Copilot from processing prompts containing selected sensitive information types (SITs), including default and custom SITs.
  • Prompts containing sensitive data will not receive Copilot responses and will not be used for external web search or internal Microsoft Graph grounding.
  • By default, a DLP for Copilot policy to safeguard prompts are available in simulation mode. Admins can also view DLPconfigure this default policy recommendations forfrom the Purview portal or the Microsoft 365 CopilotAdmin Center. You can learn more about the Microsoft Admin Center experience in Data Security Posture Management: Message Center post MC1182689.

    Screenshot 1

    user settings

    Screenshot 2

     user settings

    Important: At this time, DLP for Copilot policies do not support enforcement based on sensitive information types (SITs). Hence, no users will be impacted under SIT-based conditions. Admins need to create a new policy to enforce DLP for Copilot prompt based on SIT.

What you can do to prepare:

  • This feature will be available automatically by the specified date with no admin action required.
  • Admins can opt-in to use the feature by setting up a new policy. Review your current configuration to assess the impact on your organization.
  • To edit or view a DLP for Microsoft 365 Copilot policy, an admin account needs to be a member of a required role group. Data Security AI admins are also able to edit a DLP for Microsoft 365 Copilot policy.
  • You may want to notify your users or admins about this change and update your relevant documentation.

Learn more: 


Snapshot from Oct 31, 2025

Introduction:

We are expanding Microsoft Purview Data Loss Prevention (DLP) to support Microsoft 365 Copilot, helping organizations safeguard prompts that contain sensitive data. This real-time control helps mitigate data leakage and oversharing risks by preventing Microsoft 365 Copilot—including pre-built agents—from returning a response or using sensitive data for grounding in Microsoft 365 or the web.

This message is associated with Microsoft 365 Roadmap ID 515945.

When this will happen:

  • Public Preview: We will begin rolling out in mid-November 2025 and expect to complete by late December 2025.
  • General Availability (Worldwide): We will begin rolling out in late March 2026 and expect to complete by late April 2026.

How this affects your organization:

Who is affected:

  • Microsoft tenants with access to Microsoft 365 Copilot (free and paid), including E1, E3, and E5 license holders.
  • Admins managing Microsoft Purview DLP policies for Microsoft 365 Copilot.
Note: Licensing rollout will complete by December 2025. By then, all tenants will have access to this feature regardless of license tier.

What will happen:

  • Admins can configure DLP policies in the Microsoft Purview portal to restrict Copilot from processing prompts containing selected sensitive information types (SITs), including default and custom SITs.
  • Prompts containing sensitive data will not receive Copilot responses and will not be used for external web search or internal Microsoft Graph grounding.
  • Admins can also view DLP policy recommendations for Microsoft 365 Copilot in Data Security Posture Management:

    Screenshot 1

    user settings

    Screenshot 2

     user settings

    Important: At this time, DLP for Copilot policies do not support enforcement based on sensitive information types (SITs). Hence, no users will be impacted under SIT-based conditions. Admins need to create a new policy to enforce DLP for Copilot prompt based on SIT.

What you can do to prepare:

  • This feature will be available automatically by the specified date with no admin action required.
  • Admins can opt-in to use the feature by setting up a new policy. Review your current configuration to assess the impact on your organization.
  • To edit or view a DLP for Microsoft 365 Copilot policy, an admin account needs to be a member of a required role group. Data Security AI admins are also able to edit a DLP for Microsoft 365 Copilot policy.
  • You may want to notify your users or admins about this change and update your relevant documentation.

Learn more: