Updated June 17, 2026: We have decided to pause rollout of this feature at this time. We will communicate via Message center when we are ready to proceed. Thank you for your patience.
Introduction
We’re making a change to the characters allowed in naming and description fields across Microsoft Purview eDiscovery. As part of ongoing security hardening efforts, this update strengthens input validation for eDiscovery cases, holds, searches, and review sets to improve service resilience and reliability.
When this will happen:
General Availability (Production, GCC, GCC High, DoD): We will communicate via Message center when we are ready to proceed.
How this affects your organization:
Who is affected:
Organizations with users or administrators who create or manage Microsoft Purview eDiscovery:
- Cases
- Holds
- Searches
- Review sets
What will happen:
- Beginning May 15th, 2026, the following special characters will no longer be permitted in naming or description fields when creating or editing:
- + (plus sign)
- = (equals sign)
- @ (at sign)
- / (forward slash)
- * (asterisk)
- This restriction applies to:
- Case name and description
- Hold policy name and description
- Search name and description
- Review set name and description
- Existing entities are not affected.
- Cases, holds, searches, and review sets that already contain these characters will continue to function normally.
- Editing triggers enforcement:
- If a user edits an existing entity's name or description (e.g., updating an eDiscovery case name) that contains a restricted character, they will see a validation message prompting them to remove the special character before saving. Note that this does not apply when an existing hold policy is being reapplied or when data sources are added to or removed from hold policies.
- The original name and description are preserved until the user chooses to make changes.
- New entities are enforced immediately:
- Any newly created case, hold, search, or review set must not contain restricted characters in name or description fields.
What you can do to prepare:
No admin action is required to enable this change. However, we recommend the following:
- Inform your eDiscovery users that the characters + = @ / and * will no longer be accepted in entity names and descriptions.
- Review and update existing naming conventions or templates that include these characters.
- Update internal documentation or guidance for eDiscovery naming standards.
- Communicate this change to helpdesk and compliance teams to prepare for validation messages when editing existing entities.
Learn about eDiscovery (Premium) | Microsoft Learn
No data loss will occur. Existing entities retain their current names and continue to function. Enforcement applies only at the time of creation or editing.
Compliance considerations:
No compliance considerations identified, review as appropriate for your organization.