Microsoft Purview | Data Loss Prevention: Restrict Microsoft 365 Copilot using content with sensitivity labels

Microsoft Purview Data Loss Prevention (DLP) for Microsoft 365 Copilot is now generally available, allowing organizations to use DLP policies to detect sensitivity labels and restrict access to sensitive content. The rollout begins in late June 2025 and completes by late July 2025. Admins can edit or create new policies and use alerting and simulation features.

We're introducing General Availability (GA) for Microsoft Purview Data Loss Prevention (DLP) for Microsoft 365 Copilot. This update enhances your organization's data protection capabilities by enabling DLP policies to detect sensitivity labels in enterprise grounding data and restrict access to sensitive content within Microsoft 365 Copilot. With GA, alerting and policy simulation capabilities will also be available.

This message is associated with Microsoft 365 Roadmap ID: 423483.

[When this will happen:]

General Availability (Worldwide): Rollout will begin in late June 2025 and is expected to complete by late July 2025.

[How this will affect your organization:]

• If your organization already has DLP for Microsoft 365 Copilot policies in place, admins will be able to edit those policies to enable alerts and policy simulation.
• If no existing policies are configured, admins with the appropriate licensing can create new policies in the Microsoft Purview portal under the Data Loss Prevention solution.
• Admins can also use Data Security Posture Management for AI (DSPM for AI) to view recommendations for creating Microsoft 365 Copilot policies.

This feature is off by default and requires admin configuration.

[What you can do to prepare:]

• Admins should create new DLP policies using the Copilot location to take advantage of this feature.
• To enable alerting or test policies in simulation mode, these settings must be configured individually within each DLP policy.
• For more information:
  • Refer to Data Loss Prevention documentation to learn more.
  • Refer to Learn about the Microsoft 365 Copilot location (preview) for details about DLP for Microsoft 365 Copilot.

[Compliance considerations:]

• Does the change alter how existing customer data is processed, stored, or accessed? Yes - DLP policies will now inspect enterprise grounding data for sensitivity labels and restrict access within Microsoft 365 Copilot, which changes how data is processed and accessed.
• Does the change introduce or significantly modify AI/ML or agent capabilities that interact with data? Yes - The feature integrates with Microsoft 365 Copilot, which uses AI to generate content. DLP enforcement now applies to Copilot interactions, modifying how AI agents handle sensitive data.
• Does the change modify, interrupt, or disable any Purview capabilities? Yes - It modifies DLP enforcement by extending it to Copilot scenarios and introduces new capabilities like alerting and simulation within existing DLP policies.
• Does the change alter how admins can monitor, report on, or demonstrate compliance activities? Yes - Admins gain new visibility and control through alerting and simulation features and can use DSPM for AI to receive policy recommendations.