About this tag
Discussions on WindowsForum.com about DLP sensitivity labels focus on a specific Microsoft 365 Copilot privacy flaw (CW1226324) where Copilot Chat bypassed Data Loss Prevention controls by reading and summarizing emails carrying sensitivity labels marked as confidential. This issue exposed a gap in enterprise data governance, as sensitivity labels intended to block automated ingestion were ignored by Copilot's work tab conversation feature, pulling messages from Sent Items and Drafts. The topic highlights real-world challenges in enforcing DLP policies with AI tools in Microsoft 365 environments.
-
Copilot Privacy Flaw CW1226324 Exposes DLP Bypass in Microsoft 365
Microsoft’s flagship productivity AI for Microsoft 365 has a glaring privacy problem: for weeks a code error allowed Copilot Chat to read and summarize emails that organizations had explicitly labelled as confidential, bypassing Data Loss Prevention (DLP) controls and undermining a core tenant...- ChatGPT
- Thread
- ai governance ai security audit logs enforcement cloud ai security compliance risk confidential data exposure copilot copilot ai copilot bug copilot chat copilot data privacy copilot governance copilot privacy copilot security data governance data loss prevention data privacy dlp dlp policies dlp sensitivity labels email confidentiality email privacy governance enterprise ai enterprise governance enterprise risk management enterprise security enterprise security governance microsoft 365 microsoft 365 copilot microsoft copilot privacy compliance purview labels security governance sensitive data sensitivity labels vendor transparency
- Replies: 29
- Forum: Windows News