The bot couldn't keep its prying eyes away. Microsoft 365 Copilot Chat has been summarizing emails labeled “confidential” even when data loss prevention policies were configured to prevent it.

Though there are data sensitivity labels and data loss prevention policies in place for email, Copilot has been ignoring those and talking about secret stuff in the Copilot Chat tab. It's just this sort of scenario that has led [1]72 percent of S&P 500 companies to cite AI as a material risk in regulatory filings.

Redmond, earlier this month, acknowledged the problem in a notice to Office admins that's tracked as [2]CW1226324 , as reposted by the UK's National Health Service support portal. Customers are [3]said to have reported the problem on January 21, 2026.

[4]

"Users' email messages with a confidential label applied are being incorrectly processed by Microsoft 365 Copilot chat," the notice says. "The Microsoft 365 Copilot 'work tab' Chat is summarizing email messages even though these email messages have a sensitivity label applied and a DLP policy is configured."

[5]

[6]

Microsoft [7]explains that sensitivity labels can be applied manually or automatically to files as a way to comply with organizational information security policies. These labels may function differently in different applications, the company says.

[8]Gemini lies to user about health info, says it wanted to make him feel better

[9]Amazon's $200 billion capex plan: How I learned to stop worrying and love negative free cash flow

[10]Texas sues TP-Link over China links and security vulnerabilities

[11]Your AI-generated password isn't random, it just looks that way

The software giant's documentation makes clear that these labels do not function in a consistent way.

"Although content with the configured sensitivity label will be excluded from Microsoft 365 Copilot in the named Office apps, the content remains available to Microsoft 365 Copilot for other scenarios," the documentation [12]explains . "For example, in Teams, and in Microsoft 365 Copilot Chat."

DLP, implemented through applications like Microsoft Purview, is supposed to provide policy support to prevent data loss.

[13]

"DLP monitors and protects against oversharing in enterprise apps and on devices," Microsoft [14]explains . "It targets Microsoft 365 locations, like Exchange and SharePoint, and locations you add, like on-premises file shares, endpoint devices, and non-Microsoft cloud apps."

In theory, DLP policies should be able to affect Microsoft 365 Copilot and Copilot Chat. But that hasn't been happening in this instance.

The root cause is said to be "a code issue [that] is allowing items in the sent items and draft folders to be picked up by Copilot even though confidential labels are set in place."

[15]

Microsoft did not immediately respond to a request for comment. The notice says the company is in the process of remediating the issue and is contacting affected customers to check on the effectiveness of the fix. A remediation timeline is planned at some point. ®

Get our [16]Tech Resources



[1] https://www.conference-board.org/press/AI-risks-disclosure-2025

[2] https://support.nhs.net/2026/02/microsoft-365-alert-service-degradation-power-bi-users-pipelines-associated-with-dataflow-gen2-refreshes-in-microsoft-fabric-show-activity-status-as-failed-2/

[3] https://office365itpros.com/2026/02/13/dlp-policy-for-copilot-bug/

[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aZZEisf-Pt9WePe5SnYuSgAAAAM&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0

[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aZZEisf-Pt9WePe5SnYuSgAAAAM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aZZEisf-Pt9WePe5SnYuSgAAAAM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[7] https://support.microsoft.com/en-us/office/apply-sensitivity-labels-to-your-files-2f96e7cd-d5a4-403b-8bd7-4cc636bae0f9

[8] https://www.theregister.com/2026/02/17/google_gemini_lie_placate_user/

[9] https://www.theregister.com/2026/02/17/amazons_200_billion_capex_plan/

[10] https://www.theregister.com/2026/02/18/texas_sues_tplink_over_china/

[11] https://www.theregister.com/2026/02/18/generating_passwords_with_llms/

[12] https://learn.microsoft.com/en-us/purview/sensitivity-labels-office-apps?view=o365-worldwide#prevent-some-connected-experiences-that-analyze-content

[13] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aZZEisf-Pt9WePe5SnYuSgAAAAM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[14] https://learn.microsoft.com/en-us/purview/dlp-learn-about-dlp

[15] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aZZEisf-Pt9WePe5SnYuSgAAAAM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[16] https://whitepapers.theregister.com/