Domain 1 of 3 · Chapter 2 of 4

Data Privacy and Protection in Copilot

Unlock the complete study guide + 1,040 practice questions across 16 full exams.

Bundled into the existing Microsoft Certified: AI Business Professional premium course — no separate purchase.

Included in this chapter:

  • What stays inside the boundary, and what never trains the model
  • Copilot inherits your permissions, so oversharing leaks through it
  • Sensitivity labels and their rights ride along to the output
  • Recognizing the exam pattern and mitigating sensitive-data risk

What protects Copilot data, and what each control is for

ControlWhat it doesWhat it does NOT doWho relies on it
Service boundary + no-training commitmentKeeps prompts, retrieved data, and responses inside Microsoft 365; excludes them from foundation-model trainingDecide which items you may seeEvery grounded Copilot interaction
Identity + permissions (inherited)Limits Copilot to content the signed-in user has at least view access toFix sites that are already oversharedEach user's results, per request
Sensitivity labels + encryption rightsHonors usage rights (EXTRACT to copy) and carries the highest-priority label onto outputRestrict access if no label or encryption is appliedLabeled, encrypted documents
Restricted SharePoint SearchTemporarily narrows which SharePoint sites Copilot can read to an allowed listAct as a security boundary or change site permissionsAdmins remediating oversharing (short-term)

Decision tree

Is the answer groundedin your work data?Bing web queryseparate terms; notin EU Data BoundaryNo (web)Do you have viewpermission on the item?Yes (work)Not surfacedCopilot never exceedsyour permissionsNoItem labeled andencrypted?YesSurfaced + protectedstays in service boundary;never trains the modelNoDo you hold theEXTRACT (copy) right?YesContent withheldlabel rights block the copy;Copilot won't return its textNoReturned with top labeloutput inherits highest-priority(most restrictive) source labelYesAlways: don't paste regulateddata into a prompt it doesn't need

Cheat sheet

  • Your prompts and work data never train the foundation models
  • Prompts, retrieved data, and responses stay in the Microsoft 365 service boundary
  • Copilot only surfaces content the signed-in user can already open
  • Oversharing leaks through Copilot because Copilot inherits loose permissions
  • Restricted SharePoint Search is a temporary stopgap, not a security boundary
  • Copilot honors sensitivity-label usage rights, returning encrypted content only with the copy right
  • Copilot output inherits the highest-priority (most restrictive) source label
  • Separate what Copilot CAN access from what SHOULD be surfaced
  • Don't paste regulated or sensitive data into a prompt that doesn't need it
  • Copilot is covered by GDPR and, for EU users, the EU Data Boundary
  • Web search queries leave the work boundary and aren't covered by the EU Data Boundary
  • Copilot interactions are stored, encrypted, and governable like other Microsoft 365 data
  • Data protection governs access and privacy, not whether the answer is correct
  • Copilot output carries no protection once you redistribute it
  • A Purview DLP policy can stop Copilot from processing labeled content

Unlock with Premium — includes all practice exams and the complete study guide.

Also tested in

References

  1. https://learn.microsoft.com/en-us/compliance/regulatory/gdpr
  2. https://learn.microsoft.com/en-us/privacy/eudb/eu-data-boundary-learn
  3. https://learn.microsoft.com/en-us/microsoft-365/copilot/enterprise-data-protection
  4. https://learn.microsoft.com/en-us/microsoft-365/copilot/microsoft-365-copilot-privacy
  5. https://learn.microsoft.com/en-us/sharepoint/restricted-sharepoint-search
  6. https://learn.microsoft.com/en-us/purview/sensitivity-labels