You have Copilot enabled in Outlook, but it fails to summarize or reply to encrypted email threads. This happens because Copilot cannot decrypt or access encrypted message content. Microsoft 365 Message Encryption protects the email body and attachments, and Copilot currently has no permission to read that protected data. This article explains why Copilot is blocked, provides a step-by-step workaround to keep using Copilot with encrypted replies, and lists related limitations you should know.
Key Takeaways: Working Around Copilot’s Encrypted Email Block
- Outlook > Copilot pane > Encrypted messages: Copilot cannot read or process any message with Microsoft 365 Message Encryption applied.
- Outlook > New email > Encrypt button: If you reply encrypted, Copilot cannot read your reply either, breaking the thread continuity.
- Workaround method: Remove encryption from the reply before sending, or use a separate unencrypted summary message for Copilot to process.
Why Copilot Cannot Read Encrypted Email Replies
Microsoft 365 Message Encryption uses Azure Rights Management to encrypt the body and attachments of an email. Only recipients with the correct decryption key — usually based on their Microsoft 365 identity — can read the message. Copilot, as an AI service, does not hold decryption keys and cannot authenticate as a recipient. As a result, Copilot treats any encrypted message as inaccessible content.
When you reply to an encrypted email, Outlook automatically encrypts your reply if the original message was encrypted. This means Copilot cannot read the reply either. The Copilot pane will display a message like “Copilot can’t process this email because it contains encrypted content.”
This is a deliberate security boundary. Microsoft has not announced a change to allow Copilot to read encrypted messages. The workaround involves removing encryption from the reply or using a separate unencrypted thread for Copilot interactions.
Steps to Send a Reply That Copilot Can Read
Use one of the following methods to let Copilot process your reply to an encrypted email. Both methods require you to manually remove encryption from the reply or create a parallel unencrypted conversation.
Method 1: Remove Encryption from the Reply
This method works when the original encrypted email is not subject to a mandatory encryption policy. If your organization requires encryption on all replies, skip to Method 2.
- Open the encrypted email in Outlook
Click the encrypted message in your inbox. The Copilot pane will show it cannot process the email. - Click Reply or Reply All
Outlook opens a new message window with the original encrypted content quoted. - Locate the Encrypt button on the ribbon
In the new message window, go to the Options tab. The Encrypt button will be highlighted if encryption is applied to the reply. - Click Encrypt to disable encryption
Click the Encrypt button once. The highlight disappears, meaning encryption is removed from the reply. A banner may appear confirming encryption is off. - Compose your reply and send it
Write your response. The email will be sent without encryption. The recipient will receive an unencrypted message. Copilot can now see this email in the thread and process it.
After sending, Copilot in Outlook can summarize or draft replies based on your unencrypted message. Note that the original encrypted email remains inaccessible to Copilot, but your reply and any future unencrypted messages in the same thread will be readable.
Method 2: Create a Separate Unencrypted Summary Message
Use this method when your organization enforces mandatory encryption on replies to encrypted emails, or when you must keep the original reply encrypted for compliance reasons.
- Send your encrypted reply normally
Reply to the encrypted email as required by your policy. Copilot will not be able to read this reply. - Create a new email
In Outlook, click New Email. Do not use Reply or Reply All. - Add the same recipients
In the To field, add the same recipients from the original encrypted email. Optionally, add yourself as Bcc for record-keeping. - Write a plain-text summary of your reply
In the body, type a brief summary of what you said in the encrypted reply. For example: “I confirmed the meeting time and attached the agenda.” Do not include any confidential information. - Send the summary without encryption
Do not click Encrypt. Send the email as plain text. Copilot will see this unencrypted message and can use it to assist you in future Copilot actions.
This method keeps your original reply encrypted while giving Copilot a readable version of the conversation. The recipients will receive two emails: one encrypted reply and one plain-text summary. Make sure your recipients understand this process.
If Copilot Still Has Issues After the Workaround
Copilot Cannot See the Unencrypted Summary Email
Copilot in Outlook only processes emails that are in your mailbox for at least a few seconds. If you send the summary email and immediately try to use Copilot, it may not appear. Wait 30 seconds and refresh the Copilot pane by closing and reopening it.
Copilot Displays “Copilot can’t process this email” Even on Unencrypted Messages
This can happen if the thread contains a mix of encrypted and unencrypted emails. Copilot may try to read the entire thread and fail on the encrypted parts. Select only the unencrypted email in the thread by clicking it in the message list. The Copilot pane will then process that single email.
Organization Policy Blocks Removing Encryption
Some Microsoft 365 tenants enforce an automatic encryption rule via Exchange mail flow rules. If you cannot remove encryption in Method 1, check with your IT administrator. The rule may require an override or an exception. Method 2 is the only workaround in this case.
Copilot in Outlook: Encrypted vs Unencrypted Email Support
| Item | Encrypted Email | Unencrypted Email |
|---|---|---|
| Copilot summarization | Not available | Available |
| Copilot draft reply | Not available | Available |
| Copilot can read attachments | Not available | Available for supported file types |
| Copilot can read email body | Not available | Available |
| Workaround required | Yes | No |
This table shows the core difference: encrypted emails are completely opaque to Copilot. The workaround methods described above only apply to the reply, not to the original encrypted message. If you need Copilot to process the original email, request that the sender resend it without encryption.
Now you know two reliable ways to let Copilot in Outlook read your replies to encrypted emails. For daily use, Method 1 is faster if your policy allows removing encryption. For compliance-heavy environments, Method 2 keeps your reply encrypted while still enabling Copilot features. As a next step, test both methods with a non-critical encrypted email to confirm which one works in your tenant. If you frequently work with encrypted messages, consider setting up a Copilot-specific unencrypted thread for each project.