How to Configure Sensitivity Labels to Block Copilot Access

Many organizations want to prevent Copilot from processing or generating content from highly confidential files. By default, Copilot can access any Microsoft 365 file that a user has permission to read. This creates a risk where sensitive data might appear in a Copilot response shared with others. Sensitivity labels in Microsoft Purview Information Protection can block Copilot from reading labeled documents. This article shows how to configure sensitivity labels to stop Copilot from accessing files with specific labels.

When a sensitivity label is set to block Copilot access, the Copilot service cannot read the content of that file. The label applies to files in SharePoint, OneDrive, and Teams. Users can still open and edit the file manually. Copilot simply cannot ingest the data for grounding or generation. This control works by setting a specific encryption or marking option on the label that the Microsoft 365 Copilot service checks before processing.

This guide covers the prerequisite permissions, the exact steps to create or modify a label, and the settings that enforce the Copilot block. You will also learn how to verify the configuration works and what happens when a user tries to use Copilot on a blocked file.

Why Copilot Can Access Sensitive Files by Default

Copilot operates on the principle of least privilege based on user permissions. If a user has read access to a file, Copilot can read that same file to generate responses. This behavior is by design and applies to all content in Microsoft 365 including Word documents, Excel spreadsheets, PowerPoint presentations, PDFs, and text files stored in SharePoint, OneDrive, or Teams channels.

When a user asks Copilot a question that requires data from a sensitive document, Copilot retrieves the content and includes it in the response. This can expose confidential information to users who should not see it. For example, a sales representative could ask Copilot to summarize the quarterly earnings report and receive data that is only meant for executives.

Sensitivity labels override this default behavior by adding a metadata tag that the Copilot service reads before processing the file. The label can be set to either encrypt the file with a permission that excludes Copilot or mark the file with a custom header that Copilot recognizes as blockable. Both methods prevent Copilot from reading the file content.

Prerequisites for Configuring Sensitivity Labels

Before you start, verify these requirements are met in your tenant:

• Microsoft 365 E5 or Microsoft 365 E5 Compliance license for each user who will create or manage labels
• Microsoft Entra ID P1 or P2 license for conditional access policies if needed
• Global Admin or Compliance Admin role in the Microsoft 365 admin center
• Microsoft Purview Information Protection enabled and labels already published to users
• Copilot for Microsoft 365 license assigned to users who will be affected by the block

If your tenant does not have sensitivity labels configured, you must first enable unified labeling in the Microsoft Purview compliance portal. Go to Microsoft Purview compliance portal > Information Protection > Label policies and follow the wizard to create your first label. The steps in this guide assume you already have at least one label created.

Steps to Configure a Sensitivity Label to Block Copilot Access

1. Open the Microsoft Purview compliance portal
   Sign in to compliance.microsoft.com with your Global Admin or Compliance Admin account. In the left navigation menu, select Information Protection then click Label policies. Find the label you want to modify or click Create a label to start a new one.
2. Navigate to the encryption settings
   In the label creation or editing wizard, go to the Encryption section. Set Encryption to On. A new option appears labeled Do not allow Copilot to read the content of this file. Check this box. This is the primary setting that blocks Copilot access.
3. Configure encryption permissions
   Below the Copilot block option, choose Assign permissions now or Let users assign permissions. For a block that applies to all users, select Assign permissions now. Click Assign permissions and add the users or groups who should still be able to read the file manually. Copilot is automatically excluded from this permission list when you check the Copilot block option.
4. Add a custom marking for extra safety
   Go to the Content marking section. Enable Mark the content of files as sensitive. Add a custom watermark, header, or footer such as “Copilot Blocked”. This marking is not strictly required for the block to work, but it provides a visual indicator to users that the file is protected from Copilot.
5. Publish the label to users
   After saving the label, go back to Label policies and click Publish labels. Select the label you just configured. Choose the users or groups who should be able to apply this label to files. Click Next and complete the policy settings. The label will appear in Office apps after up to 24 hours or after a user restarts their Office application.
6. Verify the block is working
   Open a file in Word or SharePoint that has the new label applied. In the Copilot pane, type a question that references the file content. Copilot should respond with a message such as “I cannot access this file due to sensitivity label settings” or return no data from the file. Check the Microsoft 365 audit log for event CopilotAccessBlockedByLabel to confirm the block.

If Copilot Still Accesses Labeled Files

Copilot does not detect the label on newly created files

Labels are applied to files when the user saves or uploads them. If a user creates a new document and asks Copilot a question before saving, Copilot may read the unsaved content. Always save the file with the label applied before using Copilot. For automatic labeling, use auto-labeling policies in Microsoft Purview that apply labels based on sensitive information types.

Copilot returns generic output instead of tenant-specific data

This is not a sign that the block is failing. Copilot may still return general knowledge or information from public sources. To confirm the block is working, ask a question that only the labeled file can answer, such as a specific number or phrase from the document. If Copilot does not include that data, the block is active.

Users cannot apply the label because it is not visible

Labels take up to 24 hours to propagate after publishing. If users do not see the label in Word or Excel, ask them to restart the Office application. If the label still does not appear, check the label policy assignment in Microsoft Purview compliance portal > Information Protection > Label policies. Ensure the user is included in the policy group.

Sensitivity Label Block Copilot vs Encryption Block: Key Differences

Item	Sensitivity Label with Copilot Block	Encryption-Only Block
Description	Uses a metadata flag that Copilot reads before processing the file	Uses full encryption that prevents any service including Copilot from reading the content
User visibility	Users see the file content normally in Office apps	Users must have decryption rights to open the file
Copilot behavior	Copilot returns a message that it cannot access the file	Copilot cannot open the file and returns no data
Performance impact	No additional latency because Copilot checks the flag at query time	No additional latency because the file is already encrypted
Recommended for	Confidential files that users need to read but Copilot should not process	Top-secret files that should not be readable by any automated service

After configuring the sensitivity label, you can now control exactly which files Copilot can read in your tenant. Test the setting with a small group of users before rolling out to the entire organization. For additional protection, combine the Copilot block with data loss prevention policies that prevent users from sharing labeled files externally.