You ask Copilot a question in Microsoft Teams chat, and the response includes a file that your organization has labeled as Confidential. This exposes sensitive data to users who should not see it. The root cause is a gap between how Microsoft Purview Information Protection sensitivity labels are applied and how Copilot interprets its data access permissions. This article explains why Copilot surfaces labeled files and provides the exact steps to prevent it from happening.
Key Takeaways: Stop Copilot from Exposing Confidential Files
- Microsoft Purview compliance portal > Information protection > Sensitivity labels: Configure label encryption and marking to restrict access to authorized users only.
- Microsoft 365 admin center > Copilot > Data sources: Restrict the SharePoint sites and OneDrive folders Copilot can index for grounded responses.
- Microsoft Entra admin center > Conditional Access > Policies: Create a session policy that blocks Copilot from accessing files with specific sensitivity labels.
Why Copilot Displays Labeled Confidential Files in Chat
Copilot uses Microsoft Graph to retrieve data from SharePoint, OneDrive, and Exchange. When you ask a question, Copilot searches all content the user has at least read access to, regardless of the sensitivity label applied to that content. A file labeled Confidential but shared with a broad group like Everyone except external users will still appear in Copilot responses for any member of that group. The sensitivity label itself does not act as a permission boundary. It only applies visual markings and encryption settings if explicitly configured. If the label does not enforce encryption or rights management, Copilot treats the file as readable content and includes it in grounded responses.
Steps to Prevent Copilot from Surfacing Confidential Files
Use the following three methods in order. Each method closes a specific gap in data protection.
Method 1: Enforce Encryption on the Sensitivity Label
- Open the Microsoft Purview compliance portal
Go to compliance.microsoft.com and sign in with an account that has the Compliance Administrator role. - Navigate to sensitivity labels
Select Information protection from the left menu, then click Sensitivity labels. - Edit the Confidential label
Click the Confidential label to open its settings. If you have sublabels, edit the specific sublabel assigned to the files. - Enable encryption
In the Encryption section, set Encryption to On. Choose Assign permissions now or Let users assign permissions based on your compliance policy. For strict control, select Assign permissions now. - Define authorized users and groups
Click Assign permissions and add only the security groups or individual users who should have access. Set the coauthor or reviewer role as needed. Click Save. - Apply the label update
Click Save on the label settings page, then click Publish to push the updated label to all users. Allow up to 24 hours for the change to replicate across all Microsoft 365 services.
Method 2: Restrict Copilot Data Sources in the Admin Center
- Open the Microsoft 365 admin center
Go to admin.microsoft.com and sign in with the Global Administrator role. - Access Copilot settings
In the left navigation, expand Settings and select Copilot. - Select Data sources
Click the Data sources tab. Here you control which SharePoint sites and OneDrive folders Copilot can index. - Limit indexed sites
Change the setting from All sites to Selected sites. Add only the SharePoint sites that contain non-confidential content. Do not include sites where Confidential files are stored. - Save and test
Click Save. Wait 15 minutes for the change to take effect, then test a Copilot query that previously returned a labeled file.
Method 3: Create a Conditional Access Policy in Microsoft Entra
- Open the Microsoft Entra admin center
Go to entra.microsoft.com and sign in with the Conditional Access Administrator role. - Create a new policy
Under Protect & secure, select Conditional Access, then click Policies and New policy. - Name the policy
Enter a descriptive name, such as Block Copilot access to Confidential files. - Assign users and groups
Under Users, select All users or a specific group that should be blocked from accessing Confidential files through Copilot. - Configure cloud apps
Under Cloud apps or actions, select All cloud apps. This ensures the policy applies to Copilot which uses multiple Microsoft 365 apps as data sources. - Set conditions for sensitivity labels
Under Conditions, click Information protection. Select Sensitivity labels and choose the Confidential label. Click Select. - Block access
Under Grant, select Block access. Click Select. - Enable the policy
Set Enable policy to On. Click Save. The policy blocks the user session when Copilot attempts to read a file with the Confidential label.
If Copilot Still Shows Labeled Files After Applying the Fixes
Copilot returns files that were labeled after Copilot indexed them
Copilot caches indexed content for up to 24 hours. If a file was first indexed without a sensitivity label and then labeled later, the cached version may still appear. Force a reindex by removing and readding the affected SharePoint site in the Data sources tab. After removal, wait 30 minutes, then add the site back. The next indexing cycle will respect the new label.
Users can still see Confidential files in Copilot responses
Check whether the sensitivity label actually enforces encryption. A label set to Confidential but without encryption is only a visual marker. Copilot ignores visual markers. Revisit Method 1 and confirm the Encryption toggle is On and permissions are assigned to specific groups, not Everyone.
Conditional Access policy does not block Copilot
The Conditional Access policy blocks the user session, not the file itself. If the policy is applied after Copilot already established a session, the user may continue to see results. Sign out of all Microsoft 365 apps and sign back in. This forces a new session that respects the Conditional Access policy.
Copilot Data Access Without Encryption vs With Encryption
| Item | No Encryption on Label | Encryption on Label |
|---|---|---|
| Copilot behavior | Includes file in grounded responses for any user with read access | Blocks file from Copilot unless the user has explicit decryption rights |
| Permission scope | Relies on SharePoint/OneDrive sharing permissions alone | Requires both SharePoint permissions and label encryption rights |
| User experience | Sees file content in chat response without restriction | Receives an access denied error or no file returned |
| Configuration time | None required — label is visual only | 15 minutes per label to enable encryption and assign rights |
| Compliance coverage | Does not meet data loss prevention requirements | Meets DLP and information protection requirements |
You can now prevent Copilot from exposing Confidential files by enforcing encryption on sensitivity labels, restricting Copilot data sources, and applying a Conditional Access block policy. Start by reviewing your existing Confidential label in the Purview portal and enable encryption. Then test a query in Teams chat to confirm the labeled file no longer appears. For ongoing protection, audit Copilot responses weekly using Microsoft Purview Activity Explorer to detect any missed exposures.