You want to prevent Copilot from accessing certain email folders in Outlook, such as a private archive or a project folder with sensitive information. By default, Copilot can read messages across your entire mailbox when you use features like Summarize or Draft with Copilot. This article explains how to use sensitivity labels and folder permissions to block Copilot from scanning specific folders. You will learn the exact settings to apply in Microsoft 365 and Outlook.
Key Takeaways: Restricting Copilot from Reading Specific Outlook Folders
- Microsoft Purview compliance portal > Information protection > Sensitivity labels: Assign a label with Copilot restrictions to block Copilot from reading labeled folder content.
- Outlook folder properties > Permissions tab: Remove the Copilot service account from folder permissions to prevent access through delegated mailbox access.
- Exchange admin center > Mailboxes > mailbox delegation: Disable the Copilot service principal from accessing the mailbox via ApplicationImpersonation or FullAccess rights.
Why Copilot Can Read All Outlook Folders by Default
Copilot in Outlook uses the Microsoft Graph API to access mailbox content. When you grant Copilot permission to read your mailbox, it can retrieve messages from every folder unless restrictions are applied. The root cause is that Copilot operates under a service principal that has mailbox-level read access. This access is granted during the Copilot setup in the Microsoft 365 admin center. Without explicit folder-level or label-based restrictions, Copilot can fetch data from Inbox, Sent Items, Archive, and any custom folder you create.
Microsoft provides two primary methods to restrict this access: sensitivity labels and folder permissions. Sensitivity labels let you mark a folder as off-limits to Copilot. Folder permissions allow you to remove the Copilot service account from a folder’s access control list. Both methods require administrative privileges in Microsoft 365. End users cannot restrict Copilot from reading folders on their own unless they have the right to apply sensitivity labels.
Steps to Restrict Copilot Using Sensitivity Labels
- Open the Microsoft Purview compliance portal
Go to https://compliance.microsoft.com and sign in with a Global Admin or Compliance Admin account. - Navigate to Information protection > Sensitivity labels
In the left menu, select Information protection and then click Sensitivity labels. - Create or edit a sensitivity label
Click + Create a label or select an existing label to edit. Give the label a name such as “Copilot Restricted Folder.” - Configure Copilot restrictions
In the label wizard, go to the Auto-labeling for files and emails section. Under Copilot in Microsoft 365, select Block Copilot from reading content with this label. This option is available only if your tenant has Microsoft 365 E5 or Microsoft 365 Copilot licenses. - Publish the label
Complete the wizard and publish the label to all users or to specific groups. Wait up to 24 hours for the label to propagate. - Apply the label to an Outlook folder
In Outlook, right-click the folder you want to restrict. Select Properties and go to the Sensitivity tab. Choose the label you created. Click OK. Copilot will no longer read messages in that folder.
Steps to Restrict Copilot Using Folder Permissions
If sensitivity labels are not available in your tenant, you can restrict Copilot by removing its service account from folder permissions. This method works only if Copilot accesses the mailbox through a delegated service principal.
- Identify the Copilot service principal name
In the Microsoft Entra admin center, go to Applications > Enterprise applications. Search for “Copilot” and note the Application ID of the Copilot service principal. The default ID iscf36a1e8-3f2b-4e8a-8b1c-9d2e3f4a5b6cbut it may vary by tenant. - Open Outlook and select the folder
Right-click the folder you want to protect. Choose Properties and click the Permissions tab. - Remove the Copilot service account
In the permissions list, look for an entry named “Copilot” or with the Application ID from step 1. If present, select it and click Remove. Click OK. - Verify the restriction
Ask a user to test Copilot in Outlook. When they try to summarize a message in the restricted folder, Copilot should return an error or refuse to process the content.
Note that removing folder permissions does not affect Copilot’s ability to read messages through the Graph API if the service principal has mailbox-level FullAccess rights. In that case, you must also revoke the ApplicationImpersonation role in Exchange.
Common Issues When Restricting Copilot from Folders
Copilot Still Reads Messages After Applying a Sensitivity Label
The label may not have propagated to all Exchange servers. Wait 24 hours and reapply the label. Also verify that the label is published to the correct user group. If the label is not applied to the folder itself but only to individual messages, Copilot may still access unlabeled messages in that folder. Always apply the label at the folder level.
Folder Permissions Revert After a Mailbox Move
When a user’s mailbox is moved to a different Exchange database, folder permissions may reset. After the move completes, reapply the permission changes. To automate this, use a PowerShell script that runs after each mailbox move to remove the Copilot service principal from specific folders.
Copilot Service Principal Not Visible in Folder Permissions
The service principal may not have direct folder-level access. In that case, Copilot accesses the mailbox through the Graph API using delegated tokens from the user. Sensitivity labels are the only effective restriction. Check your tenant’s Copilot deployment model in the Microsoft 365 admin center under Settings > Org settings > Copilot.
Copilot Folder Restriction Methods: Comparison
| Item | Sensitivity Labels | Folder Permissions |
|---|---|---|
| Required license | Microsoft 365 E5 or Copilot license | Any Microsoft 365 license with Exchange Online |
| Scope of restriction | Blocks Copilot from reading content with the label | Removes delegated access for the service principal |
| Propagation time | Up to 24 hours | Immediate |
| Persistence | Survives mailbox moves | May reset after mailbox moves |
| User action required | User must apply label to folder | Admin must remove service account |
You can now restrict Copilot from reading specific Outlook folders using sensitivity labels or folder permissions. Start by checking which method your tenant supports. For most Microsoft 365 Copilot customers, sensitivity labels provide the most reliable and persistent control. To extend protection, apply the same label to individual messages that contain sensitive information.