Copilot Bug is a Big Deal for Confidentiality, But Not That Big
Tony Redmond had all of the details late last week while I was enjoying Mardi Gras activities. It made the rounds back into my view when I came back to work today.
Here’s why this is such a big problem. Microsoft recommends blocking Copilot from accessing sensitive information in emails, meetings, documents, and related content by assigning a label to those items and creating a DLP policy that defines the block. This bug renders the system unusable for the affected emails. You simply can’t provide a governance tool that doesn’t deliver the governance it claims to provide. It’s a bad look, Microsoft. It doesn’t help build customer trust.
This means sensitive information that should not have been part of another Copilot interaction may have been pulled into that interaction and then included in other content a user created with Copilot.
Of course, every user should always review output from every AI tool for inadvertent disclosures, so while this bug removed a guardrail that should have existed, it didn’t drive the care off the road entirely. Users always have the final say in content creation. I also take issue with some tech sites that have raised a privacy alarm that goes beyond what actually happens, but I suspect this is due to a lack of understanding of how Copilot interactions work within the M365 tenant.
No, Copilot did not make these emails public or access private information and make it non-private. It accessed information in response to your prompt that it should ignore. That creates a risk that many users might assume does not exist. That is a significant issue, but it’s not equivalent to a data breach. There is another check in place before data leaks out: the end user.
Share this post on social media.
