Table of Contents
Report a Concern about a Message in a Teams Personal or Group Chat
Communication Compliance policies are part of the Microsoft Purview suite designed to help organizations monitor the content of messages. Originally known as supervision policies (which gives an indication of their purpose), communication compliance policies could only process email until Microsoft introduced support for Teams in early-2020.
Communication Compliance Basics
The basics of communication compliance revolve around the analysis of messages captured in special supervision mailboxes against conditions defined in policies. Settings include:
- The accounts that come within the scope of the policy (the monitored mailboxes).
- Direction of message traffic (inbound, outbound, or both).
- The percentage of traffic captured for analysis. Although it’s possible to examine every message sent and received by the accounts within a policy scope, it’s more usual to examine a percentage. Purview extracts messages at random to meet the selected percentage.
- Whether to use Optical Character Recognition (OCR) to examine attachments and images sent in email and Teams.
- The classifiers and conditions used to select messages for further review. Microsoft Purview includes a default set of trainable classifiers such as Profanity and Threat to detect these conditions in messages. Organizations can train their own classifiers as required. Conditions (like those used in DLP and mail flow rules) can focus the review to specific messages such as those coming from certain domains.
- The supervisors responsible for reviewing messages detected by the policy.
Exchange Online redirects copies of messages needed for communication compliance as email passes through the transport service. Purview uses the compliance records created by the Microsoft 365 substrate to process Teams messages.
Teams Report a Concern
In mid-2022, Microsoft introduced the ability for Teams users to report a concern with messages sent in personal and group chats. By August 31, 2022, the feature reached all tenants with Office 365 E5 or Microsoft 365 E5 compliance licenses who had communication compliance policies. It can take up to 30 days before the feature appears in tenants after they start to use communication compliance policies.
Visibility of the Report a Concern option (Figure 1) is controlled by the AllowCommunicationComplianceEndUserReporting setting in the Teams messaging policy for an account. The setting is available in the Teams admin center or PowerShell. By default, the setting is enabled. To see the setting for all messaging policies, run:
Get-CsTeamsMessagingPolicy | Format-Table Identity, AllowCommunicationComplianceEndUserReporting
When a user reports a concern (Figure 2), Teams tags the message and up to five messages preceding the reported messages and five messages afterward (if available). Many messages sent in Teams chats are short and concise. The extra messages provide the context to allow a reviewer to decide if a problem really exists.
Reviewing Reported Messages
Apart from exposing the Report a Concern option in Teams chat, the other major piece of functionality is the automatic creation of the User-reported messages policy. The only change an organization can make to the User-reported messages policy is to update the supervisors responsible for reviewing reported messages.
As with all communication compliance policies, to review reported messages, head to the communication compliance section of the Purview compliance portal (Figure 3) and select the policy to review. The policies available to a user depends on the communication compliance administrative role assigned to their account.
Select the policy and open the Pending tab to see the messages requiring investigation. The default view is to see the summary, meaning the message reported by the user. The conversation view exposes the messages before and after the reported message to give context to the reviewer (Figure 4).
Like any other message detected by a communication compliance policy, the role of the investigator is to decide if the content violates the acceptable norms for communication. Because individual users make a subjective decision to report a message, the variation in content is likely broader than in the set of messages selected using a trainable classifier. This underlines the need to understand the tone and flow of the conversation within which the problem message occurred.
After reviewing the message, the investigator can resolve the problem (for instance, decide that the user overreacted when they reported the concern), notify the user (and others) about their assessment, or escalate the issue for further investigation. The Remove message in Teams option (available through the down arrow menu in Figure 4), replaces the reported message with a notification that the message “was blocked due to organizational policy” for the recipient and “This message was blocked” for the sender (Figure 5).
This action, which is similar to the way that Teams handles messages blocked by DLP policies, allows the organization to withdraw a problem message during an investigation. However, there’s no way to withdraw the block and expose the message again if it’s deemed acceptable.
Keeping Things Clean
Report a Concern is a useful feature (Teams Free has a similar feature where Microsoft takes care of investigations) if you have the right licenses. Then again, if the organization needs something like communication compliance, the cost probably doesn’t matter. In which case, it’s nice to have a way to keep everyone polite in their Teams chat.
Keep up to date with developments like the app support for sensitivity labels by subscribing to the Office 365 for IT Pros eBook. Our monthly updates make sure that our subscribers understand the most important changes happening across Office 365.