Table of Contents
Extending the Reach for the DLP Policy for Copilot
With all the fuss and bother about the bug that allowed Microsoft 365 Copilot Chat (BizChat) to expose content blocked by the DLP policy for Copilot in chat responses, you’d be forgiven for thinking that Copilot leaks confidential information all the time. Of course, Copilot doesn’t. Bugs happen all the time in software and although Microsoft was slow to acknowledge the bug initially, they did fix it promptly thereafter. I guess all those who spouted rubbish in forums such as LinkedIn were simply seeking notoriety, or something like that. It would be better if they engaged their brains before commenting.
Which brings me neatly to message center notification MC1234661 (19 February 2026, Microsoft 365 Roadmap 557255), which announces that Microsoft is extending the reach of the DLP policy for Copilot to all storage locations where Office files are kept. Previously, protection was only available to Office files stored inside Microsoft 365. Now, local and other cloud storage providers are covered. I think this is a pretty big deal.
Rollout will start in late March 2026, and Microsoft expects that the update will be deployed worldwide by late April 2026.
The Magic of the Augmentation Loop
Although Microsoft has control over Microsoft 365 locations, it obviously cannot control local storage. The magic that allows the DLP policy for Copilot to extend its reach comes from a component called the Office Augmentation Loop, often shortened to “AugLoop.”
The Augmentation Loop is an internal Office component that collects signals from Microsoft 365 applications and enforces policy when organizations use connected experiences. Not everything can be processed locally (DLP is a good example), which is when connected experience come into play to link local applications with cloud services.
The problem about discussing anything to do with the augmentation loop is the lack of documentation. The augmentation loop is an internal component that’s not designed to be exposed to users. Based on discussions with Microsoft engineers, my understanding is that the augmentation loop is responsible for gathering information to help components like Copilot make good decisions.
My understanding aligns with the description in MC1234661, where Microsoft explains that the augmentation loop now reads details about sensitivity labels assigned to files through the Office clients. Office clients already know how to report sensitivity labels (for example, to surface the name of the currently applied label in different places within the Office UI.
The older method used Microsoft Graph lookups to retrieve sensitivity label information based on the URL of the file (like the URL assigned to files in a SharePoint Online or OneDrive for Business site). This approach makes perfect sense when dealing with files stored in Microsoft 365 but left a gap for Office files held elsewhere.
No Change Necessary for Existing DLP Policies
The new implementation allows the augmentation loop to gather the information necessary for the DLP policy for Copilot to evaluate whether to block or allow access to content protected by a sensitivity label, even if the file is on a network or local drive. Remember, sensitivity labels travel with files to ensure that only users with adequate rights can open and use the files. Figure 1 shows the flow of processing for the DLP policy for Copilot.
The nice thing is that no changes need to be made to existing DLP policies. Protection is extended automatically to non-Microsoft 365 storage locations after the code update reaches Microsoft 365 tenants.
Consistency is Everything
Sensitivity labels ensure consistency of protection no matter where labelled files are stored. The same consistency of protection is now available through the DLP policy for Copilot. It’s a change that makes perfect sense.
Support the work of the Office 365 for IT Pros team by subscribing to the Office 365 for IT Pros eBook. Your support pays for the time we need to track, analyze, and document the changing world of Microsoft 365 and Office 365. No AI is used to generate our output!