Safeguarding Sensitive Data in Microsoft 365 Copilot Interactions: DLP for Microsoft 365 Copilot

I recently tested the new DLP controls for Microsoft 365 Copilot/Copilot Chat web grounding with SIT-based policies and noticed what appears to be a significant enforcement gap.

• If the SIT appears directly in the typed prompt, web grounding/search is correctly blocked.
• However, if the same SIT exists only inside an attached document and the prompt simply references the attachment, Copilot still extracts the sensitive content from the file and proceeds with the web-grounded request.

Based on the current documentation, it seems DLP evaluates only the typed prompt text and not the semantic content extracted from attached files before grounding occurs.

From a security and governance perspective, this creates an inconsistent enforcement boundary and effectively allows bypassing the web-search DLP restriction through attachments.

Are there plans to extend DLP inspection to attachment-derived context before grounding/web search execution? If so, is there any rough timeline on the roadmap for this capability?

The current implementation feels incomplete for organizations expecting sensitive data protections to apply consistently across the entire Copilot interaction context, not only the direct prompt text.