Restricting Modification of Purview Labels

nikkichappleVery much appreciate your take on a solution to the problem. 

Two challenges I am anticipating with this approach:

1. The point in the process where the business user is going to send an attachment with the "Highly Confidential" label applied.  This step requires that the user (100% of the time) sucessfully modify the label applied to the file attachment (to one without permissions --- thus without encryption) such as "Highly Confidential/External Access".  On occasion, only due to human error (and nothing tehcnical in place to prevent such human error), the user is going to forget to apply this change.
2. Because of the human error aspect (mentioned above), the email will be sent (nothing preventing it from being sent), the external user experience (due to validted inconsistency between IOS, Android, and Windows) will be less than ideal (in some cases preventing that external individual from accessing that email at all), and the business will experience an unnecessary delay (delay between the original message send and the notification to re-send without encryption).

We tried to find a way to change the label of the email attachment in a programatic fashion (to remove the encryption/permissions), but were unable to identify a solution (we could only affect the email message itself).

Still would be nice if Microsoft would provide the ability in the Purview product to choose if we want to leverage permissions OR encryption for a specific label or set of labels.  This would give us the ability to apply granular control and access over the labels themselves while not introducing the barriers as to the clunky external encryption experience (across IOS, Android, Windows etc.).

If you have any ideas/thoughts, let me know.  Happy to jump on a call to discuss as well.