Copilot and DLP policy behaviours

Hi Copilot Brain Trust,

Looking for some real-world experiences with Microsoft 365 Copilot DLP enforcement.

We've implemented a DLP policy targeting the Microsoft 365 Copilot location with the action to prevent Copilot from processing content that contains our sensitivity label (restricted).

The implementation is based on the following Microsoft documentation:

DLP for Microsoft 365 Copilot: https://learn.microsoft.com/en-us/purview/dlp-microsoft365-copilot-location-learn-about

Create DLP policies for Microsoft 365 Copilot: https://learn.microsoft.com/en-us/purview/dlp-microsoft365-copilot

Microsoft documentation states that when a DLP policy blocks Copilot processing, protected content should not be processed or used in Copilot-generated responses (although citations may still appear).

However, during testing we're observing scenarios where Copilot appears to access/process provide restricted snippet with file names from content that should be protected by the DLP policy.

A few questions for anyone who has implemented this in production:

Have you successfully validated DLP policies preventing Copilot from summarising sensitivity-labelled content?

Are there any known delays between policy deployment and enforcement?

Have you observed differences between Copilot Chat and Copilot experiences within Word, Excel, or PowerPoint?

Are there any prerequisites, limitations, or known issues not currently reflected in the public documentation?

I'm interested to hear whether others have seen similar behaviour or have successfully validated this scenario end-to-end.

Thanks in advance.