Forum Discussion

Yarrick's avatar
Yarrick
Copper Contributor
Mar 18, 2026

Copilot chat: Does (dis)like expose data?

We have some questions/concerns from customers about the (dis)like functionality in Copilot Chat. The main question is: "What happens with the data/chat when using this functionality? And can we tur...
copilot chat
microsoft 365 copilot
security and compliance
Surya_Narayana's avatar
Surya_Narayana
MCT
Apr 12, 2026

hi Yarrick​ Good questions , this comes up quite a bit, especially from a security/compliance angle. Here’s how it works today (at a high level):

1) What happens when you click like/dislike? Does it train the model?
No-your organization’s data is not used to train the foundation models.

When you use like/dislike in Copilot Chat:

  • It captures a feedback signal (helpful / not helpful)
  • It may include the prompt + response context to understand what went wrong/right

But this is used to improve the service, not to retrain the model on your tenant’s data or personalize responses to a specific user.

2) How does Microsoft use this feedback? Do humans read it?
Feedback is used for:

  • Identifying quality issues (bad responses, hallucinations, tone, etc.)
  • Improving product behavior and safety systems

In some cases:

  • Limited, controlled human review may happen for debugging/improvement
  • This is done under Microsoft’s compliance and privacy controls

So yes, the content can be reviewed, but it’s not open-ended access, it’s governed and audited.

3) Can we disable like/dislike for the tenant?

  • For Copilot Chat (M365 / web) → there is no standard tenant-level switch today to completely remove the like/dislike UI
  • For custom solutions (Copilot Studio agents) → you can control or disable feedback mechanisms

Workaround:

  • Some orgs handle this via user guidance / policy, rather than technical enforcement

4) Licensed (work) vs non-licensed (web) , is there a difference?
Yes, this is important:

  • Work (M365 Copilot / enterprise)
    • Covered by enterprise data protection
    • Data stays within the service boundary
    • Not used for model training
  • Web / consumer Copilot
    • Feedback may be used more broadly to improve services
    • Different data handling terms apply

So from a security standpoint, enterprise Copilot is the safer, governed environment.

Security takeaway:

  • Feedback does not train models on your tenant data
  • It may include prompt/response content for service improvement
  • There’s no full disable option (yet) in M365 Copilot Chat
  • For strict environments, recommend:
    • User awareness (“don’t include sensitive data in feedback”)
    • Use of enterprise Copilot over public web Copilot
    • Consider custom Copilot Studio solutions if tighter control is required

Bottom line:
The like/dislike feature is a feedback mechanism, not a data exfiltration channel, but it can send snippets of conversation to Microsoft for quality improvement, so it’s something to account for in strict compliance environments.