Your scenario should be possible using Microsoft Intune, you could prevent data leakage for unmanaged devices and they have to login with credential to be able to copy and paste. Take a look at:
https://docs.microsoft.com/en-us/mem/intune/protect/data-leak-prevention
Also take a look at:
https://docs.microsoft.com/en-us/mem/intune/apps/app-protection-policies-configure-windows-10
https://docs.microsoft.com/en-us/mem/intune/apps/windows-information-protection-policy-create

@Mike Platvoet, WIP is the Microsoft solution to prevent this copy/paste activity. It works by encrypting files with the EFS system and then only allowing access by "Enlightened" apps. Enlightened apps can also be restricted from copy and paste into unenlightened/unallowed apps. https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protect...

 

Notepad is on the list of Enlightened apps. So, you'd have to remove it from the WIP policy.  Be careful with WIP, there are only a handful of Enlightened apps and so the rest of your apps won't be able to interact with company data (O365 data) unless you exempt them. However, if you exempt an app, it can do anything with company data. Also, an unenlightened app cannot switch between working with personal and company data. This makes it difficult for users who use apps for both.