Q: How is my organization’s data protected when I use Microsoft’s Generative AI Services?
- At Microsoft, we have a long-standing practice of protecting our customers’ information. We are committed to security, privacy, and compliance across everything we do, and our approach to generative AI is no different.
- The privacy commitments our commercial and public sector customers have long relied on for our enterprise cloud products also apply to our enterprise generative AI solutions, including Azure OpenAI Service and our Copilots.
- In Protecting the Data of our Commercial and Public Sector Customers in the AI Era, we outline seven commitments that demonstrate our continued commitment to protecting our customers’ data when they use our Generative AI services: 
- We will keep your organization’s data private.
- You are in control of your organization’s data.
- Your access control and enterprise policies are maintained.
- Your organization’s data is not shared without your permission.
- Your organization’s data privacy and security are protected by design.
- Your organization’s data is not used to train foundation models without your permission.
- Our products and solutions continue to comply with global data protection regulations.
 
Q: The commitments in Protecting the Data of our Commercial and Public Sector Customers in the AI Era are focused on “your organization’s data”. What data does that include?
- Your organization’s data refers to Customer Data, which is defined under Microsoft’s Product Terms as all data, including all text, sound, video, or image files, and software, that are provided to Microsoft by, or on behalf of, Customer through use of an Online Service.
- Inputs and Output Content are both Customer Data under Microsoft’s Product Terms: 
- Inputs means all Customer Data that Customer provides, designates, selects, or inputs for use by a generative artificial intelligence technology to generate or customize an output. Customer prompts are considered “Inputs” and are Customer Data.
- Output Content means any data, text, sound, video, image, code, or other content generated by a model in response to Input.
 
- Microsoft uses Customer Data to provide you the services and our processing is subject to our existing privacy and contractual commitments, including the commitments we make in the Microsoft Products and Services Data Protection Addendum, Microsoft’s Product Terms, and the Microsoft Privacy Statement.
Q: Are the privacy commitments Microsoft is communicating in the Protecting the Data of our Commercial and Public Sector Customers in the AI Era blog new commitments?
- This blog is part of our ongoing commitment to provide clear information and documentation on the measures we have in place to protect our customers’ data and the choices they have to manage their data.
- There are no new changes in how we protect your organization’s data resulting from this communication, instead, we are reinforcing our existing data protection practices and how they apply to our Online Services’ enterprise generative AI solutions, including Azure OpenAI Service and our Copilots.
- Information on the commitments we make to consumers and individual users is available at Microsoft Copilot | Microsoft AI.
- Information on how we protect privacy in Copilot with commercial data protection experience is available here. Copilot with commercial data protection is a service where Microsoft is the data controller. The commercial data protections apply to enterprise end users who log in with their Entra ID.
Q: What is generative AI and what are the different types of AI models Microsoft uses?
- Generative AI is a type of artificial intelligence that can create new things, like pictures, text, or speech, that are similar to examples it has seen before. It does this by learning from a set of examples, figuring out the patterns and rules that make them similar, and then using those patterns and rules to make new examples that are similar to the ones it learned from. It’s different from other types of AI because it can create new things, instead of just recognizing or classifying things it has seen before.
- Microsoft’s Azure OpenAI Service and Copilot services and capabilities allow customers to leverage OpenAI’s models, including GPT-3, GPT-4, and Codex in the Microsoft environment. Customers can learn more about OpenAI's models in GPT-3, GPT-4, and Codex research papers. These models are commonly referred to as “foundation models.”
Q: Can I share confidential information with Microsoft’s Generative AI services?
- Yes. When using Azure OpenAI Service or enterprise Copilots, customers may confidently share their confidential information. The foundation models that are accessed via Azure OpenAI Service and Copilots do not use Customer Data for training without your permission. These foundation models do not store any data, including prompts that a customer inputs and completions that the model outputs. Customers can also trust that their confidential information will not be exposed to other customers.
- We also recommend customers implement effective data security best practices such as applying appropriate access controls, data labeling, classification, encryption, and data loss prevention policies on your data to help ensure your sensitive and confidential information remains secure and compliant.
Q: Does Microsoft share customer data with OpenAI/ChatGPT?
- No. Your organization’s Customer Data, including prompts (Inputs) and completions (Output Content), your embeddings, and any training data you might provide to the Microsoft Online Services, are not available to OpenAI. Microsoft hosts the OpenAI models in Microsoft’s Azure environment and the Azure OpenAI Service does not interact with any services operated by OpenAI (e.g., ChatGPT, or the OpenAI API).
Q: How does Microsoft comply with applicable law?
- Microsoft’s AI products and solutions are compliant with applicable data protection and privacy laws today.
- Microsoft's approach to protecting privacy in AI is underpinned by a commitment to compliance with regulatory and legal obligations. We will continue to support meaningful privacy and AI regulation, and believe that the best way to make rapid progress on needed guardrails for AI is to lean in to existing legal protections, approaches and regulatory tools that could be applied to protect privacy and safety in these systems today.
Q: How does Microsoft provide security by design in this new era of AI?
- Security is built-in throughout the development lifecycle of all of our enterprise services (including those that include generative AI technology), from inception to deployment.
- The Azure OpenAI Service and our enterprise Copilots are hosted in Azure infrastructure and protected by the most comprehensive enterprise compliance and security controls in the industry. These services were built to take advantage of the security and compliance features that are already well-established in Microsoft’s hyperscale cloud. This includes prioritization of reliability, redundancy, availability, and scalability, all of which are designed into our cloud services by default.
- Because generative AI systems are also software systems, all elements of our Security Development Lifecycle apply: from threat modeling to static analysis, secure build and operations, use of strong cryptography, identity standards, and more.
- We’ve also added new steps to our Security Development Lifecycle (SDL) to prepare for AI threat vectors, including updating the Threat Modeling SDL requirement to account for AI and machine learning-specific threats. We put our AI products through AI red teaming to look for vulnerabilities and ensure we have proper mitigation strategies in place.
Q: How does Microsoft support data governance in AI applications?
- Microsoft develops Copilot solutions with data governance capabilities built-in based on the platform it is designed for. Using Copilot for Microsoft 365 as an example, it is compliant with our existing privacy, security, and compliance commitments for Microsoft 365 commercial customers.
- As customers engage with AI applications, including Copilot and other platforms, they need to secure their data use. To assist our customers, Microsoft has developed a range of solutions to support our customers with data governance. Microsoft Purview offers integrated compliance controls for governing AI usage, including audit functionality, retention and deletion policies, and machine-learning powered classifiers to detect risky Copilot prompts and responses. Purview eDiscovery identifies, preserves, and collects relevant Copilot data for legal or regulatory purposes, enhancing your organization’s ability to respond to challenges and investigations efficiently. These features empower organizations to proactively govern their AI usage and adhere to evolving regulatory requirements.
- In addition, Azure’s enterprise-grade protections provide a strong foundation upon which you can build your data privacy, security, and compliance systems, to allow your organization to confidently scale AI while managing risk, reinforcing transparency, and ensuring compliance while using generative AI tools.
- As Azure OpenAI and enterprise Copilots use your existing permissions and policies to deliver the most relevant information, it is important to have good content management and data governance practices in place. You can learn more about some of the things your organization can do to detect and prevent oversharing in the new era in content management and security in SharePoint, OneDrive, and Teams, watch this video, and read this article to get details on how to adopt content management best practices.
Q: Where will my data be stored and processed?
- Your data residency choices will be respected when you use Microsoft’s Generative AI products and services that offer local storage and/or processing capabilities.
- In the EU, your data will be stored and processed locally. Azure OpenAI Service, Copilot for Microsoft 365, and the Copilot features now included in Dynamics 365 and Power Platform will process and store your data within EU/EFTA for EU Data Boundary (EUDB) customers, as set forth in the EU Data Boundary Transparency Documentation.
Q: What other information is available about how data is used and protected in Microsoft’s Generative AI offerings?
- Microsoft is committed to providing our customers with clear information about how we use and share data, and choices they have in managing their data.
- The processing and use of personal data by AI features in our enterprise products and services is consistent with our existing commitments, including applicable commitments outlined in the Microsoft Products and Services Data Protection Addendum, Microsoft’s Product Terms, and the Microsoft Privacy Statement.
- Additionally, product-specific information is available to help our customers better understand how privacy is protected in our AI-powered offerings.
- Data, Privacy and Security for Azure OpenAI Service.
- Data, Privacy and Security for Microsoft Copilot for Microsoft 365
- Copilot in Dynamics 365 and Power Platform and FAQs for Copilot data security and privacy for Dynamics 365 and Power Platform.
Q: What’s next for Microsoft with AI? What products should we expect?
- In 2023, Microsoft unveiled AI’s potential to the world. We continue to innovate and build upon our decades of research to provide transformative tools.
- In 2024, we’ve set our sights on bringing more advanced capabilities to Copilots, including expanded multi-modal and complex task tools. This year, you’ll see AI’s transformative power in enhancing productivity, advancing healthcare, improving cybersecurity, and fueling scientific breakthroughs, all grounded in responsibility and humanity.