Well, that's kind of a scenario where it's being used. To prevent accidental external sharing for example. It comes down to if it's client-side auto labeling (user interaction possible) or service-side auto labeling (user interaction is not possible), and how the settings are configured. If you're not an admin you should to reach out to that person to verify the settings configured.
This is for the service-side auto labeling, where the permissions are pre-configured to allow authenticated Users a certain level of access, during the configuration of the Policy. The problem arises when there's the need for user to share a document with someone outside the organization.