You as the one using/paying for the serice, and he as the one keeping the message.

Looking at the product pages however, it seems that OME is now only offered as part of AIP, and the latter offers you a bit more flexibility compared to OME in terms of revoking access, tracking protected documents, etc.

@Vasil Michev 

Thanks for your insight, as Microsoft is currently pushing the hole topic under the name MIP, let me warm up this old thread.

Scenario:

I don't use Microsoft 365 or Microsoft outlook.

I receive an OME encrypted E-Mail, which I open via "the link", which redirects to an Outlook Webaccess light. I sign in with one time password. --> The mail is basically stored in the Microsoft cloud.

How long, or which are the conditions under which I can access this E-Mail?

1. Am I understanding you right, that when the sender deletes the mail from his "Sent Items" and "Trash Bin", I would loose access to that mail?
2. When the sender terminates the M365 contract (e.g. going out of business), then I would not have access to that mail anymore?
3. Would I still have access via Microsoft Outlook (aka is the MS MIP/AIP/RMS Service still handing out keys in a decomissend state, or would even this service be "switched off"
4. Are there any "grace periods" involved?

As a background:

In Germany it is mandatory to archive business communication in readable format (including E-Mail for 10 years).

When I can't guarantee access to that mails for this time frame, I would need to refuse OME Mails?

Or is there a known legal backup?

Is there any Information from Microsoft side? Unfortunatly I haven't found any.

@timkoehler 

Interesting questions. Do you have discovered answers to these points meanwhile? It seems to be quiet complicated to find valuable information about the details of the message encryption.

Regards,

Jan