Share via

Privacy and protections

  • Article

Enterprise data protection for prompts and responses

Microsoft Copilot offers enterprise data protection (EDP) for users signed in with a Microsoft Entra account. EDP is available for these users at no extra cost. Copilot makes it clear that enterprise data protection is applied by featuring a shield (formerly colored green) along the top of the user interface next to the New Chat button.

Screenshot that shows a diagram of the architecture behind Microsoft 365 Copilot with EDP.

Enterprise data protection refers to controls and commitments, under the Data Protection Addendum (DPA) and the Product Terms, that apply to customer data for users of Microsoft 365 Copilot and Microsoft Copilot, with Microsoft acting as a data processor.

Get more details on enterprise data protection for prompts and responses in Microsoft Copilot.

Privacy and security of generated search queries

To help improve the quality of responses, Copilot can use web search queries sent to the Bing search service to ground responses in the latest information from the web—this is referred to as "web grounding."

The Bing search service operates separately from Microsoft 365 and has different data-handling practices from those used for prompts and responses. These data-handling practices are covered by the Microsoft Services Agreement between each user and Microsoft, together with the Microsoft Privacy Statement. This means that Microsoft acts as an independent data controller responsible for complying with all applicable laws and controller obligations. This approach is consistent with other optional connected experiences that rely on Bing.

Learn more about data, privacy, and security of web queries.

How generated search queries work: Microsoft Copilot parses a user's prompt and identifies terms where web grounding would improve the quality of the response. Based on these terms, Copilot generates a search query that it sends via secure connection to the Bing search service asking for more information.

This generated search query is different from the user's original prompt—it consists of a few words informed by the user's prompt. Additional terms from uploaded files or content actively viewed in Edge may also be sent to the Bing search service to ground responses if Copilot needs them to understand the user's prompt.

The following information is not included in the generated query sent to the Bing search service:

  • The user's entire prompt, unless the prompt is very short (for example, "local weather")
  • Entire files uploaded into Copilot (uploaded files are stored in a user's OneDrive for Business as part of enterprise data protection)
  • Entire web pages or PDFs summarized by Copilot in Edge
  • Any user or tenant identifiers (for example: username, domain, or tenant ID)

Generated web search queries aren't shared with advertisers. Also, web search queries sent to Bing don't impact any of the following:

  • Search ranking
  • Answers or features like rich captions
  • Social features like autosuggest, trending, and zero input

After Microsoft Copilot receives additional information from the Bing search service, this information is used to compose the response returned to the user. This table provides examples of a user's prompt and the generated search queries sent to Bing. It also explains how Copilot formulates a response.

User prompt Generated search queries How Copilot provides a response
We're considering a possible acquisition of Fabrikam. Summarize financial information about the company, including their business strategy. Fabrikam strategy

Fabrikam financials		 Copilot returns a response that includes publicly available information relevant to these two search queries.
Along with the prompt, the user uploads a document about clean energy strategy.

Summarize this document and tell me if Fabrikam has publicly announced a similar approach.		 Fabrikam clean energy policy announcements If the document has Microsoft 365 DLP controls, no query terms are generated based on the content of the document.

Otherwise, Copilot reasons over this document and identifies "clean energy policy" as a major theme. "Clean energy policy" is added to the generated search query sent to the Bing search service (the document itself isn't included). The rest of the generated query is inferred from the prompt itself.

Copilot then takes web search results returned from Bing and identifies any similarities between this public information and the strategy described in the internal document.

After the chat session ends, the document is no longer retained by Copilot.
User has navigated to a public news article on the web about clean energy and uses Copilot in Edge to ask for a summary.

What does this article say about clean energy?		 None To generate a page summary, Copilot can infer all needed information from the text on the page itself. No generated search query is necessary.

After the chat session ends, any information from the web page is no longer retained by Copilot.

Logging prompts and responses

With enterprise data protection, prompts and responses in Microsoft Copilot are now logged. The same retention policies used for Microsoft 365 Copilot can be used for Microsoft Copilot. This allows for new feature experiences like allowing users to return to a previous chat. Learn more about retention policies.

Note

The specific controls and policies will vary depending on the underlying subscription plan.

Organizational data

Microsoft Copilot is a generative AI service grounded in data from the public web in the Bing search index only. Unlike with Microsoft 365 Copilot, users cannot invoke organizational content like files, emails, or chats when interacting in Copilot chat.

While Microsoft Copilot cannot access organizational content, users can actively provide it as part of their prompt for Copilot to use. Users can provide organizational content as part of their prompt in three ways:

  1. Users explicitly type or paste this information directly into the chat.
  2. Users upload a file by selecting the paperclip icon in the chat box. They can also drag and drop a file into the chat box. Uploaded files are stored in a user’s OneDrive for Business as part of enterprise data protection.
  3. Users type a prompt into Copilot in Edge after enabling the 'Allow access to any webpage or PDF' setting, and an intranet page is open in the browser. In this scenario, Copilot may use this content to help answer questions.

Additionally, users of the Microsoft 365 mobile app can click on suggested Copilot prompts surfaced across the OneDrive, Capture, and Create tabs. In this scenario, the associated file and its content are used by Copilot as part of the response.

In all cases, Copilot does not use your data to train foundation models and enterprise data protection (EDP) applies.

GDPR

The May 21, 2018, blog post from Microsoft outlines our commitment to GDPR compliance and how Microsoft helps businesses and other organizations meet their own GDPR obligations. With enterprise data protection, Microsoft Copilot supports GDPR. Get more details on GDPR when using Microsoft products and services.