Outlook: Prioritize my inbox by Copilot

🚨 The Signal: Copilot will now automatically prioritize and summarize emails in Outlook, highlighting important messages. This introduces AI-driven content analysis directly into user inboxes, potentially exposing sensitive information to Copilot's processing.

The Impact

All users are affected, with a moderate security risk due to sensitive data processing by Copilot and potential for information leakage.

• End Users: Risk of sensitive information being processed by Copilot.
• Security Teams: Need to validate Copilot's data handling and privacy controls.
• Compliance Teams: Requires review against data residency and privacy policies.
• Admins: Must understand Copilot's data flow and configuration options.

The Action

1. Review Microsoft's data processing terms for Copilot in Outlook.
2. Assess existing data classification and labeling policies for email content.
3. Communicate Copilot's email prioritization capabilities and data handling to users.
4. Monitor Copilot usage and user feedback regarding email prioritization.
5. Evaluate if specific email content should be excluded from Copilot processing via sensitivity labels or other controls.

Domain: Agentic-AI · Impact: medium · Workload: Exchange Online