Microsoft Copilot and Data Protection – an update

 

Microsoft are making a change to the data protection offered by Copilot (the web version) which, we think, will make it even more attractive as the default option for most Universities and Colleges.

Until now, there has been a difference in the level of data protection offered for the version of Copilot available at no extra cost in institutions, and Copilot 365.  Copilot had commercial data protection whereas Copilot 365 had the more thorough enterprise data protection.  Very soon they will will now both have enterprise data protection.

Commercial Data Protection

Copilot (standard version) offered what Microsoft called ‘Commercial Data Protection’ where they promised:

“User and business data is protected and will not leak outside the organization. You can be confident that chat data is not saved, Microsoft has no eyes-on access to it, and it is not used to train the models.”.

However it wasn’t covered by the important data protection addendum , which provides protection for the services such as Sharepoint, Office 365 and so on.

The terms and conditions (which you can access via the Wayback machine) noted:

To provide chat responses, Copilot uses global data centers for processing and may process data in the United States. Optional, Bing-backed connected experiences don’t fall under Microsoft’s EU Data Boundary (EUDB) commitment. Learn more: Continuing Data Transfers that apply to all EU Data Boundary services. They also don’t fall under the terms of the Data Protection Addendum (DPA) which requires company data to remain inside geographic or tenant boundaries.

…

Organizations with strict requirements that data must remain inside tenant or geographic boundaries should instead consider Copilot for Microsoft 365 or Azure Open AI to provide generative AI services. Copilot with commercial data protection is intended as a more secure alternative for organizations than using consumer-oriented generative AI services.

As a consequence, whilst there was a high degree of security in Copilot (standard), it wasn’t equivalent to Office 365, and not suitable for the most personal or confidential data.

In contrast, Copilot 365 offer ‘Enterprise Data Protection’ – in effect the same protection as the rest of Office 365.

Enterprise Data Protection

Microsoft have now announced that Copilot (standard)  will offer the same level of protection as the rest of Office 365 when you sign in with you institutional Microsoft account, and will be available as an app within Office 365.

The exact timing is slightly unclear – they note:

The following information applies to Microsoft 365 Copilot currently and will start rolling out to Microsoft Copilot in the second half of September 2024 for users signed in with a Microsoft Entra account.

Entra account just means your standard university/college Microsoft account.

But, importantly, they now say:

The use of Microsoft 365 Copilot and Microsoft Copilot, as used by organizations, are covered by the terms of the Data Protection Addendum (DPA) and Product Terms, with Microsoft acting as a data processor.

This is excellent news!  It now means:

“…prompts and responses are protected by the same contractual terms and commitments widely trusted by our customers for their emails in Exchange and files in SharePoint.”

A few more points to note:

There are a few questions that are likely to come up on this:

What data is stored and where?

When Enterprise Data Protection is enabled, all Copilot activity will be bounded and stored in the same way as the rest of an organisations Office 365 data, as part of their Office 365 tenancy.

One change, is that previously interactions with Copilot (standard) weren’t stored at all.  Now,  they will be logged in the same way as other 365 data, as part of the Exchange store.

It appears this will give Copilot users access to Chat history – an important feature!

How does it interact with Bing Search?

Sometimes a Copilot query will trigger a Bing search to enhance the output.  In this case some key phrases will be extracted from the prompt to initiate a search.

However, Microsoft note:

The following information is not included in the generated query sent to the Bing search service:

• • The user’s entire prompt, unless the prompt is very short (for example, “local weather”)
  • Entire files uploaded into Copilot (uploaded files are stored in a user’s OneDrive for Business as part of enterprise data protection)
  • Entire web pages or PDFs summarized by Copilot in Edge
  • Any user or tenant identifiers (for example: username, domain, or tenant ID)

In effect, this makes it similar to allowing users to use Bing or Google.

What data can Copilot access?

Copilot and Copilot 365 will continue to differ here.

Copilot 365 has access to your institutional files and other 365 content, with access restricted by the same controls as any other Office 365 applications – ie it can only access what the user can access.

Copilot (standard) has no access to institutional files.

Is our data used to train the model?

No.  This has always been the case with Copilot when you use your institutional account.

Final Thoughts

This version of Copilot is still being rolled out, but it’s a very welcome change.  As soon as we have access to this version we’ll provide an update with any other observations and thoughts.

 

---

Find out more by visiting our Artificial Intelligence page to view publications and resources, join us for events and discover what AI has to offer through our range of interactive online demos.

For regular updates from the team sign up to our mailing list.

Get in touch with the team directly at AI@jisc.ac.uk