How to create Sensitivity Labels to use for Data & More CoPilot Privacy Protection
Data & More CoPilot Protections works by applying sensitivity labels to data that Copilot should not access.
To get started, sign into Microsoft 365 with administrative access and open Microsoft Purview. From there, expand the Information Protection folder and then click on Labels. Next, click the Create a Label button and the Microsoft 365 portal will open the New Sensitivity Label screen, which you can see in Figure 1.
Figure 1. You will need to begin by assigning a name to the label that you are creating.
As you can see in the figure, the first thing that you will have to do is to assign a name and description to the label that you are creating. You can also assign a color to the label if you like. For example, if you were creating a label for restricted content, then you might make the label red.
Another thing that you can do on this screen is to assign a label priority. This is useful in situations in which you have created multiple labels and need to determine which label will take precedence in the event of a conflict.
Click Next and you will be taken to a screen that asks you to define a scope for the label that you are creating, as shown in Figure 2. This typically means specifying the types of data that the label can apply to. For example, you might intend the label to be used for email messages, files, or even something else.
Figure 2. Choose the scope for the label that you are creating.
Click Next, and you will be taken to the Items screen. This screen lets you control how the label will be used. As you can see in Figure 3, you can use the labels to control access to resources and / or to apply custom markings to data (such as adding a watermark to a document).
[Click on image for larger view.]
Figure 3. You will need to specify how the new label should be used.
Select Control Access and then click Next. This takes you to a sub-screen where you can define the access control settings that should be associated with the label. Click the Assign Permissions link and then click Choose Permissions and select the Custom option from the drop down list. As you can see in Figure 4, there are a variety of permissions that you can select.
Figure 4. Choose the permissions to associate with the label.
To be perfectly clear, Copilot will respect the permissions that you already have in place. Your users will never see content through Copilot that they do not already have access to. Even so, privacy concerns may warrant preventing Copilot from accessing certain content. The way that you can do that using sensitivity labels is to remove the Copy and Extract Content (EXTRACT) permission. Copilot requires this permission in order to use content. In other words, you can still allow a user to view, edit, save and print a document, but if you remove copy and extract permissions, Copilot will be unable to reference the document.
Click Next, and you will be taken to a screen that asks if you want to automatically apply the label that you are creating. Click no.
When you are done, click Next and you will see a screen asking about any additional controls that you might want to put into place for teams, groups, and sites. Make any necessary selections and then click Next, followed by Create Label.
When the label is created, it is important that you make the label public so Data & More 's CoPilotProtection Platform can read it and apply it.