{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreihwej4h63ap4iluzbwwc6235il5iaxccpdufknduhwid5pm7hyswm",
    "uri": "at://did:plc:zylzg43ub3o2cpkwycctcwhu/app.bsky.feed.post/3mf6v62sryfw2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreiguuewvji4hgambrzju2hxcjhlo52ev224xjjoomnltcqxh357yze"
    },
    "mimeType": "image/jpeg",
    "size": 34500
  },
  "path": "/2026/02/18/copilot-bug-is-a-big-deal-for-confidentiality-but-not-that-big/",
  "publishedAt": "2026-02-19T03:09:06.000Z",
  "site": "https://mikemcbride365.com",
  "tags": [
    "Copilot",
    "Bug",
    "DLP",
    "Privacy",
    "Copilot Bug is a Big Deal for Confidentiality, But Not That Big",
    "Mike McBride on M365"
  ],
  "textContent": "Here's why this is such a big problem. Microsoft recommends blocking Copilot from accessing sensitive information in emails, meetings, documents, and related content by assigning a label to those items and creating a DLP policy that defines the block. This bug renders the system unusable for the affected emails. You simply can't provide a governance tool that doesn't deliver the governance it claims to provide. It's a bad look, Microsoft. It doesn't help build customer trust.\n\nNo, Copilot did not make these emails public or access private information and make it non-private. It accessed information in response to your prompt that it should ignore. That creates a risk that many users might assume does not exist. That is a significant issue, but it's not equivalent to a data breach. There is another check in place before data leaks out: the end user.\n\nThe post Copilot Bug is a Big Deal for Confidentiality, But Not That Big first appeared on Mike McBride on M365.",
  "title": "Copilot Bug is a Big Deal for Confidentiality, But Not That Big"
}