Tell us about your PDF experience.

Copilot documentation
Learn about Microsoft Copilot, your everyday AI companion, providing AI-powered chat
for the web. Find resources to manage it for your organization.

About Microsoft Copilot

ｅ OVERVIEW

What is Copilot?

Copilot Privacy and Protections

ｃ HOW-TO GUIDE

Manage Copilot

Copilot in Edge

Copilot in Windows

Mobile

ｉ REFERENCE

Terms of use

FAQ
Overview of Microsoft Copilot
Article • 04/16/2024

What is Microsoft Copilot with commercial

data protection?
Microsoft Copilot (formerly Bing Chat Enterprise) is your everyday AI companion,
providing AI-powered chat for the web. Whether researching industry insights, analyzing
data, or looking for inspiration, Copilot gives users access to better answers, greater
efficiency, and new ways to be creative. When eligible users sign in with their work or
school accounts (Entra ID), Copilot adds commercial data protection (see more about
commercial data protection below).

Copilot provides access to powerful AI and is built on the multimodal large language
model GPT-4 and the text-to-image model DALL-E 3. It’s grounded in the Bing search
index to provide responses with the most current information and verifiable citations for
transparency. And it's designed in line with our AI principles .

Copilot is a public web service available to all users on copilot.microsoft.com ,

bing.com/chat , or through Copilot in Microsoft Edge and Copilot in Windows. Copilot
is also available through the Copilot, Bing, Edge, Microsoft Start, and Microsoft 365
mobile apps.
Commercial data protection explained
To help business and educational organizations protect corporate data, Copilot adds
commercial data protection when eligible users sign in with their work or school
accounts (Entra ID).

Commercial data protection means both user and organizational data are protected:
Prompts and responses aren't saved, Microsoft has no eyes-on access, and chat data
isn't used to train the underlying large language models. Unlike Copilot for Microsoft
365, Copilot has no access to organizational data in the Microsoft 365 Graph.

Commercial data protection applies to users with eligible work or school accounts
wherever Copilot is available.

Feature differences with commercial data

protection
When commercial data protection applies to a user’s Copilot experience, there are some
distinct feature differences from using Copilot without commercial data protection.
Some of the more prominent differences include:

Chat history: Not currently supported. Copilot doesn't retain previous chats, nor
does it make chat history available to users or the organization.
3rd-party plugins/actions: Not currently supported to prevent commercial data
from being sent to external providers.

Some of these feature differences are temporary.

Copilot hub
Microsoft offers Copilot experiences in many products, giving you AI-powered features
that deliver tailored insights and intelligent solutions in a variety of scenarios. Find
documentation, training, and other technical resources for Copilot in many Microsoft
products here.
Privacy and protections
Article • 04/23/2024

Commercial data protection

When organizations and employees use generative AI services, it's important to
understand how these services handle user and chat data. Because employee chats may
contain sensitive data, Copilot is designed to protect this information, as illustrated here:

Commercial data protection in Copilot: works like this:

Copilot uses Microsoft Entra ID (formerly known as Azure Active Directory) for
authentication and only allows users to access Copilot with commercial data
protection using their work account.
An Entra ID user's tenant and user information is removed from chat data at the
start of a chat session. This information is only used to determine if the user is
eligible for commercial data protection. Search queries triggered by prompts from
an Entra ID user aren't linked to users or organizations by Bing.
Microsoft doesn't retain prompts or responses from Entra ID users when using
Copilot. Prompts and responses are maintained for a short caching period for
runtime purposes. After the browser is closed, the chat topic is reset, or the session
times out, Microsoft discards prompts and responses.
Chat data sent to and from Copilot with commercial data protection is encrypted
in transit using a Transport Layer Security protocol (TLS 1.2+) and at rest using the
Advanced Encryption Standard (AES-128). Microsoft has no 'eyes-on' access to it.
 Because Microsoft doesn't retain prompts and responses, they can't be used as
part of a training set for the underlying large language model.
Advertising shown to Entra ID users isn't targeted based on workplace identity or
chat history.

These data protections extend to eligible Entra ID user chats in Copilot on

copilot.microsoft.com and in Bing , Edge, and Windows. They also extend to Copilot
chats in the Copilot, Bing, Edge, Microsoft Start, or Microsoft 365 mobile apps.

Chat history and reporting

When commercial data protection is enabled, Copilot doesn't support the chat history
feature. It doesn't retain chat prompts or responses.

It also offers no usage reporting or auditing capabilities to organizations. Copilot users

may, however, be subject to other types of monitoring available to IT admins in their
organization. For example, they may be subject to internal logging, device or network
logs, or other methods of monitoring on their company network or devices.

Copilot is managed in accordance with our responsible AI principles , which means we

take steps to mitigate misuse or harmful behavior and content.

Organizational data
Copilot is a generative AI service grounded in data from the public web in the Bing
search index only. It doesn't have access to organizational resources or content within
Microsoft 365, such as documents in OneDrive, emails, or other data in the Microsoft
365 Graph.

Copilot for Microsoft 365 is required if your organization wants a chat experience
grounded in work data inside your tenant boundary.

Copilot can access organizational content in the chat only when users actively provide it.
Users can allow Copilot to access their organizational content in one of three ways:

1. Users explicitly type or paste this information directly into the chat.
2. Users upload a file by selecting the paperclip icon in the lower-left corner of the
chat box. They can also drag and drop a file into the chat box. The file upload
feature is currently in preview. Learn more about uploading files here.
3. Users type a prompt into Copilot in Edge after enabling the 'Allow access to any
webpage or PDF' setting, and an intranet page is open in the browser. In this
scenario, Copilot may use this content to help answer questions.
In all cases, when commercial data is enabled, Copilot doesn't retain any of this data
after the chat session is over. Nor does it use the organizational data to train the
underlying model.

Microsoft as the data controller

Copilot is a connected service where Microsoft is the data controller. Users' prompts
leave your organization's Microsoft 365 tenant boundary to reach the Copilot service.
When commercial data protection is enabled, Microsoft doesn't retain this data beyond
a short caching period for runtime purposes. After the browser is closed, the chat topic
is reset, or the session times out, Microsoft discards all prompts and responses.

To provide chat responses, Copilot uses global data centers for processing and may
process data in the United States. Optional, Bing-backed connected experiences don't
fall under Microsoft's EU Data Boundary (EUDB) commitment. Learn more: Continuing
Data Transfers that apply to all EU Data Boundary services. They also don't fall under the
terms of the Data Protection Addendum (DPA) which requires company data to remain
inside geographic or tenant boundaries.

As a reminder, Copilot has no access to organizational data inside your tenant

boundary, and chat conversations aren't saved or used to train the underlying models.

Organizations with strict requirements that data must remain inside tenant or
geographic boundaries should instead consider Copilot for Microsoft 365 or Azure
Open AI to provide generative AI services. Copilot with commercial data protection is
intended as a more secure alternative for organizations than using consumer-oriented
generative AI services.

For more information, see Microsoft 365 Data Residency and the Microsoft Privacy
Statement .

Authentication and authorization

Commercial data protection is only available by signing in with the same Entra ID used
to access Microsoft 365 services such as SharePoint or Outlook.

GDPR
The May 21, 2018, blog post from Microsoft outlines our commitment to GDPR
compliance and how Microsoft helps businesses and other organizations meet their own
GDPR obligations. You can find more details in the Microsoft Trust Center FAQ .
Copilot aligns with GDPR principles. Customers who wish to submit a right to be
forgotten request to remove information from the Bing search index can do so here:
Bing - Request Form to Block Search Results in Europe

Advertising
Copilot occasionally shows advertisements as part of chat responses. An ad that appears
in a chat response is triggered by any queries generated by the user’s prompt, not their
workplace identity.

Advertising to Entra ID users isn't targeted, meaning no information from the user's
workplace identity is used to determine the ad that appears. Entra ID users won't be
retargeted by ads they previously interacted with in Copilot.
Manage Copilot
Article • 04/16/2024

Commercial data protection eligibility

Microsoft Copilot (formerly Bing Chat Enterprise) includes commercial data protection
for eligible users signed in with work or school accounts (Entra ID). Currently,
commercial data protection is available in Copilot for users with an eligible license:

Enterprises

Microsoft 365 E3 or E5
Microsoft 365 F1 or F3
Microsoft 365 Business Standard, Premium, or Basic
Microsoft 365 Apps for enterprise or business
Office 365 E1, E1 Plus, E3, E5, or F3

Education faculty and higher ed students (18+)

Microsoft 365 A1, A3, or A5

Office 365 A1, A3, or A5

Eligibility for students includes Student Use Benefit licenses.

Office 365 A1 Plus licenses aren't eligible due to its retirement later this year. Learn
more: Retirement Plan for the Office 365 A1 Plus | Microsoft Education .

The 'Commercial data protection for Microsoft Copilot' service plan allows IT admins to
manage whether users receive commercial data protection while using Copilot.
Commercial data protection is on by default for users with each of these licenses.

At this time, commercial data protection in Copilot isn't available for government cloud
customers or for K-12 students. Copilot will add commercial data protection to more
work and school accounts (Entra ID) over time.

Copilot is governed by the Universal License Terms for Online Services .

Managing commercial data protection using

the service plan
To receive commercial data protection, users must sign in to Copilot with their eligible
work or school account (Entra ID). Users signed in to Copilot with MSA accounts don't
receive commercial data protection.

The 'Commercial data protection for Microsoft Copilot' service plan (part number:
bing_chat_enterprise) must be enabled for your eligible users to receive commercial
data protection when they're signed in to Copilot with their work or school account
(Entra ID). The Copilot service plan is included with your eligible users' Microsoft 365
licenses. To help ensure that your users are using Copilot with commercial data
protection, the service plan is enabled by default.

PowerShell allows you to bulk assign and remove licenses for your intended users. Learn
more about how to assign Microsoft 365 licenses to user accounts with PowerShell or
how to disable access to Microsoft 365 services with PowerShell.

７ Note

Changes can take up to 48 hours to go into effect.

Managing Copilot for Microsoft 365 E3/E5

Original subscriptions
Organizations with Microsoft 365 E3 or E5 Original subscriptions purchased through an
Enterprise Agreement (EA) no longer need to use the Microsoft 365 E3 or E5 Extra
Features license to manage Microsoft Copilot for their users. Because Copilot is now
available at no additional charge to customers with a wide range of licenses,
organizations with Original subscriptions can now use the 'Commercial data protection
for Microsoft Copilot' service plan under their Office 365 license to manage Copilot for
their users.

Require commercial data protection in Copilot

Copilot makes it clear that commercial data protection is turned on by featuring a
unique design. Below the chat input, users see a message confirming 'Commercial data
protection applies to this chat.' Additionally, users see a green shield next to their user
profile icon and name at the top of the experience.

To ensure your eligible users have Copilot with commercial data protection, you must
first enable the Copilot service plan for your eligible users:
Enable the Copilot service plan: Your organization must have the service plan enabled
for your eligible users to access commercial data protection at any Copilot entry point
when signed in with an Entra ID.

Action needed: In your M365 admin center, enable the 'Commercial data protection for
Microsoft Copilot' service plan for your eligible users.

Prevent use of Copilot without commercial data protection: To prevent eligible users in
your organization from accessing Copilot without commercial data protection (formerly
Bing Chat) when signed in with their Entra ID, there are three possible solutions: 1) DNS
configuration in Windows, 2) HTTP header, or 3) Zscaler firewall. Implement whichever
solution below works best for your configuration.

７ Note

Do not attempt to manage Copilot by opening cdp.copilot.microsoft.com in a

browser. It results in an error. Instead, follow the documentation below to do a DNS
change, a header change, or a firewall change:

1. DNS configuration in Windows:

Action needed: Create DNS redirects for various Copilot entry points:

For Copilot in Bing, Copilot in Edge, and Copilot in Windows: Update your DNS
configuration by setting the DNS entry for www.bing.com to be a CNAME for
nochat.bing.com.
For copilot.microsoft.com and the Copilot mobile app: Update your DNS
configuration by setting the DNS entry for copilot.microsoft.com to be a CNAME
for cdp.copilot.microsoft.com.
For Active Directory Domain Services (AD DS): Deploy the DNS Role on a
member server. On the newly deployed DNS server, create the following Forward
Primary Zones:

Create the following CNAME records in the respective zones:

On the AD DNS server, create the following Conditional Forwarders and make AD
Integrated:

The Conditional Forwarders need to be set to use the member server DNS created at the
start:
Note: These DNS configuration solutions aren't HTTPS redirects, but rather DNS
redirects in Windows. For the first two approaches, use a CNAME rather than the
nochat.bing.com IP because the CNAME continues to work even if the IP for
nochat.bing.com changes.

2. Header solution:

Action needed: Append the following HTTP header to all outgoing requests to
www.bing.com , edgeservices.bing.com, and copilot.microsoft.com:

x-ms-entraonly-copilot: 1

3. Zscaler firewall solution:

Action needed: Use your corporate firewall to do Destination Network Address

Translation (DNAT):

For Copilot in Bing, Copilot in Edge, and Copilot in Windows: Resolve

www.bing.com and edgeservices.bing.com to DNAT IP address nochat.bing.com.
For copilot.microsoft.com and the Copilot mobile app: Resolve
copilot.microsoft.com to DNAT IP address cdp.copilot.microsoft.com.

These configurations apply only when devices are connected to your corporate network.
Copilot is a public service, like search, and remains available if accessed outside the
corporate network.

To block access to Copilot in Edge only, see the Copilot in Edge documentation.

Note: Blocking the <www.bing.com> IP could also block other Microsoft domains.

Copilot in Edge and Windows

For information on how to manage Copilot in Edge, see the Copilot in Edge
documentation.

For information on how to manage Copilot in Windows, see the Copilot in Windows
documentation.
Copilot in Edge
Article • 03/25/2024

Copilot can be accessed in the Microsoft Edge sidebar. You can ask complex questions,
find comprehensive answers, summarize information, and find inspiration—just like you
can when using Copilot in Bing. When using Copilot in Edge, you can also ask questions
based on the page content or a PDF open in the browser. In the Compose tab, you can
generate text, emails, social media posts, or ideas.

Once the Copilot service plan is enabled for a user, Copilot in Edge also supports
commercial data protection.

Enable Copilot in Edge

To use Copilot in Edge, the following steps are required:

1. The Copilot service plan must be turned on and the user must have an eligible
license.
2. The user must sign in to bing.com/chat with their Entra ID (work account).
3. The user can then access Copilot by clicking on the Copilot icon in the upper right
of the Edge browser (Ctrl+Shift+.).

Copilot in Edge features, like Chat and Compose, do support commercial data
protection. Eligible Entra ID users see the word 'Protected' at the top of the Copilot
experience in the sidebar.


Data used by Copilot in Edge
When using Copilot in Edge, people can use browsing context to answer questions.

Based on the user's prompt and their consent to share data with Microsoft, Microsoft
Edge may send relevant data to Copilot. For questions that don't need browsing
context, such as 'Help me plan a trip to Manhattan,' Edge shares the URL, page title,
user's query, and previous conversation history to help Copilot answer their question
effectively.

When the user grants permission to share page information, Microsoft Edge sends
Copilot the browsing context of a given session, the user's prompt, and previous
conversation history. This information helps Copilot to generate a meaningful response.

When commercial data protection is enabled, none of this chat information is retained
by Microsoft beyond the duration of the Copilot session.

Summarization by Copilot in Edge

Copilot in Edge can summarize the content of various documents when displayed in the
Edge browser. Currently Copilot in Edge can summarize some document types but not
others. Refer to this chart to see the current behavior of Copilot in Edge webpage
summarization for various document types. The chart will be updated when support for
summarization increases.

How Data Loss Prevention is enforced with

Copilot in Edge
Edge for Business comes with native capabilities for enforcing Data Loss Prevention
(DLP) policies. This way, your organization’s approach to preventing unauthorized data
disclosure automatically extends to Copilot in Edge. You can configure these policies
using Microsoft Purview, Intune Mobile Application Management (MAM), and Microsoft
Defender for Cloud Apps (MDA)*.

When using Copilot in Edge with DLP policies, access to protected web pages and PDFs
is restricted. As a result, a user can't copy or paste content protected by DLP policies.
Users also can't summarize protected content using Copilot in Edge, and admins can
block Copilot from receiving sensitive files through the file upload feature.

Video: See how Data Loss Prevention is enforced with Microsoft Copilot in Edge .
Check out this page to learn more about DLP policies and how they work in Edge for
Business.

*MDA is currently available in preview.

Manage Copilot in Edge

Users can modify this permission by going to Microsoft Edge > Settings > Sidebar >
App and notification settings > App specific settings > Copilot and then turning on or
off the 'Allow Microsoft to access page content' toggle.

Admins can use multiple group policy settings to manage the behavior of the Copilot in
Edge sidebar:

To allow or block Copilot in Edge from using browsing context, use the
DiscoverPageContextEnabled policy. This prevents Copilot from using webpage or
PDF content from being used to respond to prompts.
To disable Copilot in Edge entirely, use the HubsSidebarEnabled policy. Blocking
Copilot in Edge automatically blocks all Edge sidebar apps from being enabled.

Instructions for how to manage Copilot in Edge on Microsoft Edge for iOS and Android
can be found here: Manage Microsoft Edge on iOS and Android with Intune.

Copilot in Edge mobile

If the Copilot service plan is enabled for your organization, users can access it with
commercial data protection through the Edge mobile app when signed in with their
work or school accounts (Entra ID).

Edge mobile includes a dedicated Copilot button as part of its user interface. If you
would like to remove the Copilot button from the Edge mobile interface, you can use an
Intune MAM policy to remove/add it:

com.microsoft.intune.mam.managedbrowser.Chat=true (default)/false

Learn more about how to manage Microsoft Edge on iOS & Android.
Copilot in Windows
Article • 03/21/2024

Copilot in Windows adds AI to the Windows experience—AI-powered Copilot is built in

to help users find answers and get things done. Windows joins Bing and Microsoft Edge
as an additional entry point for Copilot that supports commercial data protection. You
get the same Copilot protection and functionality—such as the ability to quickly make
sense of long articles on the web, craft and polish your content, and create stunning
images—all directly within the Windows experience.

Commercial data protection in Copilot in

Windows
Copilot in Windows shares the same commercial data protection as Copilot when
accessed through Bing or Microsoft Edge. For more information on commercial data
protection in Copilot, visit Copilot Privacy and Protections.

Enable commercial data protection for Copilot

in Windows
To use Copilot with commercial data protection in Windows:

Users must have an eligible license and commercial data protection in Copilot
must be enabled.
Users must be signed in with their Microsoft Entra ID (work accounts):
Users can sign into Windows with their Microsoft Entra ID
For Active Directory users on Windows 11, a Microsoft Entra ID in the Web
Account Manager (WAM) authentication broker can be used. Microsoft Entra
IDs used with Microsoft Edge profiles and Microsoft 365 Apps would both be in
WAM.
Access Copilot by opening Copilot in Windows from the Windows taskbar.
Manage Copilot in Windows
To ensure Copilot in Windows has commercial data protection, the Copilot service plan
must be enabled for eligible users. Learn how to manage commercial data protection for
individual users here: Manage Copilot.

To manage Copilot in Windows, admins can use Microsoft Intune policy, Group Policy, or
the Microsoft 365 Admin Center. Refer to documentation found here: Manage Copilot in
Windows.
Copilot on mobile
Article • 03/27/2024

Copilot can be accessed on mobile devices so, wherever you go, you can get access to
AI-powered chat for the web to help you be more productive and creative.
The Copilot mobile application
For a dedicated Copilot experience on mobile, we recommend the Copilot mobile
application , which is available for iOS and Android . When eligible users are
signed in to the Copilot mobile application with their work or school (Entra ID) accounts,
they receive commercial data protection.

Users can also access Copilot for Microsoft 365 from the Copilot mobile application. If
users have access to both Copilot and Copilot for Microsoft 365, they're able to switch
between Web and Work scopes using a toggle at the top of the UI. Users can access
Copilot with commercial data protection when in the Web scope and can access Copilot
for Microsoft 365 when in the Work scope.

Scan to learn more:

Other mobile entry points for Copilot

Copilot can also be accessed from other Microsoft mobile applications. When eligible
users are signed in to these mobile applications with their work or school (Entra ID)
accounts, they receive commercial data protection.

Microsoft 365 mobile app

Microsoft Start mobile app
Bing mobile app

Copilot can additionally be accessed through the Edge mobile app through a native
Copilot button. For more information, see our Copilot in Edge page.

Microsoft Intune App Protection Policy

The Copilot mobile application is a supported app within Microsoft Intune for both iOS
and Android.

To learn how to create app protection policies, refer to the documentation here.
Features in Copilot
Article • 04/22/2024

Overview
Microsoft Copilot comes with a rich set of features available at no additional cost to
eligible users signed in with their Entra ID. If a user also has a Copilot for Microsoft 365
license, they get more value when using Copilot.

The following table provides feature details for Copilot when users are signed in with
their work or school accounts. The table also specifies feature differences in Copilot if
the user has a Copilot for Microsoft 365 license.

ﾉ Expand table

Without Copilot for With Copilot for Microsoft

Microsoft 365 subscription 365 subscription

General

Model GPT 4 GPT 4 & GPT 4 Turbo

Commercial data protection (must Yes Yes

be an eligible user signed in with an
Entra ID)

Total Chats 300 chats/day Unlimited

Chat turns 30 turns/chat Unlimited

Priority access to new models No Yes

Conversation modes

Balanced 2,000 characters/message 2,000 characters/message

Creative 4,000 characters/message 4,000 characters/message

Precise 4,000 characters/message 4,000 characters/message

Designer

Model DALL-E 3 DALL-E 3

Image generation 15 boosts/day 100 boosts/day*

File upload (preview)

 Without Copilot for With Copilot for Microsoft
Microsoft 365 subscription 365 subscription

Uploads 5/day Unlimited (2 GB

uploads/day)

File size limit per upload 1 MB 10 MB

Supported file types File formats supported by File formats supported by

Copilot Copilot

Notebook

Character limit 18,000 characters 18,000 characters

*Increase to 100 boosts/day planned for May 2024

Feature descriptions
Copilot is constantly evolving to bring new capabilities to your AI-powered chat
experience. We occasionally introduce new features to limited sets of users in test flights
to ensure their optimal performance before we release them more widely. Some
features may be in preview flights.

Notebook
Notebook is a new way to interact with the generative AI models powering Copilot—
beyond chat, Notebook is like an enhanced scratch pad that lets you fine-tune your
prompts.

Notebook allows for longer prompts and lets you iterate and refine your prompt over
time to get the response you’re looking for. These capabilities make it especially useful
for tasks like generating code or developing a piece of writing.

Users can access the Notebook feature in the Copilot header UI on

copilot.microsoft.com and Copilot in Bing (bing.com/chat). Commercial data protection
applies for eligible users while using Notebook—it has no storage feature and poses no
risk of leaking organizational data. We plan to continue to refine Notebook and add
new capabilities over time.

Notebook isn't currently configurable by admins.

File upload (preview)

To upload a file, a user can select the paperclip icon in the lower-left corner of the chat
box or drag and drop a file into the chat box. After upload, the file content is treated as
if the user had copy/pasted it directly into the chat. Uploaded file contents can then be
used for summarization, grounding answers, and referencing in chat.

The file upload feature also allows users to submit a file containing programming code
or scripts, which Copilot can then analyze in subsequent prompts. Copilot supports a
wide range of programming languages, including Python, JavaScript, Java, C, C++, C#,
Ruby, Swift, Go, PHP, Pearl, R, and many more. It supports markup languages like HTML,
CSS, Markdown, LaTeX, and others. A full list of file types supported is available here .

Per commercial data protection promises, the uploaded file and its contents aren't saved
nor used to train the model. If a file is protected by an organization’s Data Loss
Prevention (DLP) policies, a user may be unable to upload it. Learn more about DLP in
Edge.

The file upload feature is currently released to a limited set of users in a test flight,
though we expect to release it more widely soon. The current file size limit is 1 MB and a
given user is limited to five uploads per day. Users with a Copilot for Microsoft 365
license have a file size limit of 10 MB and unlimited uploads (up to 2 GB total per day).
Copilot can support the file formats listed here: File formats supported by Copilot .

File upload isn't currently configurable by admins.

Designer in Copilot
Designer in Copilot lets you create AI-generated images from text descriptions of the
images you have in mind. A feature called 'boosts' supercharges Designer, giving users
accelerated AI image creation, editing, and resizing for even more creative flexibility.
You’re limited to a fixed number of boosts per day. If you run out of boosts, they
replenish in a day.

If you’re signed in with a personal Microsoft account, boosts make image creation
faster. If you run out of boosts, you can still create images, but they may take
longer to generate until boosts replenish.
If you’re signed in with a work or school account and have Copilot with commercial
data protection, you use boosts whenever you create images. If you run out of
boosts while signed in with a work or school account, you can no longer create
images until boosts replenish 24 hours later.

Copilot users signed in with their work or school accounts get 15 boosts per day. Users
with a Copilot for Microsoft 365 license will soon get an increase from 15 boosts per day
to 100 boosts per day.

Designer in Copilot isn't currently configurable by admins.

Frequently asked questions about
Copilot
Article • 04/16/2024

Availability
What is Copilot?

Copilot is the new name for Bing Chat and Bing Chat Enterprise, and it's now generally
available. For the time being, the names Copilot and Bing Chat Enterprise may be used
interchangeably as various parts of the experience transition to the new name. It's
accessible from copilot.microsoft.com , Bing.com/chat , Edge, and Windows. It’s also
available through the Copilot, Bing, Edge, Microsoft Start, and Microsoft 365 mobile
apps. Eligible users who sign in to Copilot with Entra ID get commercial data protection.

Which Microsoft 365 licenses are eligible for Copilot with commercial data protection
at no additional cost?

Customers with these licenses are eligible for commercial data protection in Copilot at
no additional cost:

Enterprises

Microsoft 365 E3 or E5
Microsoft 365 F1 or F3
Microsoft 365 Business Standard, Premium, or Basic
Microsoft 365 Apps for enterprise or business
Office 365 E1, E1 Plus, E3, E5, or F3

Education faculty and higher ed students (18+)

Microsoft 365 A1, A3, or A5

Office 365 A1, A3, or A5

Eligibility for students includes Student Use Benefit licenses.

Office 365 A1 Plus licenses aren't eligible due to its retirement later this year. Learn
more: Retirement Plan for the Office 365 A1 Plus | Microsoft Education .

Commercial data protection in Copilot is not yet available for government cloud
customers or for K-12 students. We'll add eligibility for commercial data protection to
more Entra ID users over time.
Where is Copilot available?

Copilot is available in over 160 regions. It isn't available in China (excluding Hong Kong
SAR, Macau SAR, and Taiwan) and Russia, but both the Simplified Chinese and Russian
languages are supported.

Can I use Copilot with any browser?

Copilot supports Microsoft Edge (desktop and mobile) and other major non-Microsoft
browsers like Chrome, Firefox, and Safari.

Is Copilot accessible via API?

No, we don't offer an API.

I heard that commercial data protection for Copilot is offered as a standalone product
for non-eligible users for $5/user/month. Is that still available?

We recently announced our plan to expand the availability of commercial data

protection for Copilot to even more Entra ID users over time at no additional cost.
Because of this planned expansion, the standalone offering is no longer available.

Privacy and security

Can IT admins monitor or audit Entra ID activity or usage in Copilot? Can they see my
search history?

No, these actions aren't currently supported. Microsoft doesn't provide tools for IT
admins to access chat history, nor do we retain chat history in Copilot when used with
commercial data protection. However, Entra ID users of Copilot with commercial data
protection may be subject to other methods of monitoring by IT admins on their
company network or devices.

Since Copilot is built on OpenAI's ChatGPT model, does Copilot share any information
with OpenAI?

No, all chat data is processed by Microsoft. Additionally, Copilot with commercial data
protection doesn't retain your chat data and it isn't used to train the underlying large
language models.

Does Copilot with commercial data protection work with Bing SafeSearch settings?

Yes, Copilot works with all Bing SafeSearch settings, including Strict.
How will my employees know they have commercial data protection when using
Copilot?

Eligible employees using Copilot with commercial data protection must sign in to
copilot.microsoft.com using their Entra ID (work or school account). When commercial
data protection is turned on, Copilot features a unique design. Above the chat input box
and on top of every chat answer, users see a message confirming 'Your personal and
company data are protected in this chat.' Additionally, users see 'Protected' next to their
user profile icon and name at the top of the experience.

Does Copilot fall under the terms of the Data Protection Addendum (DPA)?

No. The DPA requires company data to remain inside geographic or tenant boundaries.
Copilot uses global data centers for processing and may process data in the United
States.

How can I prevent sensitive internal content from being summarized using Copilot in
Microsoft Edge for Business?

Edge for Business comes with native capabilities for enforcing Data Loss Prevention
(DLP) policies. This way, your organization’s approach to preventing unauthorized data
disclosure automatically extends to Copilot in Edge.

When using Copilot in Edge, Edge enforces DLP policies from Purview, Intune Mobile
Application Management (MAM), and Microsoft Defender for Cloud Apps (MDA)*, which
helps prevent data from being scraped. As a result, a user can't copy or paste content
protected by DLP policies. Users also can't summarize protected content using Copilot
in Edge, and admins can block Copilot from receiving sensitive files through the file
upload feature.

To learn more about what document types can be summarized with Copilot in Edge and
additional data protections in Edge, check out documentation about Copilot in Edge
webpage summarization behavior.

*MDA is currently available in preview.

Copilot vs. Copilot for Microsoft 365

What are the differences between Copilot and Copilot for Microsoft 365?

Copilot is a generative AI service grounded in data from the public web in the Bing
search index only. It doesn't have access to organizational resources or content within
the Microsoft 365 Graph, such as documents in OneDrive, emails, or other data, even
when commercial data protection is turned on.
Copilot for Microsoft 365 adds three things:

1. Access to data within the Microsoft 365 Graph in your tenant.

2. Prompts and responses are processed entirely within your Microsoft 365 service
boundary, along with other Microsoft 365-specific security, compliance, and
privacy features.
3. Access to this generative AI capability from Microsoft 365 applications like Teams,
Outlook, and Word.

Can Copilot with commercial data protection access data within my Microsoft 365 or
Azure tenant?

No.

Managing access
How can I ensure that people in my network who use Copilot and Microsoft 365 Chat
in Bing have access to commercial data protection?

To avoid leaks of proprietary or sensitive internal data, admins can make configurations
in the Copilot service plan to require their eligible users to always have commercial data
protection in Copilot. These configurations apply when people access Copilot through
Bing, Edge, Windows, copilot.microsoft.com, or the Copilot mobile app. Microsoft 365
Chat in Bing also includes commercial data protection.

To require commercial data protection for Copilot and maintain access to Microsoft 365
Chat in Bing, follow the instructions here: Require commercial data protection.

What IPs do I need to allow in my network for Copilot to work?

For Copilot to work, you need to allowlist the following IPs:

*.bing.com
port 443 for sydney.bing.com and s.copilot.microsoft.com
allow WebSocket connections to sydney.bing.com:443 and
s.copilot.microsoft.com:443

Check access to required ports via a test connection, for example: Test-NetConnection
sydney.bing.com -Port 443

How can I manage commercial data protection in Copilot for specific users and
groups in my organization?
A Copilot service plan (part name: bing_chat_enterprise) is included with eligible
Microsoft 365 licenses in the Microsoft 365 admin center. Admins should use this service
plan to manage commercial data protection for specific users and groups of Copilot.

To learn about implementing commercial data protection for Copilot at the user level,
see Manage Copilot.

Outside of using the Copilot service plan to manage access for students, what else is
recommended to prepare education institutions for Copilot?

Controls in the Microsoft Admin Center allow you to validate your school type and apply
age group classifications to your users. For more information, please see Managing
Copilot (formerly Bing Chat Enterprise) access for Faculty and Higher Education 18+
students .

My organization has Microsoft 365 E3 and/or E5 ‘Original’ subscriptions. How do I

manage access to Copilot with commercial data protection for these users?

Organizations with Microsoft 365 E3 or E5 'Original' subscriptions no longer need to

use the Microsoft 365 E3 or E5 Extra Features license to manage Microsoft Copilot for
their users. Because Copilot is now available at no additional charge to customers with a
greater range of licenses, organizations with Original subscriptions can now use the
‘Commercial data protection for Microsoft Copilot’ service plan under their Office 365
license to manage Copilot for their users.

Refer to our Manage Copilot documentation for instructions on how to turn on

commercial data protection for Copilot.

Can I turn on commercial data protection for Copilot for my 'Original' Microsoft 365
SKU users, but not the other features in the 'Microsoft 365 Extra Features' license?

Yes. To do so, you need to remove the service plans for the features you don't want to
provision. See how to disable access to Microsoft 365 services with PowerShell.

You can learn more about what is included in the Extra Features license here.

If my company blocked access to adult content by implementing SafeSearch with a

proxy redirect, will Copilot still be accessible to users in my organization?

Yes. If your organization implemented SafeSearch with a proxy redirect, you still have
access to Copilot with commercial data protection.

I turned off Microsoft Search in Bing for my organization. Why are my users still
seeing Copilot with commercial data protection?
Users in tenants with Microsoft Search in Bing turned off are able to sign in to Bing with
their work or school account and access Copilot with commercial data protection.
Turning off Microsoft Search in Bing doesn't turn off Copilot or its commercial data
protection. To turn off Copilot with commercial data protection, see our Manage Copilot
documentation.

Can I manage Image Creator from Microsoft Designer (formerly Bing Image Creator)
or Visual Search within Copilot?

Controls for Image Creator from Microsoft Designer and Visual Search aren't available.

Prompts
What's a prompt? What makes a good one?

A prompt is simply how you ask Copilot to do something for you. It can be short and
simple or longer and more detailed. All it really needs is a clear goal to deliver helpful
results, but the more details and direction you provide, the better Copilot can meet your
needs.

Visit the Copilot Lab to learn more about prompts. There, you'll find tips on creating
effective prompts, a collection of sample prompts that you can edit to make your own,
and much more.

Using Copilot for work or education

What kinds of things can employees do at work with Copilot?

Copilot can help employees quickly generate content, analyze or compare data,
summarize documents, learn new skills, write code, and much more. Eligible users also
receive commercial data protection when they signed in with their work account (Entra
ID).

For example, Copilot can help them:

Understand the implications of a decision: 'What are the pros and cons of offline
marketing strategies?' or 'How can I measure the success of my offline marketing
campaign?'
Learn new skills: 'What are the top five things I should know when managing a
large project?' and 'What is agile project management and how does it differ from
waterfall?'
 Analyze data: 'If we're forecasting 7% EPS growth this coming quarter, how does
our internal forecast compare with EPS growth in the top US public CPG
companies?'
Summarize a work PDFs open in Edge: 'Recap the findings of this internal
cybersecurity report and the top three concerns' or 'What are best practices for
addressing these kinds of security issues?'
Write better code faster: 'Write a regular expression in Python that matches email
addresses' or 'How can I use the unittest module to write test units for my Python
code?'
Plan a business trip: 'Where should I stay in Manhattan that has a good running
path close by?'
Generate social media content: 'Use this messaging framework to generate five
social media posts describing its value to healthcare workers.'

What kinds of things can educators do with Copilot?

Copilot can help educators generate content, conduct research, learn new skills, and
much more. Eligible users also receive commercial data protection when signed in with
their school account (Entra ID).

For example, Copilot can help educators:

Personalize learning: 'Generate a reading passage sample for my third grade class
about the ocean, include three versions for Lexile levels 420L to 650L, 520L to 820L,
740L to 940L.'
Plan a lesson: 'Create lesson plans on the Kinematics unit for my AP Physics class.
Include the relevant learning objectives, materials, and activities' or 'Create a one-
hour lesson plan for introducing genetics in biology class to middle school
students.'
Brainstorm: 'List 20 unique project ideas for my secondary school European history
class.'
Tutor: 'Create 30 French vocabulary flashcards for a college student in an
intermediate French class.'
Summarize a PDF open in Edge: 'Recap the findings of this flipped classroom
research paper and list three recommendations and three challenges.'
Improve efficiency: 'Create a lesson plan for linear combination for my linear
algebra class with a 10-question multiple choice quiz.'
Communicate: 'Draft an email to parents asking for their support to volunteer in
the classroom this year.'
Analyze: 'Act as an elementary school schedule design expert, review the schedule
to identify problems and suggest changes that provide additional planning time
for educators.'
What kinds of things can college students do with Copilot?

Copilot can help students in college and grad school take better notes, refine their study
habits, sharpen their writing skills, and even manage stress or focus on their work.
Beginning in early February, eligible students in higher educational institutions also
receive commercial data protection when signed in with their school account (Entra ID).

For example, Copilot can help higher ed students:

Improve the way they study: 'Give me a quiz to see what I remember about
enzyme kinetics for biochemistry' or 'If I paste in my syllabus, can you help me
develop a study plan?' or 'Ask me questions to help me study for my upcoming
computer science exam.'
Take better and more efficient notes: 'Summarize the latest World Trade Report
from the WTO' or 'If I paste in my lecture notes, can you identify the key ideas and
give me some mnemonics to help me remember each topic?'
Improve their writing: 'If I paste in a draft of my essay, can you help me revise it?'
or 'Help me brainstorm for an essay on Okun's law for my macroeconomics
course.'
Manage stress: 'How can I track my progress this semester and adjust my plans as
needed?' or 'If I list all the things I need to do this week, can you help me break
them down into manageable tasks?'
Focus on their work: 'Ask me questions to help you generate a plan to help me
focus this semester' or 'If I give you my schedule this semester, can you suggest
ways to help me focus?'

I need help getting my users started on Copilot. What should I do next?

Visit our Copilot page on Microsoft Adoption to download our Copilot End User
Adoption Kit for your organization. This kit is meant to assist you in your end-to-end
Copilot adoption journey. It includes a tip sheet with five tips for making the most of
Copilot with commercial data protection. It also has instructions for IT admins, a user
training deck, and two customizable emails to send out to your organization. We're
continually updating this adoption kit to provide more resources.

What's the best way to verify the accuracy of information provided by Copilot?

Copilot answers complex questions by distilling information from multiple web sources
into a single response. Copilot provides linked citations to these answers so the user can
further explore and research as they would with traditional search.

How does translation in Copilot work?

Copilot uses the large language model (LLM) for translation, not any external service.
Note: If the chat response provides a source for translation, this is a hallucination.

Copilot can perform translations in all languages supported by Bing—no public list is
available at this time. No data is stored in the LLM when Copilot performs a translation.
Content is translated through language processing and adheres to the same commercial
data protection promises as other chats.

Features
How does file upload work in Copilot?

Users can upload various types of files into the chat box, where they can then be
summarized, referenced, or used in other helpful ways. The file upload feature isn't
currently configurable by admins. Learn more about uploading files on our Features
page here.

What are boosts?

Boosts are a key part of the Copilot feature called Designer. They help you create AI
images better and faster than ever. Boosts aren't currently configurable by admins.
Learn more about boosts and Designer on our Features page here.

What is Notebook? Can admins manage access to it?

Notebook is a new way to interact with the generative AI models powering Copilot.
Beyond chat, Notebook is like an enhanced scratch pad that lets you fine-tune your
prompts. Notebook isn't currently configurable by admins. Learn more about Notebook
on our Features page here.

Advertising
Are there advertisements in Copilot when commercial data protection is turned on?

Copilot occasionally shows advertisements as part of chat responses. An ad that appears

in a chat response is triggered by any queries generated by the user's prompt. When
commercial data protection is enabled, advertising in Copilot isn't targeted, meaning no
information from the user's workplace identity is used to determine the ads that appear.
Entra ID users of Copilot won't be retargeted by ads they previously interacted with in
Copilot chats.

User interface
What are the changes in the updated Copilot user interface?

Starting February 7, 2024, the Microsoft Copilot user interface (UI) began updating to a
more streamlined look and feel based on user feedback. The updated UI makes it easier
to follow the flow of chats while using Copilot.

Copilot UI updates include:

A left-aligned chat experience. Users see their profile icon next to their prompts
and the Copilot icon next to Copilot’s responses.
Chat scrolls down from the top of the page (versus up from the bottom).
Simplified visuals and text for a cleaner interface.
For users signed in with their personal accounts (not work or school), suggested
prompts above the chat input box are displayed in a carousel format.

The updated Copilot UI is first appearing on copilot.microsoft.com, Copilot in Windows,

and the Copilot mobile app. Copilot in Edge and Bing, and Copilot in other mobile
application entry points will transition to the updated UI over time.

Other resources
Where can I find information about Copilot in other Microsoft products?

Microsoft offers Copilot experiences in many products, giving you AI-powered features
that deliver tailored insights and intelligent solutions in a variety of scenarios. Find
documentation, training, and other technical resources for Copilot in many Microsoft
products here.

Latest updates
How can I stay up to date on the latest Copilot feature releases and updates?

More updates can be found in Release Notes .

Still have questions or want to offer feedback?

Try the Copilot discussion page on the Tech Community hub.