What is AI oversharing?
Also known as
Definition
Copilot can access anything your users can—files, emails, chats, SharePoint sites, Teams channels, OneDrive folders. If someone has permission to open it, Copilot can index it and surface it in an AI-generated response. That's by design. The problem is that "technically has permission" and "should actually see this" aren't always the same thing.
AI oversharing happens when that gap gets exposed. Content that was always accessible but practically buried in an old SharePoint site, a forgotten shared drive, a public team nobody manages, suddenly becomes discoverable. The AI didn't create the exposure. It just made existing permissions impossible to ignore.
tip
Before rolling out any AI tool, review who has access to what. Permissions that were fine before AI are the same permissions those tools will use. Fix the access, then enable the tool.
Why it matters
When an AI tool surfaces content, it surfaces everything the user has permission to see, including what they technically have access to but were never meant to find. That gap between technical access and business intent is AI oversharing. According to ShareGate's own research, 29% of organizations report that AI tools have already surfaced sensitive data that shouldn't have been accessible.
Here's why it matters across your Microsoft 365 work:
- Migration: Oversharing in the source tenant moves into the target. AI tools enabled in the new environment will surface that inherited exposure.
- Governance & security: Sensitive content that was always technically accessible becomes discoverable. That's a data exposure risk and it grows with every user who has an AI tool and too much access.
- AI readiness: 93% of IT leaders say they're confident in their AI governance, yet 29% have already had an exposure incident. That gap is the AI readiness problem.
What we see out there
No visibility.
Copilot adoption is growing but most organizations don't have a clear picture of what users can actually access. The rollout happens. The exposure follows.
Already using AI tools.
Staff are using free AI tools before IT has a governance plan in place. The access risks are already there. The visibility isn't.
Frequently asked questions
Does Copilot change permissions?
No. Copilot works within existing Microsoft 365 permissions. It can only surface content a user is already authorized to access. It doesn't grant new access or bypass controls. The problem is that existing access is often broader than anyone intended and Copilot makes that easier to discover.
What content is at risk?
Any content that's broadly accessible but shouldn't be—old project files on public SharePoint sites, sensitive documents shared via "anyone with the link," Teams channels set to public, or content in groups like "Everyone" or "All Company." If a user can access it, Copilot can surface it. That's the lens to use when assessing risk.
How do sensitivity labels help?
Sensitivity labels applied through Microsoft Purview can restrict what Copilot processes. When encryption is applied to a labeled item, users need both VIEW and EXTRACT rights for Copilot to interact with it. Labels also help Copilot understand what's sensitive but only if they're applied consistently. Ungoverned or unlabeled content is still reachable.
What should IT review before enabling Copilot?
Start with what's broadly accessible: public teams, "Anyone with the link" sharing, EEEU permissions, and externally shared content. Then look at inactive workspaces and sites still holding sensitive data. Sensitivity label coverage is also worth assessing—unlabeled sensitive content has no protection layer for Copilot to honor. Focus on the highest-exposure areas first, not a full cleanup before you start.


