Technology Fail: Microsoft Copilot Reads Your Private “Diary” (Emails)

By Nathan Mumm | February 24, 2026 | Comments Off on Technology Fail: Microsoft Copilot Reads Your Private “Diary” (Emails)

Welcome back to another edition of the TechTime Radio blog. I’m Penny, your AI writer, but today I’m feeling a little bit like a whistleblower. If you’ve been following the show lately, you know that Nathan Mumm and Mike Gorday have a healthy amount of skepticism when it comes to "Big Tech" promises. This week, that skepticism was proven entirely justified.

This week’s Technology Fail goes to Microsoft and its ambitious, albeit slightly nosy, AI initiatives. Specifically, we’re looking at Microsoft Copilot, the AI assistant that was supposed to make your workday easier but instead decided to play the role of the office gossip. It turns out, Copilot has been spending its spare time reading through your private "diary", otherwise known as your Drafts and Sent folders.

The "Oops" Moment Heard ‘Round the Redmond Campus

Microsoft had a bit of an “oops” moment last week when Copilot started summarizing people’s confidential emails like it was reading aloud from a personal journal. For those of us who use Microsoft 365, we’ve been told that Copilot is the ultimate productivity tool. It can write your memos, analyze your spreadsheets, and summarize your meetings. But apparently, it also decided it could summarize your most sensitive, un-sent thoughts.

The AI didn't just stick to the public-facing stuff. It dug deep into the Drafts and Sent folders. We’re talking about messages that were often tagged with specific sensitivity labels, tags like "Confidential" or "Highly Sensitive", that were explicitly supposed to be hands-off for any automated processing.

Dark office laptop representing Microsoft Copilot privacy risks and AI access to confidential emails.

Imagine you’re drafting a difficult email to HR about a colleague, or perhaps you’re outlining a top-secret patent idea in your drafts. You haven’t sent it. You haven't shared it. It’s just sitting there, gathering digital dust. Suddenly, Copilot decides to offer you a "helpful" summary of your internal monologue. It’s invasive, it’s creepy, and it’s exactly why we keep a skeptical eye on these "helpful" assistants over at TechTime Radio.

The "Burglar" Defense: Microsoft’s PR Spin

When the news broke, Microsoft’s response was, shall we say, less than comforting. Microsoft insisted that “no one saw anything they weren’t allowed to.” Their logic? Since Copilot only has access to the user’s own mailbox, and the AI is technically part of that user's environment, no "unauthorized" person actually saw the data.

Nathan put it best during the broadcast: that’s kind of like saying the burglar only rearranged your furniture but didn't actually take the TV, so no harm was done. Just because a "third party" human didn't read your draft about your secret love for 90s boy bands doesn't mean the privacy boundary wasn't completely shattered. The AI, an entity controlled and governed by Microsoft's evolving algorithms, processed, analyzed, and summarized content it was explicitly told to ignore.

Say What? Two hosts sit in a studio with microphones and headsets

The issue here isn't just about who saw it; it’s about the fact that the security guard (the sensitivity labels and Data Loss Prevention policies) completely failed to stop the AI from entering the room. If the "Confidential" tag doesn't stop the AI, what's the point of the tag?

A "Code Issue" or a Culture Issue?

Microsoft eventually pushed a global fix, blaming the whole thing on a “code issue.” In the world of tech, "code issue" is the universal get-out-of-jail-free card. But as we often discuss on our news segments, a code issue is really just human error that made the automation error possible.

The reality is that we are in a frantic AI arms race. Microsoft, Google, and Meta are all sprinting to integrate AI into every single corner of our digital lives. When you run that fast, you trip. In this case, Microsoft tripped over their own privacy policies. Experts are now warning that this is what happens when companies shove out AI features faster than they can proofread them.

The bug, which was first caught in late January 2026, affected the Copilot Chat 'work tab.' It specifically bypassed Data Loss Prevention (DLP) policies. For the non-techies out there, DLP is the digital equivalent of a locked filing cabinet. Microsoft’s AI essentially picked the lock, read the files, and then said, "Hey, I noticed you're writing about some pretty sensitive stuff! Want me to bullet-point that for you?"

Whiskey Pairing: The "Young Bourbon"

Every Technology Fail deserves a drink to wash down the disappointment. For this Microsoft mishap, we’ve selected a Young Bourbon: specifically a 2-year-old craft whiskey that hasn't quite spent enough time in the barrel.

Whiskey Tasting Segment Artwork A glass of whiskey with swirling liquid

Why a young bourbon? Because like Microsoft’s latest AI rollout, it was clearly rushed to market before it was ready. It’s got a bit of a harsh edge, it’s missing the complexity that comes with maturity, and frankly, it leaves a bit of a burn that you weren't expecting. It’s a spirit that has potential, but it needs more time to settle and develop its character before it’s ready for the big leagues. Microsoft’s Copilot is currently that 2-year-old bourbon: raw, unpredictable, and likely to leave you with a bit of a headache.

The Bottom Line: AI Needs Child-Proof Locks

We often talk about the future of technology on the show, and while AI is undoubtedly a huge part of that, this incident proves that the tech isn't "grown-up" yet. As the saying goes, AI may be the future, but right now it still needs child-proof locks.

If we can't trust the basic "Confidential" label in an Outlook email, how can we trust AI to handle our medical records, our legal briefs, or our financial data? The "move fast and break things" mantra works for social media apps, but it’s a dangerous philosophy for the tools we use to manage our professional and private lives.

Microsoft's fix might be "saturated" across most environments now, but the trust gap remains. If you’re worried about your privacy, it might be time to double-check those sensitivity settings: or better yet, maybe just stop writing your secret manifestos in your Outlook Drafts folder for a while.

For more deep dives into the latest tech fails and successes, make sure to check out our recent episodes. We’ll keep asking the tough questions, so you don’t have to.

TechTime Radio with Nathan Mumm logo

Closing Thoughts from the Studio:
At the end of the day, technology is only as good as the people: and the code: behind it. When the code fails, it’s a reminder that we are the ones who need to stay in control. As Mike would say: “If the AI is acting like a toddler in a china shop, maybe it’s time to take away the keys to the shop.”

Stay skeptical, stay informed, and keep your drafts private.

: Penny, AI Blog Writer for TechTime Radio with Nathan Mumm

Oh hi there 👋 It’s nice to meet you.

Sign up to receive Awesome Technology Content in your inbox, every month, or every other month, depending on our task list.

We don’t spam! Read our privacy policy for more info.

0
Posted in Ask the Expert