Outlook Sensitivity Labels in 2026: Classify and Protect Your Emails with Microsoft Purview
Not every email is created equal. A message containing salary figures, a client contract, or a product roadmap deserves far more protection than a team lunch poll. Yet most organisations treat all email as if it were equally low-risk — until a data breach or compliance audit reveals the problem.
Microsoft Outlook's Sensitivity Labels, powered by Microsoft Purview Information Protection, give every user in your organisation the tools to classify and protect email content from the moment of composition. In 2026, with AI-powered automatic labelling now standard across enterprise Microsoft 365 plans, sensitivity labels have become a foundational part of secure email practice — not just a feature for IT departments.
What Are Sensitivity Labels?
Sensitivity labels are classifications you apply to emails (and other Microsoft 365 content) to indicate how sensitive the information is and to enforce appropriate protections automatically. Common label names include:
Public — No restrictions, content is safe to share externally
General — Internal use, no encryption required
Confidential — Limited to specific groups, may apply encryption
Highly Confidential — Strict access controls, encryption mandatory, watermarks applied
Labels are defined by your IT or compliance team in the Microsoft Purview compliance portal and deployed across your organisation. When a user applies a label, it can automatically encrypt the message, add a header or footer, restrict forwarding and printing, and apply digital rights management (DRM) policies.
Your specific label names and policies will depend on what your organisation has configured. If you do not see labels in Outlook, contact your IT administrator.
Where to Find Sensitivity Labels in Outlook
Sensitivity labels appear in the ribbon when composing a new email:
Open a new email in Outlook (New Mail or Reply).
Look for the Sensitivity button in the ribbon — it is typically in the Tags or Options group, or may appear as a shield icon.
Click the Sensitivity button to see your organisation's available labels in a dropdown menu.
Select the appropriate label for your email content.
A colour-coded banner appears at the top of your email indicating the selected label. Recipients will see this banner in the messages they receive.
In Outlook on the web (OWA) and the new Outlook for Windows in 2026, the label selector is found in the toolbar at the top of the compose window, often represented by a lock or classification icon.
Pro Tip: If you are unsure which label to apply, apply a higher classification rather than a lower one. It is easier to relax protections than to recover from a data exposure incident.
What Happens When You Apply a Label
The specific protections that activate depend on how your organisation has configured each label, but commonly:
Encryption: The email body and attachments are encrypted using Azure Rights Management. Only authorised recipients can open the content.
Do Not Forward: Recipients cannot forward, print, copy, or screenshot the email.
External sharing restrictions: Labels set to 'Confidential' may block delivery to external email addresses entirely, or prompt the sender with a warning.
Header and footer text: A visual indicator is automatically added to the email, for example 'CONFIDENTIAL — Internal Use Only.'
Audit trail: All label applications and changes are logged in Microsoft Purview for compliance purposes.
Automatic Sensitivity Labelling in 2026
In 2026, Microsoft Purview's AI-powered auto-labelling analyses the content of your emails as you write them and suggests or applies labels automatically. If your message contains patterns that match sensitive data definitions — such as credit card numbers, social security numbers, contract language, or financial figures — the system can:
Suggest a label with a banner that says 'This email may contain sensitive information. Apply label: Confidential?'
Automatically apply a label if your organisation has configured mandatory labelling policies
Override a label that is set too low for the detected content sensitivity
This AI-driven approach dramatically reduces the risk of accidental under-classification — users no longer need to remember to label every sensitive message manually.
Pro Tip: When automatic labelling suggests a label, review it before sending. Auto-labelling is highly accurate but context-dependent. A message referencing 'contract renewal' in casual conversation is different from one attaching a signed legal agreement.
Applying Labels to Attachments
When you attach a file to an email, Outlook and Office apps in 2026 automatically check whether the attachment has its own sensitivity label. If the attached document is labelled 'Highly Confidential' and your email is labelled 'General', Outlook will warn you that the email's label is lower than the attachment's, and suggest upgrading the email label to match.
This label inheritance feature is critical for preventing mismatched protections — for example, attaching a highly confidential contract to an unprotected email that could be forwarded by the recipient.
Tips for Effective Sensitivity Label Use
Make labelling a standard part of your email composition habit — choose a label before you write the body, just as you choose recipients first.
Educate your team on what each label means and the business reason behind it. Understanding the 'why' drives consistent adoption.
Use the 'Confidential – Do Not Forward' label for salary discussions, performance reviews, and legal matters involving named individuals.
When sending externally, check whether the 'Confidential' label in your organisation allows external recipients. Some configurations block delivery; others allow access-controlled sharing.
Review your sent items periodically and check that the labels applied reflect the actual sensitivity of the content.
Conclusion
Sensitivity labels in Outlook are one of the most impactful information protection features available to Microsoft 365 users in 2026 — and one of the most underused. They require no extra software, no complex setup for end users, and provide automatic, auditable, enforceable protection the moment you apply them.
The next time you compose an email with salary data, client information, or confidential strategy content, take three seconds to select the right sensitivity label. Those three seconds could prevent a data breach, a compliance violation, or a costly mistake.













