Microsoft doubles down — governance headaches follow

Microsoft is turning Copilot from a chatbot into a coworker that can reschedule meetings, send emails, build documents, post in Microsoft Teams, and manage files after you approve the plan inside Microsoft 365. Microsoft put that feature, called Copilot Cowork, into its Frontier preview program on March 30, 2026, after first introducing it on March 9. (microsoft.com) The pitch is simple: instead of asking artificial intelligence for a draft, you ask it for an outcome, and it keeps working in the background across Outlook, Teams, Excel, and other Microsoft 365 apps until the task is done. Microsoft says Cowork uses “Work IQ,” which means it pulls context from your emails, meetings, messages, files, and business data to build that plan. (microsoft.com) Microsoft is also upgrading the research side of Copilot, not just the action side. Its Researcher agent inside Microsoft 365 Copilot can already combine web sources with a worker’s files, emails, meetings, and chats, and Microsoft added new “Critique” and “Council” capabilities on March 30, 2026 to make those reports more accurate and more deeply reviewed. (learn.microsoft.com) (techcommunity.microsoft.com) That sounds efficient until you picture what the system actually needs to do. A tool that can answer from one document is one thing; a tool that can read across calendars, inboxes, chats, slide decks, spreadsheets, and meeting notes starts acting more like an employee with a master key. (learn.microsoft.com) (microsoft.com) Microsoft says those Copilot prompts, responses, and Microsoft Graph data are covered by the same privacy, security, and compliance commitments as Microsoft 365, and it says customer prompts and responses are not used to train foundation models. Microsoft also says Copilot respects the permissions a worker already has inside the company. (learn.microsoft.com 1) (learn.microsoft.com 2) The trouble starts when those promises meet geography. Microsoft published new “flex routing” rules for European Union and European Free Trade Association customers that let large language model processing happen outside the European Union Data Boundary during peak demand, and that setting is on by default for eligible new tenants created after March 25, 2026. (learn.microsoft.com) Microsoft says stored data stays inside the European Union Data Boundary, except for limited pseudonymized data kept outside for security and operations, but it also says prompts, responses, and grounding data may be processed outside Europe in the United States, Canada, and Australia when flex routing is allowed. For a bank, hospital, or public agency, that is not a small footnote; that is the difference between “inside our control zone” and “processed somewhere else when the system gets busy.” (learn.microsoft.com 1) (learn.microsoft.com 2) There is another wrinkle in Microsoft’s own documentation: Anthropic models inside Microsoft 365 Copilot are covered by Microsoft’s product terms, but Microsoft says those Anthropic models are out of scope for the European Union Data Boundary and for in-country large language model processing commitments when they are available. That matters because Microsoft says Copilot Cowork brings in technology from Claude Cowork, and Researcher’s new review system uses models from Anthropic and OpenAI. (learn.microsoft.com) (microsoft.com) (techcommunity.microsoft.com) So Microsoft is widening Copilot in two directions at once. It wants the software to see more context so it can do more work, and it wants to mix more models so it can produce better answers, but each extra layer makes it harder for a company to explain exactly where data went, which model touched it, and which policy applied. (microsoft.com) (learn.microsoft.com 1) (learn.microsoft.com 2) Investors are watching the same tension from a different angle. Microsoft reported fiscal second quarter 2026 revenue of $81.3 billion on January 28, 2026, with Microsoft Cloud revenue above $50 billion and commercial remaining performance obligation at $625 billion, but the company is still under pressure to show that huge artificial intelligence infrastructure spending turns into durable Copilot revenue. (microsoft.com) (microsoft.com) That is why this fight is less about demos than defaults. If Copilot only drafts low-risk emails, companies can live with some ambiguity, but if Copilot starts moving meetings, touching files, and pulling research across the whole business, every privacy officer, compliance team, and procurement lawyer will ask the same blunt question: exactly what data crossed exactly which border under exactly whose approval. (support.microsoft.com) (learn.microsoft.com)