Control 3.3: eDiscovery for Copilot-Generated Content

Control ID: 3.3 Pillar: Compliance & Audit Regulatory Reference: SEC 17a-4 (Preservation of Records), FINRA 4511 (Books and Records), Federal Rules of Civil Procedure (FRCP) Rules 26, 34, 37(e) Last Verified: 2026-06-05 Governance Levels: Baseline / Recommended / Regulated

---

Objective

Configure Microsoft Purview eDiscovery to search, hold, review, and export Copilot-generated content across all Microsoft 365 workloads, supporting compliance with regulatory examination requests, litigation discovery obligations, and internal investigation requirements.

Why This Matters for FSI

Financial services firms face frequent discovery obligations -- from FINRA and SEC examinations, to civil litigation, to internal compliance investigations. When Copilot is integrated into daily workflows, the universe of potentially discoverable content expands to include every Copilot interaction, every AI-generated draft, every meeting recap, and every Microsoft 365 Copilot Chat conversation.

SEC Rule 17a-4 requires that records be readily accessible and producible upon regulatory demand. SEC Rule 17a-4(j) specifically requires that broker-dealers produce records stored on electronic media in response to SEC examination requests, including AI-generated interaction records. FINRA Rule 4511 requires that books and records be made available for examination. The Federal Rules of Civil Procedure (FRCP) impose broad discovery obligations that extend to electronically stored information (ESI), including AI-generated content. FRCP Rule 26(b)(1) establishes a proportionality standard requiring that discovery be proportional to the needs of the case -- a standard that applies with particular force as the scope of discoverable Copilot content grows across an organization.

Failure to locate and produce Copilot-generated content during discovery can result in adverse inference instructions, sanctions, regulatory penalties, and reputational harm. Microsoft Purview eDiscovery provides the native capability to search across all Copilot content locations, but it requires deliberate configuration to cover the full scope of Copilot data.

Control Description

This control addresses the end-to-end eDiscovery lifecycle for Copilot content: identifying custodians and content locations, creating cases and holds, running searches across Copilot data sources, reviewing results, and exporting production-ready content.

Microsoft Purview eDiscovery Experience and Capability Tiers

Microsoft Learn currently describes three Microsoft Purview eDiscovery solutions: Content search, eDiscovery (Standard), and eDiscovery (Premium). These are capability and licensing distinctions, not separate Copilot search locations. The Purview portal presents eDiscovery through a common case-oriented experience, while role assignments and licensing determine whether reviewers can use Standard case/hold workflows or Premium custodian management, review sets, analytics, and predictive coding.

For Copilot investigations, reviewers should create or open an eDiscovery case in the Microsoft Purview portal, then add the Microsoft 365 Copilot interactions data source from Sources > Add data sources > Microsoft 365 Copilot interactions. Pair that Copilot data source with the custodian's Exchange mailbox because Microsoft documents user prompts and responses from AI applications as mailbox-stored items that are discoverable by item class.

Classic eDiscovery Retirement (August 31, 2025) and Export/Automation Changes

Microsoft retired all classic eDiscovery experiences on August 31, 2025, including classic Content search, classic eDiscovery (Standard), and classic eDiscovery (Premium). The classic standalone tools and their dedicated portals are no longer available in commercial cloud. This is a retirement of the classic experiences, not of the Content search / Standard / Premium capability and licensing tiers themselves: the current unified Microsoft Purview eDiscovery experience continues to provide Content search, eDiscovery (Standard), and eDiscovery (Premium) capabilities through a common case-oriented portal. Organizations should verify they are using the current Purview eDiscovery experience and should migrate any saved searches, holds, or runbooks that referenced the classic tools.

The key cloud-tenant export change is automation: New-ComplianceSearchAction -Export examples and export parameters are now documented as functional only in on-premises Exchange. Cloud export workflows should use the Purview portal export/download experience, eDiscovery APIs, or another Microsoft-documented workflow that has been validated for the tenant.

• Portal workflow: Run the search in the case, add responsive material to a review set when using Premium, then export from the portal using supported export options.
• Export formats: Standard exports support PST for mailbox items and native files for SharePoint/OneDrive content. Premium review workflows can support production sets and redacted PDF output. Copilot interaction exports should be validated as JSON or PST depending on the selected Microsoft workflow and requester requirements.
• Script migration action: Inventory scripts that still call New-ComplianceSearchAction -Export and replace the export step with documented portal or API procedures. Organizations should verify export chain-of-custody, format readability, and retention of export logs before relying on the updated process for examinations or litigation.

Case-Centric Access Model

Formal eDiscovery cases provide stronger access control and auditability than ad hoc searches. Use cases for Copilot investigations whenever the matter involves regulatory examinations, litigation, internal investigations, legal hold, or production.

• FSI governance impact: Case-level searches provide a clearer audit trail for FINRA and SEC examinations and allow response teams to demonstrate who created searches, reviewed results, and exported content.
• Access control: Case membership limits who can access searches and results. This is important for privileged investigations, employee conduct reviews, and matters involving material nonpublic information.

Copilot Content Locations in eDiscovery

Content Type	eDiscovery source or location	Search method / item class
Microsoft 365 Copilot interactions	Microsoft 365 Copilot interactions data source plus custodian Exchange mailbox	Item class condition: Copilot activity; KQL fallback: itemclass:IPM.SkypeTeams.Message.Copilot.*
Microsoft 365 Copilot Chat / BizChat	Exchange mailbox	itemclass:IPM.SkypeTeams.Message.Copilot.BizChat
Copilot personalization and memory	Exchange mailbox contact items	itemclass:IPM.Contact; memory must be searched separately from conversation items
Copilot Studio interactions	Exchange mailbox	itemclass:IPM.SkypeTeams.Message.Copilot.Studio.*
Teams Copilot interactions and meeting recaps	Teams messages / Exchange mailbox	itemclass:IPM.SkypeTeams.Message.Copilot.Teams
Word, Excel, PowerPoint, Outlook, OneNote, SharePoint, Whiteboard Copilot activity	Exchange mailbox plus workload storage as applicable	Workload-specific Copilot item classes such as IPM.SkypeTeams.Message.Copilot.Word, .Excel, .Powerpoint, .Outlook, .OneNote, .SharePoint, .Whiteboard
Copilot Pages and Loop content	SharePoint Embedded / Loop storage plus mailbox interaction records	Site or container search for native content; itemclass:IPM.SkypeTeams.Message.Copilot.Loop for Loop interaction records
Copilot-drafted documents and emails	SharePoint, OneDrive, Exchange mailbox	Standard file, message, author, and date conditions
Copilot audit events	Purview Audit Log	Audit log search, separate from eDiscovery content search

eDiscovery Capability Tiers in the Current Purview Experience

The current Purview experience provides a common entry point for eDiscovery work, while capabilities remain tiered:

Capability	Content search	eDiscovery (Standard)	eDiscovery (Premium)
Search across Microsoft 365 workloads	Yes	Yes	Yes
Case management	No	Yes	Yes
Legal hold	No	Yes	Yes -- with custodian and non-custodial data source management
Microsoft 365 Copilot interactions data source	Searchable by mailbox/item class	Yes	Yes
Review sets	No	No	Yes -- filtering, tagging, analytics, themes, and relevance workflows
AI-assisted review	No	No	Yes -- Premium review analytics and AI-powered relevance/theme capabilities over Microsoft Search-indexed review-set content
Export formats	PST, individual messages, native files	PST, individual messages, native files	PST, native files, production sets, redacted PDF where configured; Copilot interactions should be validated as JSON or PST for the selected workflow

For regulated FSI environments, eDiscovery (Premium) is strongly recommended for custodian management, legal hold notices, review-set analytics, AI-assisted relevance/theme review, and production capabilities.

Item-Class Search for Copilot and AI Data

Microsoft's current guidance directs reviewers to use the Item class condition and select Copilot activity when building a search for AI application data. This condition is preferred for the broadest collection because Microsoft stores user prompts and responses from supported AI applications in the user's mailbox and indexes them by item class.

Use item-class KQL only where the portal or API workflow requires a query string, and validate each query in the current Purview condition builder before relying on it for a legal or regulatory matter.

Search Microsoft 365 Copilot interactions for a specific user:

itemclass:IPM.SkypeTeams.Message.Copilot.* AND participants:user@firm.com

Search Microsoft 365 Copilot Chat / BizChat conversations containing specific terms:

itemclass:IPM.SkypeTeams.Message.Copilot.BizChat AND "portfolio rebalancing"

Search Copilot Studio interactions:

itemclass:IPM.SkypeTeams.Message.Copilot.Studio.* AND "client onboarding"

Search Copilot memory items:

itemclass:IPM.Contact AND "portfolio rebalancing"

Search Copilot Pages or Loop native content:

(filetype:fluid OR filetype:loop OR filetype:page) AND author:user@firm.com

Search, Deletion, and Memory Caveats

• Use Purview portal > eDiscovery > [case] > Sources > Add data sources > Microsoft 365 Copilot interactions to add the Copilot data source, then pair it with custodian mailboxes and relevant SharePoint/OneDrive locations.
• For broad AI data searches, start with the Item class condition and Copilot activity, then narrow by custodian, date range, keywords, and workload-specific item classes.
• If a matter requires deletion of AI data, follow the AI Data Search-and-Delete Runbook below.
• Copilot memories are stored as IPM.Contact items. Deleting a Copilot conversation or message from Microsoft Purview or eDiscovery does not delete the associated Copilot memory; memory must be searched and handled separately.

AI Data Search-and-Delete Runbook

When a matter requires deletion of Copilot or AI-generated data — such as a data spillage incident, regulatory remediation, or litigation-driven purge — organizations should follow this structured workflow. This runbook covers the end-to-end process from search through verified deletion.

Legal Coordination Required

AI data deletion is an event-response workflow that should be coordinated with legal counsel and records management. Do not proceed with deletion without documented legal authorization.

Step 1 — Identify responsive AI data by item class

Use item-class conditions to target the specific Copilot data types that require deletion:

Item Class	Data Type	When to Include
IPM.SkypeTeams.Message.Copilot.*	All Microsoft 365 Copilot interactions	Broad Copilot data collection
IPM.SkypeTeams.Message.Copilot.BizChat	Microsoft 365 Copilot Chat / BizChat	Chat-specific data spillage or remediation
IPM.SkypeTeams.Message.Copilot.Teams	Teams Copilot interactions	Teams-specific investigation
IPM.SkypeTeams.Message.Copilot.Word	Word Copilot interaction records	Document-creation investigation
IPM.SkypeTeams.Message.Copilot.Excel	Excel Copilot interaction records	Workbook-related investigation
IPM.SkypeTeams.Message.Copilot.Outlook	Outlook Copilot interaction records	Email-related investigation
IPM.SkypeTeams.Message.Copilot.Studio.*	Copilot Studio agent interactions	Custom agent investigation
IPM.Contact	Copilot personalization and memory	Memory-specific search or spillage response

Run the eDiscovery search using the Item class condition with Copilot activity in the Purview portal, then narrow by specific item classes, custodian, and date range as needed.

Step 2 — Inventory conflicting holds and retention policies

Before any deletion can proceed, identify all holds and retention policies that apply to the target mailboxes and locations:

1. In the Microsoft Purview portal, review the custodian's mailbox for active holds (eDiscovery holds, litigation holds, and retention policies)
2. Document each hold's name, scope, and owning case or policy
3. Determine whether each hold must be temporarily removed to allow deletion, or whether the hold should take precedence and block deletion
4. Obtain documented legal approval before removing any hold

Step 3 — Temporarily remove conflicting holds or retention policies

If legal counsel authorizes deletion despite existing holds:

1. Remove or exclude the target mailbox from each conflicting hold or retention policy
2. Document the exact holds removed, the removal time, and the authorizing attorney or compliance officer
3. Allow 24–48 hours for the hold removal to propagate before proceeding with deletion

Reapply Holds Promptly

Failure to reapply holds after deletion is a records-management and litigation risk. Schedule reapplication immediately after deletion verification.

Step 4 — Execute deletion using Microsoft Graph purge workflow

Microsoft documents a Search And Purge workflow that uses Microsoft Graph to delete AI application data identified through eDiscovery. Key constraints:

Constraint	Detail
10-item-per-mailbox limit	Each purge operation can remove a maximum of 10 items per mailbox. If more items require deletion, the purge must be run in multiple batches.
Role requirement	The operator must hold the Search And Purge role in Microsoft Purview
Scope	Purge targets items identified by the eDiscovery search; verify the search scope before executing
Audit trail	Each purge operation is logged in the Unified Audit Log

Execute the purge:

1. Confirm the eDiscovery search returns only the items authorized for deletion
2. Initiate the Microsoft Graph purge operation targeting the search results
3. If the target mailbox contains more than 10 responsive items, run the purge in batches of 10 until all authorized items are removed
4. Document each batch: items targeted, items deleted, operator identity, and timestamp

Step 5 — Handle Copilot memory separately

Copilot personalization and memory items (IPM.Contact) are not deleted when Copilot conversation or message items are purged. Memory must be addressed as a separate deletion step:

1. Run an itemclass:IPM.Contact search against the custodian's mailbox to identify Copilot memory items
2. Review memory items for relevance to the deletion matter
3. If memory items are in scope, execute a separate purge targeting the memory items (subject to the same 10-item-per-mailbox limit)
4. Document whether memory deletion was required, performed, or determined to be out of scope for the matter

Step 6 — Reapply holds and retention policies

After deletion is verified:

1. Reapply each hold and retention policy that was removed in Step 3
2. Verify that holds are active and properly scoped
3. Document the reapplication time and confirm that the hold gap window is recorded for legal and records management review

Step 7 — Verify and document

1. Re-run the original eDiscovery search to confirm that deleted items no longer appear in search results
2. Review the Unified Audit Log for purge operation records
3. Document the complete deletion workflow: authorization, search scope, holds removed, items deleted (by batch), memory handling, holds reapplied, and verification results
4. File the deletion record with the originating case or matter

Copilot Surface Coverage

Copilot Surface	Discoverable	Hold Supported	Export Format
Microsoft 365 Copilot interactions	Yes -- via Microsoft 365 Copilot interactions data source and mailbox item classes	Yes -- combine mailbox hold with Copilot data source hold in the case	JSON or PST, based on the selected Microsoft export workflow
Microsoft 365 Copilot Chat / BizChat	Yes -- IPM.SkypeTeams.Message.Copilot.BizChat in Exchange mailbox	Yes -- mailbox hold plus Copilot data source	PST or JSON where supported
Copilot memory	Yes -- IPM.Contact mailbox items	Yes -- mailbox hold; validate memory handling separately from conversation deletion	Contact-item export or JSON/PST workflow where supported
Word Copilot	Yes -- interaction item class plus document stored in SharePoint/OneDrive	Yes -- mailbox and site/OneDrive hold	Native format (.docx) plus interaction export
Excel Copilot	Yes -- interaction item class plus workbook stored in SharePoint/OneDrive	Yes -- mailbox and site/OneDrive hold	Native format (.xlsx) plus interaction export
PowerPoint Copilot	Yes -- interaction item class plus presentation stored in SharePoint/OneDrive	Yes -- mailbox and site/OneDrive hold	Native format (.pptx) plus interaction export
Outlook Copilot	Yes -- IPM.SkypeTeams.Message.Copilot.Outlook plus email items	Yes -- mailbox hold	EML/PST plus interaction export
Teams Copilot	Yes -- Teams item class and Teams message search	Yes -- mailbox hold for Teams compliance records plus Copilot data source	PST/HTML/CSV depending on export workflow
Copilot Pages / Loop	Yes -- SharePoint Embedded or Loop content plus IPM.SkypeTeams.Message.Copilot.Loop interactions	Yes -- hold supported when the container and mailbox are included	Native format (.page/Loop content) plus interaction export

Governance Levels

Baseline

• Verify Content search, eDiscovery (Standard), or eDiscovery (Premium) access based on the matter's required capabilities
• Confirm that Copilot interaction content appears in mailbox searches by using the Item class condition with Copilot activity
• Add Microsoft 365 Copilot interactions as a data source in test cases and pair it with custodian Exchange mailboxes
• Document Copilot interaction, memory, page, document, and audit locations in the firm's ESI data map
• Assign eDiscovery Manager and eDiscovery Administrator roles to appropriate compliance personnel
• Validate that cloud export runbooks no longer call New-ComplianceSearchAction -Export

Recommended

• Deploy eDiscovery (Premium) capabilities for matters requiring custodian management, review sets, legal hold notices, analytics, or production sets
• Create standard case templates for FINRA examinations, SEC examinations, and internal investigations
• Configure holds that cover custodian mailboxes, the Microsoft 365 Copilot interactions data source, and relevant SharePoint/OneDrive locations
• Develop and test item-class searches for Copilot activity, BizChat, Copilot Studio, workload-specific Copilot activity, and Copilot memory
• Establish a Copilot-specific eDiscovery playbook with step-by-step procedures for common requests
• Conduct quarterly eDiscovery readiness tests using realistic Copilot content scenarios
• Integrate eDiscovery workflows with the firm's legal hold notification system

Regulated

• Implement automated custodian identification and hold notification workflows in eDiscovery (Premium)
• Configure Premium review sets with filtering, tagging, analytics, AI-assisted relevance/theme review, and privilege workflows for large Copilot matters
• Establish production workflows that produce Copilot content in regulator-specified formats, including PST, native files, redacted PDF, JSON, or other agreed formats as applicable
• Maintain a standing eDiscovery case template pre-configured for rapid regulatory examination response (target: case creation to first search results within 2 hours)
• Document chain-of-custody procedures for Copilot content from search through production
• Implement privilege review workflows for Copilot content that may contain attorney-client privileged information
• Conduct annual defensibility assessments of eDiscovery processes for Copilot content
• Maintain eDiscovery process documentation sufficient for court challenge (FRCP Rule 37(e) safe harbor)

Setup & Configuration

Step 1: Assign eDiscovery Roles

1. Navigate to Microsoft Purview portal
2. Go to Roles & Scopes > Permissions
3. Assign the following roles:
   • eDiscovery Manager: Can create cases, run searches, and manage holds (assign to compliance investigators)
   • eDiscovery Administrator: Full case management including deleting cases and accessing all cases (assign to senior compliance leadership)
   • Search And Purge: Required only for approved AI-data deletion workflows using Microsoft Graph purge operations

Step 2: Create an eDiscovery Case for Copilot Content

1. Go to eDiscovery > Cases
2. Click + Create a case
3. Configure:
   • Name: [YYYY-MM] FINRA Examination - Copilot Interactions
   • Description: eDiscovery case for producing Copilot interaction records in response to FINRA examination
   • Members: Add authorized investigators

Step 3: Add Custodians, Copilot Data Sources, and Holds

1. Within the case, go to Sources > Add data sources
2. Add custodians whose Copilot content is subject to discovery and include their Exchange mailboxes
3. Add Microsoft 365 Copilot interactions as a data source for the matter
4. Add relevant non-custodial SharePoint, OneDrive, Teams, Loop, or SharePoint Embedded locations that may contain Copilot-created files, pages, notebooks, transcripts, or recaps
5. Enable hold for the custodian mailboxes, Microsoft 365 Copilot interactions data source, and relevant non-custodial locations
6. Configure hold notification if using eDiscovery (Premium)

Step 4: Run Content Search

1. Within the case, go to Searches > + New search
2. Configure search:
   • Name: Copilot-Interactions-[Custodian]-[DateRange]
   • Custodian locations: Select all held custodian locations
   • Non-custodial locations: Add any additional SharePoint, OneDrive, Loop, or SharePoint Embedded locations
   • Query: Use the Item class condition with Copilot activity for broad AI data collection; use workload-specific item classes when narrowing scope
   • Date range: Specify the date range relevant to the examination
   • Keywords: Add matter-specific client, transaction, product, or policy terms to narrow results
3. Click Submit and monitor search progress, including top locations and item-class breakdowns

Step 5: Add to Review Set and Export

1. After search completes, add results to a review set when using eDiscovery (Premium)
2. In the review set, use filtering, tagging, analytics, and AI-assisted relevance/theme review to identify responsive Copilot content
3. Tag relevant items for production and apply redactions where required by legal review
4. Export the production set from the Purview portal or a validated eDiscovery API workflow in the format required by the requesting party: PST, native files, redacted PDF, JSON, or another agreed format
5. Preserve export logs, manifests, hashes, and handler identification for chain-of-custody evidence

Financial Sector Considerations

FINRA Examination Response

FINRA examinations frequently request records of business communications, including AI-assisted communications. Pre-built eDiscovery cases with saved Copilot search queries can reduce response time from days to hours. Firms should maintain:

• A template case for FINRA Rule 8210 information requests
• Pre-configured custodian groups for registered representatives, supervisors, and compliance officers
• Standard export formats that align with FINRA's preferred production formats

SEC Examination Response

SEC examinations may request documentation of internal controls over AI usage, including records of Copilot interactions related to financial reporting, client advisory activities, and investment decision-making. SEC Rule 17a-4(j) requires production of electronically stored records in response to SEC examination requests in a form that is readable by examiners. eDiscovery cases should be structured to produce:

• Copilot interactions by specific individuals during specific time periods
• Copilot interactions related to specific clients, transactions, or investment products
• All Copilot-generated documents classified as financial records

Litigation Readiness

In civil litigation, Copilot content is discoverable ESI. FRCP Rule 26(b)(1) requires that discovery be proportional to the needs of the case, considering factors including the importance of the issues, the amount in controversy, and the parties' resources -- but proportionality does not reduce the firm's obligation to identify and preserve potentially relevant Copilot content. Firms should:

• Include Copilot content locations in their standard litigation hold procedures
• Update ESI protocols and agreements to explicitly address AI-generated content
• Prepare for opposing counsel requests that specifically target Copilot interactions
• Document Copilot content preservation capabilities for Rule 26(f) conferences

Privilege Considerations

Copilot interactions with legal counsel or Copilot-generated content involving legal analysis may be protected by attorney-client privilege. eDiscovery review workflows should include privilege review screens for Copilot content that references legal matters, compliance investigations, or attorney communications.

Verification Criteria

#	Verification Step	Expected Outcome	Governance Level
1	Run an eDiscovery search using the Item class condition with Copilot activity	Copilot interaction records appear in search results	Baseline
2	Search for IPM.SkypeTeams.Message.Copilot.BizChat by custodian and date range	Microsoft 365 Copilot Chat / BizChat records appear in mailbox results	Baseline
3	Add Microsoft 365 Copilot interactions under Sources > Add data sources	Copilot interactions data source is present alongside custodian mailbox sources	Baseline
4	Place a custodian mailbox and Copilot interactions data source on hold	Deleted Copilot interaction content is preserved in held locations	Recommended
5	Create an eDiscovery case from template	Case with pre-configured custodian groups and saved item-class searches is created within 30 minutes	Recommended
6	Export Copilot content in production format	Export file contains valid, readable Copilot interaction records in PST, JSON, native, or agreed production format	Recommended
7	Search for IPM.Contact memory items and document handling steps	Copilot memory is separately identified and not assumed to be deleted with conversations	Recommended
8	Run a mock FINRA 8210 response drill	Complete case creation, search, review, and export within 8 business hours	Regulated
9	Verify cross-workload search coverage	Search returns Copilot interaction records plus relevant Exchange, OneDrive, SharePoint, Teams, Loop, and SharePoint Embedded content	Regulated
10	Test custodian hold notification workflow	Automated hold notice is sent and acknowledged within 24 hours	Regulated
11	Verify privilege review workflow	Privileged Copilot content is flagged and excluded from production	Regulated
12	Document chain-of-custody for exported content	Export log includes hash values, timestamps, and handler identification	Regulated

Advisory: Copilot Memory in eDiscovery Scope

Search Memory Separately

Microsoft documents Copilot personalization and memory as IPM.Contact mailbox items. Deleting a Copilot conversation or message from Microsoft Purview or eDiscovery does not delete the associated Copilot memory.

eDiscovery implications for FSI:

• Content discoverability: Organizations should include IPM.Contact searches in Copilot eDiscovery procedures when memory may be responsive to FINRA 8210 requests, SEC examinations, internal investigations, or civil litigation.
• Custodian holds: When placing custodians on legal hold, organizations should confirm that mailbox holds and Copilot data source holds cover memory items or document any separate preservation steps.
• Deletion workflow: AI-data deletion is an event-response workflow that requires legal approval, Search And Purge authorization, temporary hold/retention review, Microsoft Graph purge steps, and reapplication of any required holds or retention policies.
• Data mapping: Copilot memory should be included in the organization's data map for litigation readiness. The Federal Rules of Civil Procedure Rule 26(f) conference obligations include identifying all relevant data sources, which may include Copilot memory.
• Cross-reference: Organizations should coordinate with Control 3.2 — Data Retention so memory content is addressed consistently across retention and eDiscovery procedures.

Recommended actions:

1. Test itemclass:IPM.Contact searches for custodians who use Copilot personalization or memory
2. Include Copilot memory in litigation readiness checklists and data source inventories
3. Document whether the matter requires preservation, review, export, or deletion of memory items
4. Update FINRA 8210 response procedures to address Copilot memory as a potential data source

Additional Resources

• Microsoft Purview eDiscovery solutions
• Microsoft Purview eDiscovery — notable changes (classic experiences retired August 31 2025)
• Search for and delete AI application data in eDiscovery
• Export search results from eDiscovery
• eDiscovery Premium overview
• Content search in Microsoft Purview
• Keyword queries and search conditions for eDiscovery
• FINRA Rule 8210 (Provision of Information)
• Federal Rules of Civil Procedure -- Rule 26
• Control 3.1 -- Copilot Interaction Audit Logging
• Control 3.2 -- Data Retention Policies

• Control 3.12 -- Evidence Collection and Audit Attestation

• Related Controls: 3.1 Copilot Audit Logging, 3.2 Data Retention Policies, 3.12 Evidence Collection

---

FSI Copilot Governance Framework v1.4.0 - April 2026