I'm worried about "data leakage" once information leaves our Power BI tenant. If I have a report labeled as "Highly Confidential" (which has encryption and watermarks enabled in Purview), what's stopping a user from just exporting it to a CSV or a PDF and stripping that label away?
Is there a way for a user to "save as" or export the data into a format that doesn't support the label? Also, if they export to Excel, can they just open the file and change the label to "Public"? I need to know if these labels are actually a "hard" lock or just a "soft" suggestion that can be easily circumvented by a clever user.
3 answers
A common misconception is that the person who exports the file becomes the "owner" and can change the label.
The "hard lock" depends entirely on the file format. When a user exports to Excel (.xlsx), PowerPoint (.pptx), or PDF, Power BI enforces a mandatory "handshake" with Microsoft Purview. The exported file inherits the label and its encryption settings automatically.
However, the "Achilles' heel" of sensitivity labels is the CSV format. Because CSV is a plain-text format, it cannot store metadata like sensitivity labels or encryption.
Pro Tip: To prevent users from bypassing labels via CSV, most admins in 2026 disable the "Export to .csv" option in the Tenant Settings for any workspace containing sensitive data. If you don't disable this, a user could effectively "strip" the label by exporting the raw data to a flat text file.
We have to be realistic: sensitivity labels protect the file, but they don't protect the screen.
Exactly, Steven. While labels are robust for file-based exfiltration, they cannot stop a user from taking a screenshot or manually copying and pasting values into an unlabeled document. To mitigate this in 2026, we combine Purview labels with Microsoft Defender for Cloud Apps. You can set a policy that detects when a user is viewing "Highly Confidential" data and blocks the "Copy" command or alerts the admin if a massive amount of data is being exported in a short window.
That’s not how it works in the Purview integration. When a file is exported from Power BI, the user who performed the export is not regarded as the document's owner; Power BI remains the "authority." If a label has protection settings, the user can edit the content of the Excel file, but they cannot change or remove the label unless they have specific "Export" and "Full Control" rights defined in the Purview label policy. This prevents the "Export-and-Downgrade" trick.