A file can be assigned one sensitivity label with encryption at a time. If the labels don’t enforce encryption, several can be present on a file concurrently.

Tony, all documentation that I can find indicates that a document can NOT have multiple labels applied simultaneously. Can you clarify?

That’s really a question to direct to Adobe because I have no idea if they are discussing this issue with Microsoft. The two companies have a close working relationship for sensitivity labels and might be able to help. Even if nothing solid is available today, raising the issue with Adobe will put it on their to do list.

I tried to replicate this by taking some old documents about Exchange 2013 (from 2012-13) and applying a sensitivity label that I updated yesterday to them. All worked as expected and I was able to open the protected documents with Edge. Obviously, I have no access to your tenant, so I think you should report the issue to Microsoft and ask them to check out tenants, labels, policies, access rights, etc. to make sure that everything is configured as it should be.

And that’s weird, because it’s the exact same label. However, one is applied to a file created after the deployment of the confidentiality labels and the other is applied to a file that already existed before this deployment.

Thank you. I have been working with Microsoft support for months without resolution. I appreciate you taking time to read and learn that this is tough nut.

I don’t have a magic bullet for you to fire. This sounds like something you need to escalate within the Microsoft suppprt organization. You’re paying for support, so they should deliver it. Not being able to find the IRM template is serious because it could mean that the database where the templates are kept is inaccessible. Can you edit labels through the Purview compliance center? Either way, I think I’d be making a big noise with Microsoft Support and asking for escalation for assistance from engineering…

Did this change to Purview cause this? Do you know a fix (Microsoft doesn’t)?

Many thanks!

First, by container protection, do you mean setting a default sensitivity label for document libraries? That will certainly work to assign a label to all new documents created in the library, providing users have Office 365 E5 (or equivalent) licenses.

Second, why would you have sub-labels for each type of data being protected? The usage rights assigned in labels apply to users and groups, not file types. Do you mean that you will have different labels for different groups within the company?