Microsoft turned on Copilot flex routing by default on April 17. Your data may now leave the EU.

Linas Valiukas By Linas Valiukas
Microsoft Copilot GDPR EU Data Boundary NIS2 DORA data privacy European businesses SMBs

On April 17, 2026, Microsoft flipped a setting called flex routing to on by default for Copilot tenants in the EU and EFTA. If you run a small business in Lithuania, Germany, or anywhere else in the bloc, and you pay for Microsoft 365 Copilot, this means your prompts, emails, and the files Copilot pulls into context can now be processed on servers in the United States, Canada, or Australia whenever Microsoft’s European GPUs hit capacity. The files themselves are still stored inside the EU Data Boundary. The AI processing over them isn’t.

You didn’t agree to this. Microsoft published Message Center post MC1269223 on April 3, gave admins two weeks, and flipped the switch. Anyone who hasn’t opened their tenant’s admin center since Easter is already running with flex routing on.

The fix is a single setting. The compliance question is more interesting.

The one-paragraph version

Flex routing lets Copilot send your inference workload outside the EU when EU capacity is saturated. The bundle that leaves isn’t just your prompt; it’s the retrieval-augmented generation package that Copilot assembles — your prompt, relevant emails from Outlook, SharePoint documents the model grounds on, metadata, the system prompt. Microsoft says the transfer is encrypted in transit and at rest. It also says “limited pseudonymized data” may be stored outside the EU for “security and operational purposes,” and doesn’t define what that phrase means. Three Avanade analysts — Danny de Vries, Hakim van der Maas, and Robbert Berghuis — read that as session IDs, usage timestamps, and behavioral data, which is enough to reconstruct user profiles. Microsoft hasn’t pushed back on that reading.

That’s the whole change. One feature, one toggle, two continents of legal follow-on.

How to turn it off (90 seconds)

If you have an AI Administrator role on your Microsoft 365 tenant:

  1. Sign in to the Microsoft 365 admin center.
  2. Open Copilot, then Settings, then View all. The setting you want is called “Flex routing during peak load periods” (occasionally labeled “Flexible inferencing during peak load periods” depending on when Microsoft’s UI strings synced).
  3. Pick Do not allow flex routing.

Microsoft says the setting propagates across your tenant in about a week. If you run Dynamics 365, Power Platform, or Copilot Studio on top of M365, the Power Platform admin center inherits the same setting, but you should open it and confirm. If the Power Platform copilots were already restricted more tightly, that more restrictive setting wins.

If you don’t see the toggle at all, you’re on a multi-geo SKU. The setting isn’t exposed there. Microsoft’s own docs confirm that. You can’t opt out of flex routing on multi-geo through the UI — you’d have to talk to your account manager.

What actually leaves the EU when flex routing fires

Inference, in a Copilot workload, means assembling a payload and shipping it to the model.

When you ask Copilot in Word to “rewrite this in a friendlier tone,” or ask Copilot Chat “what did the invoices from Acme Corp look like last quarter,” Copilot builds a payload that looks roughly like this: your prompt, a system prompt (Microsoft’s instructions to the model), retrieved context (the documents, emails, and calendar entries the model needs to answer), and metadata (which user, which tenant, which SKU). That payload is what gets sent to whichever LLM endpoint is available. With flex routing off, the endpoint is always in an EU datacenter. With flex routing on, it can be in Virginia, Toronto, or Sydney during peak load.

The RAG package is a transient slice of your business data, not a deep copy of SharePoint. For most compliance officers, that distinction doesn’t matter. Under GDPR Article 44, transferring personal data to a third country is a transfer whether or not you keep a permanent copy there.

Data at rest — the SharePoint site itself, the Exchange mailbox, the OneDrive folders — stays in the EU. Microsoft is clear about that. The question is whether “rest” is the bar you actually care about.

Why this matters for an SMB (not just a multinational)

The instinct for a small business is to assume this is a problem for enterprise compliance teams and ignore it. That instinct is wrong, for three reasons worth naming concretely.

Start with GDPR. If your Copilot workflow ever touches personal data — a customer’s name in an email you asked Copilot to summarize, a patient’s address in a document Copilot drafted, an employee’s salary in a spreadsheet you asked Copilot to analyze — you’re now responsible for a cross-border transfer under Article 44. Microsoft covers the legal mechanism with Standard Contractual Clauses. But the clauses require your own documentation: a DPIA, a record of processing, an updated privacy notice if the transfer wasn’t disclosed before. Flex routing changed the answer to “where is this data processed?” without changing any of your paperwork. You have to update it yourself.

NIS2 is the second reason, and the one most owners underestimate. If you’re classified as an essential or important entity — and the scope is broader than most owners realize, covering managed IT service providers, some logistics firms, some healthcare providers, digital infrastructure — you have to be able to demonstrate you know where your data is processed and have deliberately consented to it. A setting that activates without your action doesn’t clear that bar. The Dutch MSP Universal Cloud flagged this specifically: “Organizations under NIS2 or DORA must be able to demonstrate they know where data is processed and have consciously agreed to it. A setting that activates without your action doesn’t fit that requirement.”

Then there’s DORA, which kicked in January 2025 and covers financial services. If you’re a fintech, a payment processor, an insurer, or even a bookkeeper whose clients are financial institutions, DORA demands tight oversight of your third-party ICT providers, including sub-processors and geographic processing. Flex routing added three new processing jurisdictions to your Copilot stack overnight. Your Register of Information now says something different than it said on April 16.

For a five-person accounting firm in Vilnius, the honest answer is probably that you don’t have a DPIA on file, your Register of Information doesn’t exist, and nobody is going to audit you next week. The risk isn’t that the Lithuanian data protection authority (Valstybinė duomenų apsaugos inspekcija) sends you a fine letter on Monday. The risk is that a client asks you a pointed question about where their data is processed, and the honest answer changed on a Friday you didn’t notice.

The rollout mess

I want to call out one thing that makes this harder than it should be. Microsoft issued two Message Center posts about this change, not one.

MC1269223 says flex routing is on by default. MC1269219 — which a handful of EU tenants are seeing instead — says it’s off by default. SCHNEIDER IT MANAGEMENT in Luxembourg documented this after Microsoft told the Dutch tech site Tweakers that large commercial organizations, education customers, and public sector tenants might get the opt-in version. Nobody has published the classification rules. Dutch tenants have been reporting MC1269219 as the version they received, while plenty of other EU tenants never saw it at all.

If you can’t tell which state your tenant is in, go check. Open the admin center, navigate to the toggle, and look. Don’t trust the default. Microsoft isn’t consistent about which default you got.

”Limited pseudonymized data” is doing a lot of work in that sentence

Microsoft repeats one phrase across the entire rollout: “limited pseudonymized data may be stored outside the EU Data Boundary for security and operational purposes.” Nowhere in the official documentation does Microsoft say what that data actually contains.

The Avanade analysts I mentioned above read it as session IDs, timestamps, and behavioral telemetry. Under GDPR, pseudonymized data is still personal data — Article 4(5) is explicit about that — which means the purpose-limitation and proportionality obligations still apply. If Microsoft is retaining pseudonymous usage logs outside the EU indefinitely, that’s a separate transfer from the inference workload itself, and it happens all the time, not just during peak load.

I don’t have access to Microsoft’s internal telemetry schema and neither do you. But when a Fortune 10 vendor uses the phrase “for security and operational purposes” to justify a permanent extraterritorial data flow, the legal team’s job is to read that phrase as expansively as the vendor’s lawyers drafted it. Which is expansively.

The CLOUD Act asterisk that outlasts flex routing

Even if you turn flex routing off, your Copilot data is still processed by a US company. The US CLOUD Act gives US law enforcement the power to compel Microsoft to hand over data regardless of where it’s stored — including EU-stored data — under certain conditions. EU courts have wrestled with this since Schrems II in 2020, and the unsatisfying answer is that Standard Contractual Clauses paper over the conflict without fully resolving it.

On the r/BuyFromEU thread where Proton announced the flex routing change to 4,400 upvotes, the top-voted comment on this exact point was from a user named weirdposts: “I don’t think the location is relevant to data protection in any way, as long as it’s a U.S. company. Even the US government has access anywhere due to CLOUD Act.” The reply with 59 upvotes, from schubidubiduba: “Doesn’t even have to be a US company. In theory, any company doing business in the US has to comply with the CLOUD Act.”

Flex routing didn’t create this. It made the underlying problem harder to ignore. If you turn off flex routing and assume your Copilot data is now safely inside the EU, you’re one subpoena away from finding out you were wrong. For most SMBs, the probability of being named in a US subpoena is small. For anyone with customers the US government considers interesting, it isn’t.

I’ve written before about the three tiers of privacy choice: a local Mac Mini running a self-hosted model, a cloud AI provider, or a dedicated GPU server somewhere in between. The CLOUD Act is the reason the local tier exists as an option at all. If the location of processing genuinely matters for your business, whether from sector rules, client contracts, or your own risk tolerance, Copilot on a US vendor’s infrastructure is not the right product. Flex routing toggle or no flex routing toggle.

What I’d do this week if I ran a service business in the EU

In order of what pays back fastest:

Open the admin center, turn flex routing off, screenshot the setting, and save the screenshot in whatever folder you keep compliance artifacts. That’s the five-minute job. Do it today.

If you run a sector where clients are going to ask — law firm, accountancy, anything handling medical data, any fintech — write a one-paragraph note to your biggest three clients saying what the setting is, when you changed it, and what you’re doing about the underlying CLOUD Act question. You don’t need to have a complete answer; you need to have a clearer answer than your competitor does. Most firms won’t send the note at all, which is exactly why sending it is worth something.

Open your Register of Processing Activities (or create one, if you don’t have one — the Lithuanian DPA publishes a template) and add a line for Microsoft Copilot. Note the processing locations: “EU Data Boundary (default), with Do Not Allow Flex Routing enforced.” If you go back and forth later, you update that line. The Register isn’t there to impress auditors. It’s there so a year from now, when you can’t remember what you decided, you can look it up.

Audit what you let Copilot actually see. Copilot grounds on whatever data the user who invokes it can access. If one employee can see the full HR spreadsheet and they use Copilot, Copilot’s retrieval system can pull salaries into a prompt. Tightening SharePoint and Exchange permissions is the single most effective privacy action most SMBs can take this year, flex routing aside.

If you’re serious about reducing US exposure, start evaluating alternatives. Mistral AI is the French vendor most EU-native shops are testing; its smaller models run on a Mac Mini and its hosted API is a Paris-based alternative to the big three. Proton Business runs its AI stack inside the EU and built its product line specifically for the sovereignty use case. Schleswig-Holstein moved 80% of its public workforce off Microsoft entirely and saved roughly EUR 15 million a year in license fees starting in 2026. Your accountancy, your dental practice, your auto shop probably isn’t going to migrate in a week. But the arguments for starting to build a parallel track just got louder, and the tools to do it are better than they were six months ago.

The honest read

Flex routing is not, in the grand scheme, the worst thing Microsoft has done to European data sovereignty. The bigger issue is the shift in default behavior. Ella-Louise Jain pointed out at Changepilot that when Anthropic was first wired into Copilot as a subprocessor, Microsoft shipped the setting off by default for EU and EFTA tenants. Flex routing breaks that pattern. When the vendor stops making conservative defaults, every Message Center post becomes a potential compliance problem. That’s a lot of Message Center posts to read, for a small business that has never hired an IT admin.

The specific fix for flex routing is ninety seconds. The general fix — a habit of checking your admin center weekly, reading Message Center notices when they arrive, and having a plan for when Microsoft changes something else you weren’t expecting — is the part most SMBs skip. I’d skip it too, in your position.

Which is why I’d argue for the Lithuanian answer: pick one workload that genuinely can’t leave the EU — the one with the most sensitive client data, the one where you’d be embarrassed to explain to a client where it lives — and move it off Copilot to a self-hosted setup. Keep Copilot for everything else. You don’t have to rebuild your whole stack on April 22. You have to stop assuming Microsoft’s defaults are aligned with your jurisdiction. After April 17, that assumption is expensive.

If you want to talk about which workload that should be for your specific business, that’s what I do. The pricing page has the shape of the engagement. The first conversation is free and doesn’t involve me opening your admin center, only describing what’s in it.

The EU AI Act deadline is four months out. The August 2026 checklist is still worth running. Flex routing just moved one line of it from “plan later” to “do this week.”

Book a free call. I'll tell you exactly what I'd automate first, what hardware you need, and what the whole thing costs. No surprises.

Book a free call