Gmail data loss prevention now supports “sensitive content snippets”

Gmail data loss prevention now supports “sensitive content snippets”
Tuesday, March 18, 2025

What’s changing
We recently launched data loss prevention for Gmail and, beginning today, Admins can see “Sensitive content snippets” for Gmail messages that trigger data loss prevention rules. This content is logged in the security investigation tool and admins can use the information to better identify security risks, determine whether a false positive was returned, and decide on an appropriate course of action.

Snippets are already available for DLP events for Drive, Chat, and Chrome. Visit our Help Center and our previous announcement for more information.

Getting started
Admins:

• Make sure any admins who need to review the snippets have the "view sensitive content" privilege. Only super admins have the ability to hide or unhide sensitive data from the log details.
• Visit the Help Center to learn more about preventing data leaks in email and attachments, viewing content snippets that trigger DLP rules, using Workspace DLP to prevent data loss, and the security investigation tool.
• DLP Snippets can be configured in the Admin console by going to Security > Data Protection > Data Protection Settings > Sensitive Content Storage. To view snippets in the security investigation tool, select any row from the “Description column” and scroll down to “Sensitive Content Snippets”. Here you’ll see the matched detector ID, the matched content starting character, and the matched content length.

Rollout pace

• Rapid Release and Scheduled Release domains: Full rollout (1–3 days for feature visibility) starting on March 18, 2025