When a sensitivity label is used to encrypt an Office file, it is automatically registered for tracking, and previously label-protected Office files are registered the next time they are opened in an updated client. This only applies to local files. Compliance administrators can track and revoke access to registered Office files.
[When this will happen:]
Preview: We have started rolling out and expect to complete by late August.
Standard Release: We will begin rolling out late August and expect to complete by mid-September.
[How this will affect your organization:]
Admins can access the tracking and revocation functionality for all files within their organization through PowerShell.
Get-AipServiceDocumentLog provides information about the file that is tracked.
Get-AipServiceTrackingLog provides information about users that have attempted to access the file.
Set-AipServiceDocumentRevoked revokes permissions to the file.
[What you need to do to prepare:]
The Microsoft Purview Information Protection Tracking and Revocation feature will be turned on by default. To disable the feature, use the Disable-AipServiceDocumentTrackingFeature commandlet.