Personal Data Encryption CSP

The Personal Data Encryption configuration service provider (CSP) is used by the enterprise to protect data confidentiality of PCs and devices. This CSP was added in Windows 11, version 22H2.

The following list shows the Personal Data Encryption configuration service provider nodes:

EnablePersonalDataEncryption

Scope Editions Applicable OS
❌ Device
✅ User
❌ Pro
✅ Enterprise
✅ Education
❌ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 22H2 [10.0.22621] and later
./User/Vendor/MSFT/PDE/EnablePersonalDataEncryption

Allows the Admin to enable Personal Data Encryption. Set to '1' to set this policy.

The UserDataProtectionManager Class public API allows the applications running as the user to encrypt data as soon as this policy is enabled. However, prerequisites must be met for Personal Data Encryption to be enabled.

Description framework properties:

Property name Property value
Format int
Access Type Add, Delete, Get, Replace

Allowed values:

Value Description
0 Disable Personal Data Encryption.
1 Enable Personal Data Encryption.

Status

Scope Editions Applicable OS
❌ Device
✅ User
❌ Pro
✅ Enterprise
✅ Education
❌ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 22H2 [10.0.22621] and later
./User/Vendor/MSFT/PDE/Status

Reports the current status of Personal Data Encryption for the user.

  • If prerequisites of Personal Data Encryption aren't met, then the status will be 0.
  • If all prerequisites are met for Personal Data Encryption, then Personal Data Encryption will be enabled and status will be 1.

Description framework properties:

Property name Property value
Format node
Access Type Get

Status/PersonalDataEncryptionStatus

Scope Editions Applicable OS
❌ Device
✅ User
❌ Pro
✅ Enterprise
✅ Education
❌ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 22H2 [10.0.22621] and later
./User/Vendor/MSFT/PDE/Status/PersonalDataEncryptionStatus

This node reports the current state of Personal Data Encryption for a user. '0' means disabled. '1' means enabled.

Description framework properties:

Property name Property value
Format int
Access Type Get

Configuration service provider reference