Microsoft Enterprise AI Services Code of Conduct

This Microsoft Enterprise AI Services Code of Conduct (“Code of Conduct”) defines the requirements that all customers of Microsoft AI Services must adhere to in good faith. “Microsoft AI Service” means an Online Service or feature thereof that uses artificial intelligence technologies, including Microsoft Generative AI Services (as defined in the Microsoft Product Terms (“Product Terms”), and including Azure OpenAI Service and Microsoft 365 Copilot).

This Code of Conduct unifies and replaces the previous codes for Microsoft Generative AI Services, Azure AI Vision Face API, and Azure AI Speech text to speech. This Code of Conduct differs from earlier codes of conduct in structure and phrasing, and it is designed to better align with emerging AI regulations (e.g., EU AI Act).

This Code of Conduct applies in addition to the Microsoft Product Terms, including the Acceptable Use Policy. Any capitalized terms not otherwise defined in this Code of Conduct will have the meaning given to them in the applicable Microsoft agreement(s) under which customers purchase the Online Service.

Responsible AI Requirements

Customers must ensure that all of their applications built with Microsoft AI Services:

1. Implement technical and operational measures to detect fraudulent user behavior in account creation and during use.
2. Implement strong technical limits on inputs and outputs to reduce the likelihood of misuse beyond the application's intended purpose.
3. Disclose that the output is generated by AI, including the synthetic nature of generated voices, images, and/or videos, such that users are not likely to be deceived or duped – or able to deceive or dupe others – into believing they are interacting with a real person or that any generated content is authentic or, without their consent, attributable to a specific individual.
4. Are tested thoroughly, continuously, and are subject to human oversight so customers can find and mitigate undesirable behaviors.
5. Establish feedback channels that allow users to report abuse or issues and ensure reasonable responses to feedback that is received.
6. Implement additional scenario-specific mitigations, as appropriate, to ensure responsible use of the Microsoft AI Service, including meaningful human oversight.
7. Provide all necessary notices and obtain all necessary consents as required by applicable law for both the customer and Microsoft to process data, including third-party data, as part of a customer’s use of the Microsoft AI Service.
8. Implement robust security and access control measures, including protecting the Microsoft AI Service resource permissions and having strong user authentication mechanisms.

Usage Restrictions

Customers, users, and applications built with Microsoft AI Services must NOT use the services:

1. In any way that is inconsistent with this Code of Conduct;
2. In any manner that can inflict harm on individuals, organizations, or society;
3. To affect individuals in any way that is otherwise prohibited by law or regulation;
4. To generate, present alongside, monetize, or interact with content prohibited in this Code of Conduct;
5. To make decisions without appropriate human oversight as part of an application that may have a consequential impact on any individual’s legal position, financial position, life opportunities, employment opportunities, or human rights, or may result in physical or psychological harm to an individual;
6. To deceive or intentionally misinform (e.g., false advertising), or deploy subliminal techniques (e.g., visual, auditory, or other signals beyond a normal person’s range of perception) with the intent to manipulate or distort the behavior of a person in a way that causes harm, including through unsolicited phone calls, bulk communications, posts, or messages;
7. To exploit any of the vulnerabilities of a person due to their age, disability, or a specific socio- or economic situation, with the objective, or the effect, of materially distorting the behavior of that person or a person belonging to that group in a manner that causes or is reasonably likely to cause that person or another person significant harm;
8. For social scoring or predictive profiling that would lead to discriminatory, unfair, biased, detrimental, unfavorable, or harmful treatment of certain persons or groups of persons;
9. For the assessment of criminality risk of natural persons based solely on the profiling of a natural person or on assessing their personality traits and characteristics. This prohibition shall not apply to AI systems used to support the human assessment of the involvement of a person in a criminal activity, which is already based on objective and verifiable facts directly linked to a criminal activity;
10. Based on their biometric data, to categorize people or to deduce or infer their race, political opinions, trade union membership, religious or philosophical beliefs, or sex life or sexual orientation, except for any labelling or filtering of lawfully acquired biometric datasets, such as images, based on biometric data or categorizing of biometric data in the area of law enforcement;
11. To infer people’s sensitive attributes (e.g., gender, race, nationality, religion, or specific age), which does not include age range, position of mouth (e.g., smile or frown), and hair color; or infer sensitive information about people without their explicit consent unless used in a lawful manner by a law enforcement, government entity, court, or government official subject to judicial oversight in a jurisdiction that maintains a fair and independent judiciary;
12. To attempt to infer people’s emotional states from their physical, physiological, or behavioral characteristics (e.g., facial expressions, facial movements, or speech patterns), including inferring emotions such as anger, disgust, happiness, sadness, surprise, fear, or other terms commonly used to describe a person’s emotional state;
13. For creating chatbots that (i) are erotic, romantic, or used for erotic or romantic purposes or (ii) are personas of specific people without their explicit consent; or to enable end users to create their own chatbots without oversight;
14. To create or expand facial recognition databases through the untargeted scraping of facial images from the internet or CCTV footage;
15. Except to the extent customers are approved by Microsoft for modified content filtering, to identify or verify individual identities based on people's faces, voices, or other physical, physiological, or behavioral characteristics;
16. For unlawful tracking, surveillance, stalking, or harassment of a person;
17. For ongoing surveillance or real-time or near real-time identification or persistent tracking of the individual using any of their personal data, including biometric data, without the individual’s valid consent;
18. For facial recognition purposes (including identification or verification of individual identities) by or for a state or local police department in the United States;
19. For any real-time facial recognition technology on mobile cameras used by any law enforcement globally to attempt to identify individuals in uncontrolled, "in the wild" environments, which includes (without limitation) police officers on patrol using body-worn or dash-mounted cameras using facial recognition technology to attempt to identify individuals present in a database of suspects or prior inmates;
20. To detect content credentials or other provenance methods, marks, or signals ("AI Content Credentials") with the purpose of removing or altering them; or
21. To impersonate any person without explicit and valid consent including to gain information or privileges, and Microsoft AI Services must not be used to simulate the voice or image of politicians or government officials, even with their consent.

Content Requirements

Microsoft prohibits the use of Microsoft AI Services for processing, generating, classifying, or filtering content in ways that can inflict harm on individuals, organizations, or society, including but not limited to use of the service for purposes in conflict with this Code of Conduct or the Microsoft Product Terms.

All content released through a customer’s use, or integration, of any Microsoft AI Service must be originally created by the publisher, appropriately licensed from the third-party rights holder, used as permitted by the rights holder, or used as otherwise permitted by law. It is the customer’s sole responsibility to ensure that customers have appropriate rights to all content input to the Microsoft AI Service (e.g. generated speech and associated metadata).

These content requirements apply to the use of features of, and the output of, all Microsoft AI Services. This includes, but is not limited to, use of features of Azure OpenAI Service and all content provided as input to or generated as output from all models available in Azure OpenAI Service. These requirements also apply to the use of Azure AI Content Safety, including features such as custom categories, and to all content provided as input to the service and content generated as output from the service regardless of content filter settings.

Exploitation and abuse

Child sexual exploitation and abuse

Microsoft prohibits content that describes, features, or promotes child sexual exploitation or abuse, whether or not prohibited by law. This includes sexual content involving a child or that sexualizes a child.

Grooming

Microsoft prohibits content that describes or is used for the purposes of grooming children. Grooming is the act of an adult building a relationship with a child for the purposes of exploitation, especially sexual exploitation. This includes communicating with a child for the purpose of sexual exploitation, trafficking, or other forms of exploitation.

Non-consensual intimate content

Microsoft prohibits content that describes, features, or promotes non-consensual intimate activity whether or not it is sexually explicit.

Sexual solicitation

Microsoft prohibits content that describes, features, promotes, or is used for, purposes of solicitation of commercial sexual activity and sexual services. This includes encouragement and coordination of real sexual activity.

Trafficking

Microsoft prohibits content describing or used for purposes of human trafficking. This includes the recruitment of individuals, facilitation of transport, and payment for, and the promotion of, exploitation of people such as forced labor, domestic servitude, sexual slavery, forced marriages, and forced medical procedures.

Sexually explicit content

Microsoft prohibits content that is erotic, pornographic, or otherwise sexually explicit, as well as the use of Microsoft AI Services in applications that are sexually explicit. This includes sexually suggestive content, depictions of sexual activity, and fetish content.

Suicide and self-injury

Microsoft prohibits content that describes, praises, supports, promotes, glorifies, encourages, and/or instructs individual(s) on self-injury or to take their life.

Violent content and conduct

Graphic violence and gore

Microsoft prohibits content that describes, features, or promotes graphic violence or gore.

Terrorism and violent extremism

Microsoft prohibits content that depicts an act of terrorism; praises, or supports a terrorist organization, terrorist actor, or violent terrorist ideology; encourages terrorist activities; offers aid to terrorist organizations or terrorist causes; or aids in recruitment to a terrorist organization.

Violent threats, incitement, and glorification of violence

Microsoft prohibits content advocating or promoting violence toward others through violent threats or incitement.

Harmful content

Hate speech, harassment and discrimination

Microsoft prohibits content that attacks, denigrates, threatens, intimidates, degrades, insults, targets, or excludes individuals or groups on the basis of traits such as actual or perceived race, ethnicity, national origin, gender, gender identity, sexual orientation, religious affiliation, age, disability status, caste, or any other characteristic that is associated with systemic prejudice or marginalization. It also prohibits the use of Microsoft AI Services to promote physical harm or other abusive behavior such as stalking, or create, incite, or disguise hate speech, discrimination, defamation, terrorism, or acts of violence.

Deception, disinformation, and inauthentic activity

Microsoft prohibits content that is intentionally deceptive and likely to adversely affect the public interest, including deceptive or untrue content relating to health, safety, election integrity, or civic participation. Microsoft also prohibits inauthentic interactions, such as fake accounts, automated inauthentic activity, impersonation to gain unauthorized information or privileges, and claims to be from any person, company, government body, or entity without explicit permission to make that representation.

Active malware or exploits

Microsoft prohibits content that supports unlawful active attacks or malware campaigns that cause technical harms, such as delivering malicious executables, organizing denial of service attacks, or managing command and control servers.

Additional content policies

Microsoft prohibits the use of Microsoft AI Services for scenarios in which the AI system is likely to generate undesired content due to limitations in the models or scenarios in which the system cannot be applied in a way that mitigates potential negative consequences to people and society. Without limiting the foregoing restriction, Microsoft reserves the right to revise and expand the above Content Requirements to address specific harms to people and society.

Microsoft may at times limit the services' ability to respond to particular topics, such as probing for personal data or seeking opinions on sensitive topics or current events, even if not prohibited by this Code of Conduct.

Limited Access Services

Limited Access Services require registration and are only available to approved customers and partners. “Limited Access Service” means an Online Service that requires registration and is subject to limitations on access and use based on Microsoft’s eligibility and use criteria as outlined in the Limited Access Services Product Terms.

Use of a Limited Access Service must comply with the Limited Access Services Product Terms. To learn more, see Limited Access Services Documentation.

Limited exception

Customers are permitted to provide, generate, classify, collect, and filter content in ways that would otherwise violate this Code of Conduct solely (1) to evaluate, train, fine-tune, and improve safety systems and applications for the customer’s use to the extent permitted by the Microsoft Product Terms, (2) to evaluate and test Microsoft Generative AI Services to the extent permitted by the Penetration Testing Rules of Engagement, and 3) to fine-tune models for use to prevent customers from generating content inconsistent with this Code of Conduct. Customers may use any resulting harmful content solely for customer internal i) evaluation and ii) reporting, and not for any other purpose. Customers remain responsible for all legal compliance relating to such content, including without limitation, retention, destruction, and reporting as necessary.

Report Abuse

If customers suspect that a Microsoft AI Service is being used in a manner that is abusive or illegal, infringes on customer rights or the rights of other people, or violates this Code of Conduct or other applicable licensing terms, please report it through the Reporting Portal immediately. The report should include the following, if possible: any service information returned as part of an API call, any information needed to verify the abuse, and any evidence of the abuse or prohibited content.

The Microsoft Product Terms prohibit customers from using any Online Service to violate the law. Customers deemed by Microsoft to have violated the Code of Conduct or the Microsoft Product Terms may lose access to the Online Service, at Microsoft’s sole discretion.

Changes to this Code of Conduct

Customers are responsible for complying with the most current Code of Conduct, which may be updated from time to time.

Additional Conduct Requirements for Specific Microsoft AI Services

Generative AI services

In addition to the requirements for all Microsoft AI Services above, the following additional conduct requirements apply for specific Microsoft Generative AI services:

Usage restrictions

Customers, users, and applications built with Microsoft Generative AI Services must NOT use the services:

• To generate content with the purpose of removing or altering AI Content Credentials that indicate that the content was generated by a Microsoft Generative AI Service; or
• To generate content with the purpose of misleading others about whether the content was generated by a Microsoft Generative AI Service.

Azure AI Content Safety

Transmitting harmful content to Azure AI Content Safety through the intended use of the service will not by itself be considered a violation of this Code of Conduct. However, Azure AI Content Safety must not be used to collect harmful content based on the categories in the “Content Requirements” section, or to classify, collect, or filter content in a way that would violate the other sections of this Code of Conduct, except as provided in the Limited Exception.

Vision and Face AI services

Use of vision or face Microsoft AI Services, such as but not limited to Face API, including integrations, must not:

• Enable end users to i) use automation to probe for weaknesses, or ii) enable customers or end users to use the customer’s application to develop derivative applications that probe for weaknesses of Face API liveness detection functionality for the purpose of bypassing facial liveness detection, also known as biometric presentation attack. Customers may attempt to recreate the attack/failure prior to reporting service failures to Microsoft (e.g., Where it is not possible to provide the exploit/failure image).

Speech and Voice AI services

When speech or voice Microsoft AI Services, including but not limited to Azure AI text to speech and its implementations, are integrated into applications that customers make available to users external to their organization (“External Users”) to deliver personalized or AI-generated voice features (“Voice Features”), customers must:

• Through a reasonable and straightforward process, allow External Users to opt out and remove their voice from (a) the voice model training data (“VMTD”), (b) the voice model, and (c) the Voice Features at any time;
• Implement technical controls to ensure that External Users cannot use pre-existing recordings as VMTD for the Voice Features and, instead, must generate dynamic recording scripts for External Users to read each time they record VMTD within the specific application that includes the Voice Features;
• Inform External Users via clear and prominent disclosures, or require each External User to accept terms and conditions that bind them to the following, before submitting any VMTD, creating a voice model, or using the Voice Features:
  • How customers, the voice models, and the Voice Features will: (a) use, process, delete and retain recordings of External User’s voices as VMTD, (b) create voice models from External User’s VMTD, and (c) generate output audio based on those voice models;
  • What External Users may and may not do with the voice models and Voice Features, including a clear description of use case restrictions and limitations on output content;
  • Each External User may create voice models based only on their own voice;
  • External Users must record their VMTD in their application, and may not use any pre-existing recordings as VMTD;
  • External Users must consent to terms satisfying all relevant legal requirements that provide adequate rights to the customer and Microsoft for: (a) recording and use of their voice for the subject synthetic voice model training and use within the scope of the applicable approved use case, and (b) all associated data processing, storage, and use;
  • External Users must agree to give verbal consent for voice model training by recording a Microsoft-provided acknowledgement statement and agreeing to terms that permit Microsoft to use such acknowledgement statement recording as a technical control to confirm that the voice in the acknowledgement statement recording matches the voice in the VMTD recording (the required acknowledgement statement text is available here in several languages);
  • External Users must use the voice model(s) they create exclusively for the Voice Features;
  • External Users agree to using a synthetic voice based on their voice as the feature’s output voice; and
  • External Users agree that, among other remedies available to customers and/or Microsoft under applicable law, an External User’s access to the voice models and Voice Features may be terminated immediately if they violate any of these terms, and the External User will not be entitled to any damages or other legal relief related to termination under these circumstances.

Document History

Version	Date	Summary of Changes
1.0	2/13/2025	Consolidated the following documents: Microsoft Generative AI Services Code of Conduct, Code of Conduct for Azure AI Vision Face API, and the Code of Conduct for Azure AI Speech Text to Speech; Removed redundancies