Microsoft 365: Use of the European Commission violates data protection laws

Microsoft 365: Use of the European Commission violates data protection laws

An investigation by theEuropean Data Protection Inspectorate (GEPD), presented to the public last March 8, shed light on some violations by the European Commission regarding the use of Microsoft 365 and related data protection.

As underlined by the EDPS, in fact, the “EU Regulation on the protection of personal data“. The anomalies, it seems, concern the operation of the EC regarding the transfer of personal data outside the EU and the European Economic Area (SEE).

Microsoft 365 in the EDPS’ sights: what happened?

The documentation, which refers to the data that Microsoft obtains through its suite, aims to request identical protection to information circulating within the EU. In this regard, the EDPS requests the Redmond company, by next December 9thto cease all data flows from Microsoft 365 in the event of an adjustment.

The supervisor gave an explanation of the EDPS’ work Wojciech Wiewiorowskiaccording to which “It is a duty of EU institutions and bodies to ensure that the processing of personal data within and outside the EU and EEA, including through cloud-based services, is supported by concrete data protection measures. This is essential to ensure that natural persons’ information is protected, as required by Regulation (EU) 2018/1725, whenever their data is processed by or on behalf of an EUI“.

This situation demonstrates, once again, how delicate the relationship between the EU and tech giants is. In recent months, for example, there has been a lot of talk about the Digital Markets Act, whose directives have raised quite a bit of controversy among some of the most influential companies in the world. Furthermore, the introduction of DMA will also have some consequences on users who rely on the Windows operating system.

Leave a Reply

Your email address will not be published. Required fields are marked *