Microsoft outlines plans to store European cloud data in the EU

Technology companies are allowed to transfer data between the EU and the United States using standard contractual terms

Microsoft has pledged that EU commercial and public sector customers will be able to store and process most of their data within the EU by the end of 2022.

A new program called “Microsoft Cloud’s EU Data Boundary” will be applied to all of Microsoft’s core cloud services, including Azure, Dynamics 365, and Microsoft 365, said Brad Smith, president of Microsoft. Blog post..

Engineering work is currently underway to redesign the Microsoft cloud, and the company aims to complete it by the end of 2022.

This data in question includes data generated by the service or personal data for diagnostic purposes, as well as personal data that Microsoft uses to provide technical support to its customers.

The company also plans to extend technical controls such as lockboxes and customer-managed data encryption across cloud services.

Smith added that he plans to discuss data perimeter plans with EU regulators and customers in the coming months, including changes required in special circumstances such as cybersecurity.

There is a growing sense of caution about the resident data

Microsoft’s announcement comes as EU concerns about data resident issues grow and other terrorist law enforcement agencies, including the United States, reach personal data for European users.

For many years, Microsoft and other cloud service providers have standard contractual clauses (SCCs) and Privacy shield For EU-US data transfer.

In 2013, Austrian law student and privacy activist Max Schrems told the Irish Data Protection Commission (DPC) whether Facebook’s transmission of his personal data to the United States violates EU data protection laws. I asked if you would like.

Complaints revolved around that method U.S. security services have access to data for European citizens, As revealed by Edward Snowden.

However, instead of ruling on Schrem’s complaint, the DPC filed a proceeding in the Irish High Court. After a long debate, the Irish High Court referred the issue to the European Court of Justice (ECJ) for further guidance.

ECJ finally revoked the EU-US data sharing agreement called Safe Harbor in 2015. This has been replaced by the PrivacyShield framework.

Last July, ECJ Determined that the privacy shield is invalid, States that it was unable to protect the data of European users from US surveillance mechanisms. However, the ECJ has allowed cloud companies such as AWS and Google to use SCC as a legal mechanism for data transfer, with some tweaks.

According to Microsoft, the EU Data Boundary Program uses data centers in 13 countries: France, Germany, Greece, Austria, Denmark, Ireland, Italy, Norway, Spain, Poland, Switzerland, Sweden and the Netherlands.

Customers do not need to migrate their data to use the program. In addition, there are no additional costs or price changes.

“Today’s update is part of the EU’s commitment to the EU’s vision of’Europe’s adaptation to the digital age’and the role that the technology sector needs to play in helping Europe achieve its digital orientation. It’s a recognition, “says Smith.

“In addition to processing commercial and public sector customer personal data in Europe, create a privacy engineering center of excellence in Dublin, the right solution for European customers to build robust data protection for cloud workloads. Allows you to choose. To meet regulatory requirements. “

“We are committed to helping build” TechFit 4 Europe. ” “ Microsoft outlines plans to store European cloud data in the EU

Back to top button