Microsoft’s online enterprise cloud platform has become the first to be approved for meeting strict European Union (EU) privacy laws by 28 EU data protection authorities.
By agreeing that Microsoft’s contractual commitments meet the EU’s model clauses, the EU privacy regulators have confirmed that personal data stored in the company’s enterprise cloud is subject to Europe’s rigorous privacy standards no matter where it is located.
The approval applies to all of Microsoft’s cloud services – specifically to Microsoft Azure, Office 365, Microsoft Dynamics CRM and Windows Intune – and enables enterprises to use Microsoft’s services to move data freely though its cloud platform from Europe to the rest of the world. However, the EU approval requires that customers execute a short, standardised addendum to their current agreements in order to take advantage of this new recognition. Microsoft has confirmed that all customers will benefit from this from 1 July.
Writing in a blog post Brad Smith, general counsel and executive vice president of legal and corporate affairs at Microsoft, highlighted the benefits this would bring to its customers.
He said that Microsoft customers will still be able to use its cloud services on a worldwide basis, regardless of whether the European Parliament’s recent plans to suspend the Safe Harbor Agreement with the US go ahead. In addition, the company’s approved contractual commitments allow customers to make global transfers, even if the existing Safe Harbor Agreement – which only covers transfers from Europe to the US – remains in place.
Smith added that Microsoft will continue to ensure it complies with the stringent obligations imposed by these contractual commitments. “Other companies talk about their commitment to comply with EU privacy law, but we’ve enshrined that commitment in our contracts,” he said. “Microsoft has done the technical and legal work to ensure our customers with European operations can legally move their data through our services. For customers who care about privacy and compliance, there is no more committed partner than Microsoft.”
In addition, Microsoft expects governments and customers to demand greater transparency and control over how customer content and personal data is protected and stored in the future.
“While we join others in our industry in calling for governments to respect the free flow of information, we also believe in putting our customers’ needs first,” Smith said. “That’s why we previously announced our commitment around implementing encryption and enabling enterprises to store their content in existing data centres in their region.”
He added: “Ultimately, customers will entrust their information to the cloud only if they have confidence that it will remain secure there. This week’s approval by the European data protection authorities is another important step in ensuring customers trust Microsoft’s cloud services.”
Share this story