The European Commission’s utilization of Microsoft software has been deemed in violation of EU privacy regulations, announced the EU privacy watchdog on Monday. Additionally, the bloc’s executive body has been criticized for failing to implement adequate safeguards concerning the transfer of personal data to non-EU countries.
The European Data Protection Supervisor (EDPS) has issued a directive for the Commission to take immediate measures to adhere to privacy regulations and cease data transfers to Microsoft and its subsidiaries in third countries lacking privacy agreements with the EU. A deadline of December 9 has been set for compliance with both mandates, reported Reuters.
This decision by the EDPS follows a comprehensive three-year investigation triggered by concerns surrounding the transfer of personal data to the United States, particularly in the wake of revelations made in 2013 by former U.S. intelligence contractor Edward Snowden regarding extensive U.S. surveillance practices.
Related: Microsoft Offers To Charge For Teams In EU To Appease Watchdog
“The Commission has failed to provide appropriate safeguards to ensure that personal data transferred outside the EU/EEA are afforded an essentially equivalent level of protection as guaranteed in the EU/EEA,” stated the watchdog in an official statement. The European Economic Area (EEA) encompasses the 27 EU member states along with Iceland, Liechtenstein, and Norway.
The EDPS further highlighted deficiencies in the Commission’s contract with Microsoft, emphasizing a lack of specification regarding the types of personal data to be collected and for what explicit and specified purposes when utilizing Microsoft 365.
Microsoft 365, comprising Word documents, Excel spreadsheets, PowerPoint presentations, and Outlook emails, is the suite in question. Consequently, the data protection authority has ordered the Commission to suspend all data flows originating from its usage of Microsoft 365 to Microsoft and its affiliates and sub-processors situated in non-European countries lacking adequacy decisions.
Currently, the EU maintains data adequacy agreements with 16 countries, including Argentina, Japan, South Korea, Switzerland, Britain, and the United States.
Source: Reuters
Featured News
European Music Streaming Firms Rally Against Apple’s Proposed Remedies
May 9, 2024 by
CPI
Google and South Carolina Clash Over State Records Demand
May 8, 2024 by
CPI
Telefonica Germany Teams Up with Amazon Web Services to Migrate 5G Customers
May 8, 2024 by
CPI
Federal Judge Grants $7.4 Million Settlement in Pork Price-Fixing Case
May 8, 2024 by
CPI
Wilson Sonsini Bolsters Antitrust and Competition Practice with Key Partner Returns
May 8, 2024 by
CPI
Antitrust Mix by CPI
Antitrust Chronicle® – Economics of Criminal Antitrust
Apr 19, 2024 by
CPI
Navigating Economic Expert Work in Criminal Antitrust Litigation
Apr 19, 2024 by
CPI
The Increased Importance of Economics in Cartel Cases
Apr 19, 2024 by
CPI
A Law and Economics Analysis of the Antitrust Treatment of Physician Collective Price Agreements
Apr 19, 2024 by
CPI
Information Exchange In Criminal Antitrust Cases: How Economic Testimony Can Tip The Scales
Apr 19, 2024 by
CPI