European Commission’s use of Microsoft 365 infringes data protection law for EU institutions and bodies (www.edps.europa.eu)

submitted 8 months ago by JRepin@lemmy.ml to c/europe@lemmy.ml

9 comments fedilink hide all child comments

Following its investigation, the EDPS has found that the European Commission (Commission) has infringed several key data protection rules when using Microsoft 365. In its decision, the EDPS imposes corrective measures on the Commission.

The EDPS has found that the Commission has infringed several provisions of Regulation (EU) 2018/1725, the EU’s data protection law for EU institutions, bodies, offices and agencies (EUIs), including those on transfers of personal data outside the EU/European Economic Area (EEA).

you are viewing a single comment's thread
view the rest of the comments

[-] Ephera@lemmy.ml 2 points 8 months ago

I don't think, you can hotfix this. Microsoft is a US company and therefore by US law (PATRIOT & CLOUD act) required to violate EU data protection laws (unless they retract from the EU market, of course).

I mean, that it took the EU this long to react to something that's clearly been amiss since the GDPR went into force, that certainly doesn't have my hopes high, but I don't think Microsoft needs to be involved to filibuster the enforcememt of this.

this post was submitted on 11 Mar 2024

99 points (100.0% liked)

Europe

3896 readers

44 users here now

Europa

founded 5 years ago

MODERATORS

AdAstra@lemmy.ml