HomeWinBuzzer NewsEuropean Commission Found in Violation of EU Data Protection Laws Through Microsoft...

European Commission Found in Violation of EU Data Protection Laws Through Microsoft 365 Usage

EU privacy watchdog finds EU Commission itself broke data rules with Microsoft 365. The Commission must fix data handling by December


The European Data Protection Supervisor (EDPS) has determined that the European Commission, the executive arm of the European Union renowned for its stringent tech company investigations, has itself breached the EU's stringent data protection regulations. This verdict emerged following an inspection into the Commission's engagement with 365, uncovering inadequacies in the observance of personal data protection statutes.

Specific Violations and Required Actions

At the core of the violation is the Commission's failure to detail the types of personal data accumulated and the precise objectives for its collection within the service framework. Furthermore, the evaluation highlighted a significant oversight in ensuring data transferred outside the European Union by Microsoft received equivalent protection levels mandated within EU borders. The EDPS has now issued a directive to the European Commission, necessitating the implementation of corrective measures by December 9, 2024, to restore compliance with EU data protection laws.

Ongoing Scrutiny and Unresolved Issues

This development adds a layer of complexity to the already intricate relationship between the European Commission and Microsoft. In July 2023, the Commission initiated an inquiry into Microsoft 365 upon Salesforce's claim, dating back to 2020, that Microsoft breached EU competition policies by integrating its Teams video conferencing application with the Microsoft 365 suite. In a move to address these concerns, Microsoft announced its decision to detach Teams and offer it as an independent service within the EU and Switzerland starting October 1, 2023. Despite this, there remain unverified suggestions that the Commission views these efforts as insufficient. The duration and outcome of the Commission's investigation into Microsoft 365 and Teams remain uncertain, including any prospective sanctions against Microsoft for non-compliance.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News