HomeWinBuzzer NewsEuropean Commission Found in Violation of EU Data Protection Laws Through Microsoft...

European Commission Found in Violation of EU Data Protection Laws Through Microsoft 365 Usage

EU privacy watchdog finds EU Commission itself broke data rules with Microsoft 365. The Commission must fix data handling by December

-

The European Data Protection Supervisor (EDPS) has determined that the European Commission, the executive arm of the European Union renowned for its stringent tech company investigations, has itself breached the EU’s stringent data protection regulations. This verdict emerged following an inspection into the Commission’s engagement with Microsoft 365, uncovering inadequacies in the observance of personal data protection statutes.

Specific Violations and Required Actions

At the core of the violation is the Commission’s failure to detail the types of personal data accumulated and the precise objectives for its collection within the Microsoft 365 service framework. Furthermore, the evaluation highlighted a significant oversight in ensuring data transferred outside the European Union by Microsoft received equivalent protection levels mandated within EU borders. The EDPS has now issued a directive to the European Commission, necessitating the implementation of corrective measures by December 9, 2024, to restore compliance with EU data protection laws.

Ongoing Scrutiny and Unresolved Issues

This development adds a layer of complexity to the already intricate relationship between the European Commission and Microsoft. In July 2023, the Commission initiated an inquiry into Microsoft 365 upon Salesforce’s claim, dating back to 2020, that Microsoft breached EU competition policies by integrating its Teams video conferencing application with the Microsoft 365 suite. In a move to address these concerns, Microsoft announced its decision to detach Teams and offer it as an independent service within the EU and Switzerland starting October 1, 2023. Despite this, there remain unverified suggestions that the Commission views these efforts as insufficient. The duration and outcome of the Commission’s investigation into Microsoft 365 and Teams remain uncertain, including any prospective sanctions against Microsoft for non-compliance.

Last Updated on November 7, 2024 9:48 pm CET

SourceEDPS
Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
We would love to hear your opinion! Please comment below.x
()
x
Mastodon