Microsoft reiterates its commitments to its European customers, for whom control of their data has become a major issue. If the American company already offered them options to guarantee the hosting of their data on European soil, it will go further and announced on Thursday the gradual rollout of a new program entitled “EU Data Boundary”, which should “significantly reduce data flows outside Europe” .
Available from January 1 for its main cloud computing services, namely Azure, Microsoft 365, Dynamics 365 and the Power BI platform, this solution will first address consumer data before including other categories.
“The first phase will deal with customer data. As we move through the next stages, we transfer login data, service data and other types of data.This was told by Microsoft’s regulatory affairs, Julie Brill, to Reuters. The second phase should be completed by the end of 2023, then the third in 2024, she added.
This offer is intended for companies in the EU, but also for Iceland, Liechtenstein, Norway and Switzerland. This new solution should allow European companies to regain some control over their data when it is not always easy for them to understand where this data is.
“We are creating this solution so that our customers feel more secure and can have clear conversations with their regulators about where their data is processed and stored.”, said Julie Brill. But it is also a way for Microsoft to reassure Brussels and European regulators that it is willing to help the continent achieve its ambitions for digital sovereignty.
No effect on Cloud Act
This new solution, on the other hand, should not make it possible to reduce the fears surrounding the extraterritoriality of certain US laws, such as the Cloud Act, which allows authorities to access data hosted by national companies, wherever they happen to be. regard to national security.
At this point, Microsoft is committed to “challenge any government request for personal data from a public or commercial EU customer – regardless of government – where there is a legal basis to do so“and of”provide financial compensation” to their clients’ users if such access would violate the GDPR and cause harm.
Chose for you