The European Commission’s use of Microsoft 365 software has come under scrutiny by the EU’s privacy watchdog.
As first reported by Reuters, the Commission’s leveraging of Microsoft allegedly breaches privacy rules, while the European Data Protection Supervisor (EDPS) watchdog added that the bloc’s executive failed to introduce adequate safeguards for personal data transferred to non-EU or non-European Economic Area (EEA) nations.
The EDPS mandated that the Commission must ensure compliance with privacy regulations and cease data transfers to the American business and its subsidiaries in third countries lacking established privacy agreements with the EU. Both directives were issued with a deadline of December 9.
The EDPS said in a statement:
The Commission has failed to provide appropriate safeguards to ensure that personal data transferred outside the EU/EEA are afforded an essentially equivalent level of protection as guaranteed in the EU/EEA(…) In its contract with Microsoft, the Commission did not sufficiently specify what types of personal data are to be collected and for which explicit and specified purposes when using Microsoft 365.”
The EDPS directed the Commission to halt all data transfers stemming from its utilisation of Microsoft 365 to the Redmond-based tech giant and its affiliates and sub-processors situated in countries outside of Europe that are not covered by the EU’s established data adequacy agreements, whose 16 members include the US, UK, Switzerland and South Korea. It was also told to ensure that its use of Microsoft 365 moving forward complies with its privacy rules.
The EDPS’s ruling stemmed from a three-year investigation prompted by worries over the transfer of personal data to the US, initially sparked by revelations in 2013 by former US intelligence contractor Edward Snowden around US surveillance practices.
“Concerns raised by the European Data Protection Supervisor relate largely to stricter transparency requirements under the EUDPR, a law that applies only to the European Union institutions,” a Microsoft spokesperson responded, affirming that it would review the EDPS’ decision and cooperate to manage the concerns.
The European Commission had yet to reply to Reuters’ request for comment.
Microsoft and the European Commission
Microsoft has had a complicated relationship with the European Commission for decades, but the last year has amplified that friction.
In August, Microsoft announced its intention to unbundle Teams from Office 365 in Europe after pressure from Slack and the European Union to avoid the European Commission’s recently announced probe into its allegedly anticompetitive practices.
Slack had accused Microsoft of anticompetitive behaviour because the tech giant included Teams in its subscriptions for free rather than charging extra or giving enterprises the ability to buy Office 365 without Teams. The EU’s investigation was confirmed in July after months of swirling rumours.
Microsoft had proposed to unbundle Teams from its software packages and sell them to new customers with an annual discount. However, the European Commission considered this concession too little and too late and was preparing a statement of objections to send to Microsoft.
Microsoft also became under investigation by the European Commission following the introduction of the Digital Markets Act (DMA), which targeted “gatekeepers” that offered “core platform services” and potentially underwent uncompetitive business practices.
The Commission was exploring whether Microsoft’s Bing, Edge and Advertising services fall under the remit of the DMA. However, Microsoft has argued that Bing should not tied to the same regulatory conditions as Google as it has only a three percent market share.
More recently, the European Commission has accompanied other antitrust bodies like the UK’s Competition and Markets Authority (CMA) and the USA’s Federal Trade Commission in probing Microsoft and OpenAI’s relationship.
Microsoft has invested roughly $13 billion in OpenAI over the past four years. However, all three regulatory probes come off the back of November’s OpenAI saga, in which its CEO Sam Altman was ousted by its board before being reinstated just four days later following intense pressure from both employees and investors — a melodrama that resulted in Microsoft securing a nonvoting position on OpenAI’s board and its CEO Satya Nadella publicly called for improved governance for the AI startup.
from UC Today https://ift.tt/DXa03RS
0 Comments