The European Union’s strict data protection regulations have proven challenging even for the EU itself.
Adobe Stock / AOP
The European Data Protection Authority says in its announcement that the European Commission has violated several essential EU data protection laws when using the Microsoft 365 cloud service.
According to the Data Protection Commissioner, the Commission has not borne its responsibility to ensure that it uses the Microsoft 365 cloud service in accordance with the requirements of the European Data Protection Regulation.
The Data Protection Commissioner reminds that it is the commission’s responsibility to inform Microsoft about what kind of data is allowed to be processed in which country and for which purpose. Data may only be processed in those countries that have an agreement with the EU on the matter.
– The Commission has not stated in sufficient detail what kind of personal data it collects and for what purpose when using Microsoft 365, the European Data Protection Supervisor Wojciech Wiewiorowski says in the announcement.
If the European Commission wants to continue using the cloud services of the US company Microsoft, it must correct the shortcomings in its practices by December 9, 2024.
The Microsoft 365 product family was formerly known as Office. It includes e-mail, word processing and spreadsheet software.