Microsoft has upped its commitment to EU data privacy, promising to keep EU data within the bloc.
Data privacy is a bigger concern than ever before, as individuals and lawmakers start holding companies accountable. As part of the shift toward more data responsibility, some jurisdictions have passed legislation requiring companies to take certain steps to protect user data.
The EU’s GDPR is one of the strictest such laws, providing far more protection than US federal laws currently do. As a result, EU states and citizens have become increasingly concerned about their data being transferred to the US and coming under the scope of US surveillance efforts.
Microsoft is working to address those concerns, promising it will go beyond existing agreements and keep EU data within the bloc. Brad Smith, President and Chief Legal Officer, announced the pledge on the company’s blog.
Today we are announcing a new pledge for the European Union. If you are a commercial or public sector customer in the EU, we will go beyond our existing data storage commitments and enable you to process and store all your data in the EU. In other words, we will not need to move your data outside the EU. This commitment will apply across all of Microsoft’s core cloud services – Azure, Microsoft 365, and Dynamics 365. We are beginning work immediately on this added step, and we will complete by the end of next year the implementation of all engineering work needed to execute on it. We’re calling this plan the EU Data Boundary for the Microsoft Cloud.
The new step we’re taking builds on our already strong portfolio of solutions and commitments that protect our customers’ data, and we hope today’s update is another step toward responding to customers that want even greater data residency commitments. We will continue to consult with customers and regulators about this plan in the coming months, including adjustments that are needed in unique circumstances like cybersecurity, and we will move forward in a way that is responsive to their feedback.
While individual states have passed privacy laws, there have been increasing calls for for the US to address the issue on a federal level. Microsoft’s pledge, along with the increased challenges of doing business in the EU, will likely add increased pressure for measurable change.