Microsoft signs up to EU cloud standards

News
By
published

Model clauses designed to protect EU customer data have been agreed by Microsoft for Office 365.

Cloud computing

Microsoft has signed up to a European directive to ensure data protection for citizens of the EU which using its Office 365 cloud product.

Back in February last year, a number of rules were announced by the EU known as Model Clauses to safeguard user's data, even if it was stored in outside of the European Economic Area.

Developing cloud based productivity tools that meet the needs of European businesses means more than simply building apps in a browser.

Microsoft now claims to be fully compliant with the rules, which allow the EU to tell customers to stop using a product until they have ensured it is compliant with EU regulations.

The Redmond giant also claimed to have gone "a step further" by offering a data processing agreement for EU customers who have stricter regulations within their own country, giving more specific protection than the generalised clauses for all 27 member states.

"Developing cloud based productivity tools that meet the needs of European businesses means more than simply building apps in a browser," said Jean-Philippe Courtois, president of Microsoft International.

"Microsoft has a more complete approach to European data protection and security laws than any other company, and we're proud of the work we've done to ensure the widest range of organisations can move to the cloud with confidence

Microsoft has been making sure people know about its involvement with the EU model clauses in what appears to be an attempt to claw back trust.

When it launched Office in June this year, the company caused uproar by saying, as a US firm, it was still subject to US laws. This meant wherever it stored data, it would be at risk from the likes of the Patriot Act, allowing the US Government to seize servers, even from its Dublin data centres.

The questions around the Patriot Act, and what other US companies operate in the same way, has plagued the adoption of public cloud services, with not a conference or launch going by without it being mentioned.

However, the lawyer perspective is to accept if the US wants your data, they will get hold of it.

Barry Jennings, an associate at law firm Bird & Bird, told Cloud Pro earlier this month: "If you have got data you don't want a government having access to, don't put it in another country."

"This is the world we live in," he added. "If the US wants [your data] they can get it, they have much more resources than [companies] have."

"I am more worried about the data you put out there."

Jennifer Scott
Jennifer Scott

Jennifer Scott is a former freelance journalist and currently political reporter for Sky News. She has a varied writing history, having started her career at Dennis Publishing, working in various roles across its business technology titles, including ITPro. Jennifer has specialised in a number of areas over the years and has produced a wealth of content for ITPro, focusing largely on data storage, networking, cloud computing, and telecommunications.

Most recently Jennifer has turned her skills to the political sphere and broadcast journalism, where she has worked for the BBC as a political reporter, before moving to Sky News.