“The risk of the US requesting European data from Microsoft is very small”

"The risk of the US requesting European data from Microsoft is very small"

That fact, along with Microsoft’s data encryption, legal ability to defy government decisions, and Microsoft’s track record of transparency, means there are only low risks to data protection, journalists say. When it comes to personal “ordinary” data. However, there is still a huge risk with private data.

There is a good chance that you will take AP tips

One possible way out is for cloud users to better protect their data by providing it with encryption. Whether it will really get to the point where organizations have to encrypt their Microsoft data themselves is now open to question. It depends, among other things, on what the Dutch data protection authority advises. This scenario is very promising, he told AG Connect.

“The European Court was very clear about the transfer to the US in Shrems II: The US does not give EU citizens “rights they can enforce in courts against US administrations.” It also sees the argument in various Google Analytics decisions issued by EU privacy watchdogs. European Union that additional technical measures Google has taken, such as anonymization and encryption, do not remove this problem.”

According to Weij, storing data from European Microsoft customers exclusively in European data centers is not the answer. The problem is that the Microsoft EU and Microsoft US themselves make agreements on the transfer of personal data. Just like Google and AWS. This does not solve the problem. “Weij believes that if data transfers are blocked, this will likely have many consequences for Microsoft. “On the other hand: is it possible to work without Microsoft when you’ve set everything up via Microsoft? It’s a geopolitical problem that the European Union and the United States must find a solution to.”

See also  Portland police states federal officers would not get the job done in its incident command centre

‘Unmistakable admins’

Legal counsel Stan van Remsdejk of ICTRecht is less certain. According to him, it is not possible to say for sure whether European regulators are using the same strict approach as the DPIA of Privacy Company. The truth is that many American services are subject to a magnifying glass. As privacy regulators across Europe are currently investigating the use of cloud services, I am inclined to say that if there is a critical judgment, it will be clear, so all regulators matter.”

Van Riemsdijk describes as “correct” that the Privacy firm states at the DPIA that if European regulators also assessed the risks as high, it would not be possible to use US providers. “It remains to be seen whether this is the case in practice.”

not even knowledge

He sees an analogy with the Schrems II case, which means it is “not possible” legally to process personal data from Europe in the US anymore. “You can also state here that conversion without this additional analysis of risks and measures is not actually possible. Does this mean that it will not happen anymore without these additional requirements? New!” Although there are parties that are rapidly turning to new requirements, a significant portion of organizations do not seem to be aware of these additional requirements, according to van Rimsdijk.

Van Riemsdijk sees the same when using Google Analytics in Europe, which the Associated Press has not made a final decision on. But he also mentioned that the prospects for the US site tool are not “rosy”. In short, the future ramifications of using Microsoft could be significant. By the way, not only for Microsoft, but also for all other American tech giants. It remains to be seen whether this will actually hinder Microsoft’s use in the short term. “

See also  Evidence of Chinese hacking of Huawei

Leave a Reply

Your email address will not be published.