Microsoft signs EU accords on data privacy

By on
Microsoft signs EU accords on data privacy

Small steps to on-shore visibility.

Microsoft has signed European Union data protection clauses in an effort to quell concerns for European organisations running its Office 365 application suite.

The computing giant signed the European Union's Model Clauses agreement, a component of the Data Protection Directive that allows EU member nations to transfer personal data for processing to countries that cannot ensure an adequate level of protection [pdf].  

"European regulators have the option to request that customers halt the use of a service that hasn’t taken appropriate steps to safeguard personal data until they have evaluated the service and deemed it compliant with EU data protection and security standards," Microsoft explains in a statement

The agreement builds upon the US-EU Safe Harbour accord signed in 2000, designed to help US companies engage in trans-Atlantic business.

For European customers, the accords are intended to quell concerns around protection of Office 365 data hosted in Microsoft's data centres in the US, Ireland and the Netherlands.

Redmond built in 20 privacy controls to make Office 365 fit with European data privacy and protection regulations, according to Microsoft's chief privacy officer, Brendan Lynch.

"Our support for EU Model Clauses is another effort to accommodate the privacy demands of European markets," he said.

The company will also offer European customers additional "data processing agreements" for nations with more "exacting requirements" than the European directive.

Trust us, it's safe

Microsoft also opened a new "trust centre", allowing users to see the "geographic boundary" for their data when hosted in Office 365.

US customers, for example, will be hosted solely within the country while Australian and Asia Pacific customers will be served Office 365 instances out of the US, Singapore or Hong Kong.

Microsoft said it would not notify customers when data is transferred to a new country but will advise if it changes the geographic boundaries for customers who opt in to notifications. 

Though designed to promote visibility of its data centre locations, the trust centre indicates the computing giant's continuing unwillingness to share exact details of its data centres, choosing only to provide basic location information on data centres it has "elected to disclose to the general public".

The company also fails to disclose the number of data centres it uses to host Office 365, only stating that the number is "between 10 and 100", including "other United States-based Data Centers" it has not previously mentioned.

Concerns over data privacy and sovereignty in cloud computing were a key issue for Australian regulators, Lynch said. 

In "virtually every conversation" he had with customers and regulators while on tour in Australia and New Zealand, he was asked about its approach to data protection in its cloud services, he said.

The company has ruled out local facilities for Australian customers, however, and instead lobbied Government in an attempt to change a perceived stigma around data sovereignty in cloud applications and infrastructure.

Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

You must be a registered member of iTnews to post a comment.
| Register

Poll

How should the costs of Australia's piracy scheme be split?
Rights holders should foot the whole bill
50/50
ISPs should foot the whole bill
Government should chip in a bit
Other
Flash is heading towards its grave, and that's...
Great! Good riddance
Sad! Flash had some good qualities
Irrelevant. I don't care
What's Flash?
View poll archive

Whitepapers from our sponsors

What will the stadium of the future look like?
What will the stadium of the future look like?
New technology adoption is pushing enterprise networks to breaking point
New technology adoption is pushing enterprise networks to breaking point
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
The next era of business continuity: Are you ready for an always-on world?
The next era of business continuity: Are you ready for an always-on world?

Log In

Username:
Password:
|  Forgot your password?