After pressure from the European Union, software giant Microsoft announced it would be changing the privacy provisions on its commercial cloud contracts. Earlier this year, EU regulators uncovered that Microsoft’s work with its institutions failed to protect data as it was prescribed by EU law.
In April this year the European Union watchdog, EDPS, investigated Microsoft’s contracts with the European Commission and other EU institutions, to see if they’re in line with data protection rules. Compliance issues were raised six months later, in October.
Issuing a statement, the software company said it would be increasing its data protection responsibilities “for a subset of processing that Microsoft engages in” when they provide enterprise services. According to Reuters, these new provisions will be making their way to the public sector and enterprise customers in early 2020.
In May 2018, General Data Protection Regulation came into force. It’s an EU-wide legislation, which applies to companies worldwide dealing with EU citizens’ data. It regulates how organisations collect, store, secure and share data on EU citizens, and regulates what organisations need to do in case of a breach and data theft.
Privacy has become a key consideration among digital businesses in the past couple of years, especially after the Facebook Cambridge Analytica incident, in which it was uncovered that the British political consulting firm was using Facebook’s data on its users for political advertising, without explicit consent from the users themselves.