EU Commission’s use of Microsoft software breached privacy rules, watchdog says

Il garante europeo alla Commissione: l’uso fatto dalla commissione UE di Microsoft 365 è contro le norme sulla privacy

due cose colpiscono: la prima che una notizia di circa 3 settimane fa sia passata totalmente inosservata e la seconda che sia stato dato un termine di 9 mesi per ottemperare.

Source: Reuters

The European Data Protection Supervisor (EDPS) ordered the Commission to take measures to comply with privacy rules and to halt data transfer to the U.S. company and subsidiaries located in third countries which do not have privacy deals with the EU, setting a deadline of Dec. 9 for both orders.

The EDPS’s decision followed a three-year probe triggered by worries about the transfer of personal data to the United States following revelations in 2013 by former U.S. intelligence contractor Edward Snowden of mass U.S. surveillance.

“The Commission has failed to provide appropriate safeguards to ensure that personal data transferred outside the EU/EEA are afforded an essentially equivalent level of protection as guaranteed in the EU/EEA,” the watchdog said in a statement.

“In its contract with Microsoft, the Commission did not sufficiently specify what types of personal data are to be collected and for which explicit and specified purposes when using Microsoft 365,” the EDPS said.

The data protection authority ordered the Commission to suspend all data flows resulting from its use of Microsoft 365 to the company and its affiliates and sub-processors located in countries outside Europe that are not covered by an adequacy decision.

Continua qui: EU Commission’s use of Microsoft software breached privacy rules, watchdog says | Reuters

If you like this post, please consider sharing it.

Leave a Comment

Your email address will not be published. Required fields are marked *