Nico Rikken
@nicorikken@mastodon.nl  ·  activity timestamp 8 months ago

Tomorrow is 9th of December, the date of deadline set by the European Data Protection Supervisor by which time the European Commission must have stopped data transfer to the US, including the illegal data collection by Microsoft. I haven't seen any updates on this if the Commission appealed or complied. Does anyone have more details? https://www.edps.europa.eu/press-publications/press-news/press-releases/2024/european-commissions-use-microsoft-365-infringes-data-protection-law-eu-institutions-and-bodies_en#Privacy#EDPS #SafeHarbor#EU
Update: Both Microsoft and Commission appealed in May https://www.bankinfosecurity.com/eu-commission-microsoft-appeal-edps-office-365-decision-a-25327
Nico Rikken
@nicorikken@mastodon.nl  ·  activity timestamp 2 days ago

Finally, after multiple unanswered emails an update by the #EDPS on the use of #Microsoft 365 by the European Commission. Both Microsoft and the Commission made changes to become more compliant. The processing of data now has a defined purpose and transfer outside the EU (read: #CloudAct ) is reduced and shown to be limited. The details of the measures are not specified. https://www.edps.europa.eu/press-publications/press-news/press-releases/2025/european-commission-brings-use-microsoft-365-compliance-data-protection-rules-eu-institutions-and-bodies_en Also see the letter linked.