The European Commission and European Parliament’s use of cloud computing solutions delivered by Amazon and Microsoft has prompted two EU privateness investigations in excess of concerns about the transfer of private knowledge to the United States.
Knowledge privateness arrived under scrutiny immediately after revelations in 2013 by former US intelligence contractor Edward Snowden of mass US surveillance.
In response, Europe’s optimum court last year rejected a transatlantic knowledge transfer offer, identified as the Privacy Shield, subsequent a lengthy-jogging dispute concerning Facebook and Austrian privateness activist Max Schrems.
EU privateness watchdog the European Knowledge Security Supervisor (EDPS) on Thursday opened the investigations immediately after determining specific sorts of contracts concerning EU institutions and the two corporations that need particular awareness.
The investigations, one particular of which focuses on the use of Microsoft Office 365 by the European Commission, will look into regardless of whether the EU bodies comply with privateness rules and the Court judgment.
The EU watchdog mentioned EU bodies were relying more and more on cloud-centered computer software and cloud infrastructure or system solutions from massive US companies ruled by laws that enables disproportionate surveillance pursuits by the US authorities.
“I am mindful that the ‘Cloud II contracts’ were signed in early 2020 before the Schrems II Judgement and that equally Amazon and Microsoft have declared new actions with the purpose to align by themselves with the judgment,” EDPS head Wojciech Wiewiorowski mentioned.
“Yet, these declared actions might not be adequate to be certain whole compliance with EU knowledge safety legislation and for this reason the need to have to look into this effectively.”
Market chief Amazon, Alphabet unit Google and Microsoft dominate the realm of knowledge storage all over the world.
Microsoft mentioned it was assured that it would be capable to swiftly address any concerns.
“We’ve fully commited to obstacle every single government request for an EU public sector or industrial customer’s knowledge where by we have a lawful basis for executing so,” a spokeswoman mentioned.
“And we will supply financial payment to our customers’ users if we disclose knowledge in violation of the applicable privateness rules that triggers damage,” she mentioned.
Neither the Commission nor the Parliament responded to requests for comment.