EU data protection authorities said they have launched an investigation into the compliance of EU institutions’ contracts with Microsoft under new rules that came into force last year.
The European Data Protection Supervisor (EDPS), a relatively new body formed in 2004 that oversees all EU bodies, said it would look into whether contracts held by the European Commission and the EU’s 69 other institutions comply with the strict GDPR regulations that became active last May.
Assistant EDPS Wojciech Wiewiorowski said that while contractors have responsibilities for ensuring GDPR compliance, “EU institutions remain accountable for any data processing carried out on their behalf”.
“They also have a duty to ensure that any contractual arrangements respect the new rules and to identify and mitigate any risks,” he said.
EU bodies process large amounts of personal data, making it “vitally important” that risk-mitigating measures are in place, the agency said.
It drew attention to an assessment carried out by the Dutch Ministry of Justice and Security last November that found concerns with data collected through Microsoft Office 365 ProPlus, a cloud-based version of Microsoft’s Office suite.
The Dutch report found concerns with the way data was stored in a US database, saying it posed a risk to users’ privacy, following which Microsoft made changes to comply with EU rules.
EU institutions using similar Microsoft packages are likely to face data protection issues similar to those encountered by national public authorities, including “increased risks to the rights and freedoms of individuals”, the EDPS said.
Microsoft said it was “committed to helping our customers comply with GDPR, Regulation 2018/1725, and other applicable laws” and was “confident that our contractual arrangements allow customers to do so”.
The EDPS is able to impose fines of up to 50,000 euros (£43,125) for each infraction.
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…
Elon Musk firm touts cheaper EV models, as profits slump over 50 percent in the…
Bad news for Tim Cook, as Counterpoint records 19 percent fall in iPhone sales in…
TikTok pledges to challenge 'unconstitutional' US ban in the courts, after President Joe Biden signs…