Microsoft today announced that the European Union’s data protection authorities have found that Microsoft’s enterprise cloud contracts meet the high standards of EU privacy law. This enables enterprise customers to use Microsoft services to move data freely through cloud from Europe to the rest of the world. This approval applies to Microsoft’s enterprise cloud services – in particular, Microsoft Azure, Office 365, Microsoft Dynamics CRM and Windows Intune.
The EU’s 28 data protection authorities acted through their “Article 29 Working Party” to provide this approval via a joint letter. Importantly, Microsoft is the first – and so far the only – company to receive this approval.
By acknowledging that Microsoft’s contractual commitments meet the requirements of the EU’s “model clauses,” Europe’s privacy regulators have said, in effect, that personal data stored in Microsoft’s enterprise cloud is subject to Europe’s rigorous privacy standards no matter where that data is located. This is especially significant given that Europe’s Data Protection Directive sets such a high bar for privacy protection.
Read more from Microsoft here.