EU-U.S. data agreement an important milestone for data protection, Microsoft is committed to doing our part

The newly announced Trans-Atlantic Data Privacy Framework between the EU and U.S. aims to bolster data protection standards.

This development, addressing concerns of the European Court of Justice, succeeds the invalidated Privacy Shield framework of 2020.

Microsoft backs this move, vowing to exceed the framework's requirements by refining how it manages legal requests for customer data.

The company pledges to validate U.S. government personal data demands for compliance with the new framework, challenging any non-compliance.

It also commits to supporting the redress process under the new agreement.

These commitments build upon Microsoft's existing "Defending Your Data" protections.

If data is unlawfully disclosed following a government request, the company will provide monetary compensation.

The new framework focuses on two main aspects: the scope of U.S. national security surveillance activities and redress mechanisms for Europeans, whose data may be mishandled by U.S. intelligence agencies.

It ensures that surveillance practices are necessary and proportionate, establishing an independent review court for redress in cases of improper surveillance.

Microsoft pledges to enhance customer trust with improved data residency capabilities and continued encryption for data at rest and in transit across its cloud products. Furthermore, the company is committed to globally balancing privacy and security, and supports initiatives such as engagement at the OECD for reaching global consensus.

The new framework sets a high bar for governmental access to Europeans' personal data and offers robust individual rights for redress in case of inappropriate data access, marking a significant milestone for European data protection rights.

Regenerate response