EU Commission's use of Microsoft software breached privacy rules, watchdog says
Microsoft software breached EU privacy rules and the bloc's executive also failed to implement adequate safeguards for personal data transferred to non-EU countries, the EU privacy watchdog said on Monday.
The European Data Protection Supervisor (EDPS) ordered the Commission to take measures to comply with privacy rules and to halt data transfer to the U.S. company and subsidiaries located in third countries which do not have privacy deals with the EU, setting a deadline of Dec. 9 for both orders.
Elevate Your Tech Prowess with High-Value Skill Courses
Offering CollegeCourseWebsiteMITMIT Technology Leadership and InnovationVisitIndian School of BusinessISB Product ManagementVisitIndian School of BusinessISB Professional Certificate in Product ManagementVisit The EDPS's decision followed a three-year probe triggered by worries about the transfer of personal data to the United States following revelations in 2013 by former U.S. intelligence contractor Edward Snowden of mass U.S. surveillance.
«The Commission has failed to provide appropriate safeguards to ensure that personal data transferred outside the EU/EEA are afforded an essentially equivalent level of protection as guaranteed in the EU/EEA,» the watchdog said in a statement.
The EEA, or European Economic Area, is made up of the 27 EU countries and Iceland, Liechtenstein and Norway.
«In its contract with Microsoft, the Commission did not sufficiently specify what types of personal data are to be collected and for which explicit and specified purposes when
