European Commission's use of Microsoft 365 infringes data protection law for EU

It blows my mind how European political leaders are so incompetent that they don&#x27;t see any issue having their sensitive IT infrastructure outsourced to foreign providers.<p>They feel confident because they believe the words of providers or what is said in contract or &quot;paper&quot; agreements that the US will not spy on them when it is possible. Despite all previous examples of shamelessly doing what they wanted. Like when there was undercover operations to retrieve the fingerprints of political leaders.

This is the key sentence but it&#x27;s not clear to me how to parse it:<p>&quot;The EDPS has therefore decided to order the Commission, effective on 9 December 2024, to suspend all data flows resulting from its use of Microsoft 365 to Microsoft and to its affiliates and sub-processors located in countries outside the EU&#x2F;EEA not covered by an adequacy decision.&quot;<p>Does it mean suspend flows to Microsoft anywhere and to its affilietes and sub-processors outside EEA?<p>Or does it mean suspend flows to (Microsoft and to its affilietes and sub-processors) which are located outside EEA?<p>In other words can data still flow to Microsoft within EEA?

The Comission doesn&#x27;t care about privacy and wants tighter integration with the US (for the companies). The parliament and the European Court of Justice want stronger privacy (for the people).<p>That is the reason for the drama over the last years concerning Privacy Shield etc.

German here. It&#x27;s been blowing my mind for 20ys now how incompetent and naive our leadership (nation-wise but also on EU level) is.<p>The current German gov&#x27;t silently issued a statement in December 2023 of IT license cost on federal level for the upcoming years which essentially was 6 billion EUR to Microsoft and Oracle.<p>1. They throw valuable tax-payer money at companies who do tax evasion.<p>2. They simply ignore the _fact_ that we&#x27;ve been spied on by our allies.<p>3. They became over-dependent on US tech which trickled down into all fine-granular processes of private and public institutions.<p>4. They make it additionally hard for local companies to compete with their regulation frenzies.<p>Don&#x27;t know what to say anymore but mocking them and mention what might happen if Trump gets re-elected and discovers this dependency. If US is playing hardball, Germany will be back in stone age.

dupe link: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=39666561">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=39666561</a>

Tbh. after the recent sets of Microsoft ToS&#x2F;Privacy Terms I would argue _any usage of Microsoft Windows and&#x2F;or most Microsoft products_ is not legally possible in a public office handling any private or otherwise sensitive data.<p>...<p>I mean they might have different ToS&#x2F;Privacy Terms, but I it would still be high risk due to MS track record of &quot;accidentally&quot; undoing or ignoring various &quot;I don&#x27;t want to be tracked&quot; choices.<p>Like tbh. from a privacy POV MS has become a joke, I mean how hard do you have to mess up that google is preferable bay a not so small margin.

If even the European Commission cannot get GDPR right, then what hope do small&#x2F;medium businesses have?

I have personal experience of authorities in the European Union abusing GDPR laws to circumference laws on transparency. In the case I was involved with, they refused to give out public documents where political parties have to list the people that receive money from them, by getting the data protection authority involved and saying it was not possible because the recipient might use an American company for backup or an American e-mail provider on their computers. All this communication of course sent to us through their Microsoft Exchange server.<p>As with all laws in Europe, GDPR has a chief purpose to be abused by the rulers and used against the public and the public interest. That&#x27;s a long standing tradition in Europe, and I feel that it&#x27;s only people here that don&#x27;t &quot;get it&quot; and actually believe the propaganda. You don&#x27;t believe Apple propaganda, Monsanto propaganda, or Republican propaganda. So why swallow EU propaganda?