At EU request, Microsoft will make it possible for European Azure, Microsoft 365 and Dynamics 365 cloud customers to store and process their data within the European Union. This option will be available to both business customers and consumers.
Currently, it is not clear to customers exactly where their data is stored and processed. This includes both personal data and diagnostic data generated by the services. Microsoft will announce detailed additional information about its EU Data Boundary plan at their EU Cloud Customer Summit in the fall.
According to Microsoft, all cloud services offered by the company already comply with EU guidelines. However, it is currently unclear to customers exactly where their data resides and where it is processed. After enabling the new option, customers will be assured that their data remains within the EU.
EU Data Boundary Plan
By the end of next year, the entire EU Data Boundary plan should be completed. It is not yet clear from when users can choose to store their data in the EU.
Microsoft says it already offers commercial and public sector customers the choice to have their data stored within the EU, while many Azure cloud services are already configurable to have data being processed in the EU as well.
For clients who have doubts about whether, for example, thew U.S. can retrieve data from Microsoft’s cloud infrastructure in the EU, the company stated the following, “We will contest government requests regarding personal data of customers in the public or commercial sector in the EU (from any government) if we have a lawful basis for doing so,” said Brad Smith, President at Microsoft in a blog post. “And we provide financial compensation for our customers’ users if we cause harm by releasing data in violation of the AVG.”
Data Center Presence EU
Microsoft has multiple data centers located in Europe while further expanding its data center presence across the region. Microsoft’s first European data center dates back to 2009. Its EU handling of data leverages data centers they have announced or are already operating in 13 countries: Austria, Denmark, France, Germany, Greece, Ireland, Italy, Netherlands, Norway, Poland, Spain, Sweden and Switzerland.
The company has already started the engineering work for its EU Data Boundary plan so that their essential cloud services can store and process all data of customers in the commercial and public sectors within the EU – to the extent they choose. This plan includes all personal data in diagnostic and service-generated data, as well as personal data Microsoft is using to provide technical support. They will also expand technical controls such as Lockbox and customer-controlled encryption for customer data across Microsoft’s core cloud services.
As said, additional information about this EU Data Boundary plan will be released at Microsoft’s EU Cloud Customer Summit in the fall.