BRUSSELS (Reuters)—The EU data protection government is investigating whether the European Commission and other EU institutions observe the bloc’s strict data privacy policies in their software program deals with Microsoft.
The 28-USA European Union followed the landmark General Data Protection Regulation (GDPR) approximately a year ago, giving Europeans greater control over their online facts and privacy enforcers the strength to impose hefty fines.
The European Data Protection Supervisor (EDPS) launched its investigation. The EDPS monitors the bloc’s 70 institutions for GDPR compliance.
The probe will examine the Microsoft services and products utilized by the establishments and whether the contractual agreements between them and the U.S. Software organization are GDPR-compliant. “When counting on third events to provide services, the EU establishments remain liable for any facts processing executed on their behalf,” said Assistant EDPS Wojciech Wiewiorowski.
“They also must ensure that contractual preparations recognize the brand new rules and identify and mitigate any risks,” he stated. The EDPS can impose fines of up to 50,000 euros for every infringement.
Microsoft said it prepared to help its customers inside the EDPS investigation.
“We are committed to assisting our customers in complying with GDPR, Regulation 2018/1725, and different applicable laws and are assured that our contractual preparations permit clients to accomplish that,” Microsoft said.
The EDPS said several data protection issues might be similar to Dutch worries raised in November about the information gathered through Microsoft ProPlus, including popular software programs, Microsoft Word writing software programs, and Microsoft Outlook electronic mail.
The subject related to data saved in a database in the United States in a way that the Netherlands said posed predominant risks to customers’ privacy. The agency ultimately made a few modifications to comply with EU regulations.