Microsoft has announced that it will update its privacy provisions for commercial cloud contracts. It comes after the European Data Protection Supervisor (EDPS) investigated Microsoft’s contracts with the European Commission and other EU bodies; it found that Microsoft had failed to protect data according to EU law.
In its announcement, Microsoft said that the new Online Services Terms (OST) will “reflect contractual changes” that were developed with one of its customers, the Dutch Ministry of Justice and Security. The changes will give customers more transparency with regards to how their data is processed in the Microsoft cloud.
Expressing the firm’s willingness to work with customers, Julie Brill, Corporate Vice President for Global Privacy and Regulatory Affairs and Chief Privacy Officer at Microsoft, said:
“We remain committed to listening closely to our customers’ needs and concerns regarding privacy. Whenever customer questions arise, we stand ready to focus our engineering, legal and business resources on implementing measures that our customers require. At Microsoft, this is part of our mission to empower every individual and organization on the planet to achieve more.”
Microsoft said it will be ready to roll out the contract provisions to all public sector and enterprise customers globally by the beginning of 2020.