European Commission’s use of Microsoft 365 infringes data protection law for EU institutions and bodies
www.edps.europa.eucross-posted from: https://lemmy.ml/post/13035348
Following its investigation, the EDPS has found that the European Commission (Commission) has infringed several key data protection rules when using Microsoft 365. In its decision, the EDPS imposes corrective measures on the Commission.
The EDPS has found that the Commission has infringed several provisions of Regulation (EU) 2018/1725, the EU’s data protection law for EU institutions, bodies, offices and agencies (EUIs), including those on transfers of personal data outside the EU/European Economic Area (EEA).
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 57 users / day
- 383 users / week
- 1.5K users / month
- 5.7K users / 6 months
- 1 subscriber
- 3.13K Posts
- 78.3K Comments
- Modlog
Gasps
Right?
The incompetence in the IT world is staggering. In the 90’s I complained about the direction SaaS would take us, and my peers just dismissed me as paranoid.
Seriously, how do these people not see the issues with out sourcing your data/software hosting?
It’s especially frustrating since it takes more network bandwidth to outsource this stuff, which is more risky (in my opinion - according to how I measure risk) than keeping it in-house, and with that much bandwidth you could easily support all your remote users anyway.
(Of course I’m comparing simple network/cloud provider outage risks against the local data risks and management, it’s not really as simple as I’m making it. I just prefer the “keep as much local as you can” is better than distributing data, since it’s going to be local anyway, meaning you’re never free of those risks).