Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Cloud Computing

Microsoft Comes Out in Support of the EU-U.S. Privacy Shield

Microsoft Comes Out in Support of the EU-U.S. Privacy Shield

Microsoft this morning announced its support for the EU-U.S. Privacy Shield, which is designed to safeguard privacy as data is electronically transferred between the two jurisdictions. Put simply, the framework would require that these data protections will be identical to those within the EU.

“At Microsoft we believe that privacy is a fundamental human right,” Microsoft vice president of EU government affairs John Frank writes ina new post to the software giant’s EU Policy Blog. “In a time when business and communications increasingly depend on the transmission of personal data across borders, no one should give up their privacy rights simply because their information is stored in electronic form or their technology service provider transfers it to another country … we believe wholeheartedly that the Privacy Shield represents an effective framework and should be approved.”

The European Commission and the United States agreed on the terms of the EU-U.S. Privacy Shield framework in February after two years of negotiations. It is designed to replace an earlier but vaguer agreement, called Safe Harbor, which the European Court of Justice ruled in October 2015 was no longer adequate to protect personal privacy in the post-Snowden world. But it will need to be accepted by various European governments and data protection authorities first.

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

Under the terms of the agreement, U.S.-based tech firms like Microsoft and Google would need to adopt stricter personal privacy protections that are afforded to EU citizens. But it also allows U.S. law enforcement to access personal data “under clear conditions, limitations and oversight, preventing generalized access.”

This bit is particularly important to Microsoft. As you may recall, the software giant is engaged in a long-running legal battle in which the U.S. government wishes to gain access to EU-hosted data belonging to a smuggling suspect. Microsoft has argued that the U.S. has no jurisdiction over this data, and that the request is thus illegal.

“People won’t use technology that they don’t trust,” Mr. Frank notes. “Legal rules that clearly delineate individual rights, ensure transparency in how those rights are protected, and offer due process when people believe their rights have been violated. They provide a foundation for trust that is essential to realizing the full power of these new technologies to drive innovation and advance human progress.”

For its part, the U.S. government has said it will not engage in “indiscriminate mass surveillance” of EU citizens, though in some extreme cases—terrorism, for example—mass surveillance would in fact be allowed when a more targeted form of surveillance is not possible.

“The European Commission and U.S. Department of Commerce deserve credit for addressing complicated legal issues in ways that create stronger and pragmatic privacy protection for European citizens while enabling the continued movement of data that is the lifeblood of our economies,” Mr. Frank writes. “The European Union and the United States are better off with this new Privacy Shield.”

Unfortunately, the EU-U.S. Privacy Shield agreement will likely face blistering legal attacks before it is made law. In Europe, a privacy group called the Article 29 Working Party said it would challenge any agreement which did not ensure EU-level privacy controls on U.S companies. And here in the U.S., many tech companies are lobbying against the framework.

Well, Microsoft—a company that doesn’t get enough kudos for its transparent approach to privacy—is not among them.

“By providing a clear framework that ensures key protections of EU citizens continue when data is transferred to the United States, the Privacy Shield framework is an important step in enhancing trust in the global digital economy, and we hope that it will be approved as negotiated,” Mr. Frank concludes.


Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Paul Thurrott is an award-winning technology journalist and blogger with over 20 years of industry experience and the author of over 25 books. He is the News Director for the Petri IT Knowledgebase, the major domo at, and the co-host of three tech podcasts: Windows Weekly with Leo Laporte and Mary Jo Foley, What the Tech with Andrew Zarian, and First Ring Daily with Brad Sams. He was formerly the senior technology analyst at Windows IT Pro and the creator of the SuperSite for Windows.
Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: