Microsoft Vows to Challenge Government Requests For User Data
The software giant will also compensate users whose information is inappropriately disclosed to government agencies.
(Bloomberg) -- Microsoft Corp. vowed to challenge all government requests to access its customers’ information in an effort to address increasing European Union scrutiny on the security of data sent to the U.S.
The software giant will also compensate users whose information is inappropriately disclosed to government agencies, Microsoft Chief Privacy Officer Julie Brill said in a blog post on Thursday.
Microsoft is one of a number of big tech companies working to continue to legally send data to the U.S. after a landmark EU court judgment in July overturned the primary system used to move information from Europe to the U.S., called Privacy Shield. The judges based the decision on concerns that user information was unsafe from prying by American intelligence services.
Companies transferring data to the U.S. using “contractual clauses” -- one of the few legal methods remaining -- now have to implement extra privacy measures, such as encryption. If companies or regulators deem that customer data is unsafe in the U.S. or any other destination, they may suspend those transfers altogether.
“We believe the new steps we’re announcing today go beyond the law,” Brill said, adding the legal challenges to law enforcement requests would pertain to all governments, not just the U.S. “We hope these additional steps will give our customers added confidence about their data.”
Read More: U.S. Companies Scrambling After EU Data Transfer Pact Dies
The European Data Protection Board, a body of EU data watchdogs, last week issued guidance to help companies identify if they need to implement extra measures before transferring their data, such as swapping identifying information with pseudonyms.
Microsoft’s measures announced Thursday come in addition to other commitments the company already builds into contracts it signs with customers, including pledges to encrypt data in transit and at rest, and to comply with legal government demands for data only if they are clearly compelled to do so.
©2020 Bloomberg L.P.