cross-posted from: https://lemmy.ml/post/13035348

Following its investigation, the EDPS has found that the European Commission (Commission) has infringed several key data protection rules when using Microsoft 365. In its decision, the EDPS imposes corrective measures on the Commission.

The EDPS has found that the Commission has infringed several provisions of Regulation (EU) 2018/1725, the EU’s data protection law for EU institutions, bodies, offices and agencies (EUIs), including those on transfers of personal data outside the EU/European Economic Area (EEA).

  • Evil_Shrubbery@lemm.ee
    link
    fedilink
    arrow-up
    11
    ·
    8 months ago

    Ohhh, interesting. And nice.

    It will be a confusing few years but transition away from big corp cloud services is an important thing.

    I really hope they eventually push self-hosting onto regulated entities as well.

      • Evil_Shrubbery@lemm.ee
        link
        fedilink
        arrow-up
        10
        arrow-down
        1
        ·
        edit-2
        8 months ago

        Yeah, I mean, neither are corporations, especially when there is no oversight, no sanctions, and no real alternatives for regular workers.

        Also not sharing data for profit or lending it for private sector AI training. And it’s not like developed countries get their data stolen as regularly as corps do. And eg financial regulators are pretty strict on data security (CISO things) + a lot of new directives concerning data are just about to come in force.

      • vsis@feddit.cl
        link
        fedilink
        English
        arrow-up
        3
        ·
        8 months ago

        Keys and tokens will be shared securely via singaporean hotels wifi.