Microsoft has admitted that European-based cloud data is not protected from the U.S. Patriot Act. The admission was made by Gordon Frazer, Microsoft UK’s managing director. Frazer made his remarks at an Office 365 launch in London last week. ZDNet captured Frazer’s comments during a QnA. One audience member asked whether “Microsoft could guarantee that EU-stored data, held in EU based datacenters, would not leave the European Economic Area under any circumstances – even under a request by the Patriot Act?” Frazer explained that Microsoft was unable to guarantee this and that customers would be informed wherever possible unless a court injunction prevented it. “Microsoft cannot provide those guarantees. Neither can any other company,” he said. Microsoft outlines its legal procedures for all of its online services in a detailed legal document on the company’s homepage:
“In a limited number of circumstances, Microsoft may need to disclose data without your prior consent, including as needed to satisfy legal requirements, or to protect the rights or property of Microsoft or others (including the enforcement of agreements or policies governing the use of the service).”
The ramifications of European data being subject to the U.S. Patriot Act will worry a number of companies based in Europe and question the security and privacy of the cloud.
Image Credit: Globalism Pictures (Flickr)