The European Data Protection Supervisory has started two investigation on the usage of some services of Amazon and Microsoft by some European Institution.

The European Data Protection Supervisory (EDPS) has started two investigation after the Judgement Schrems II of the European Court of Justice on the usage of specific services by institutions, bodies and organisms of the European Union (IUE).

In a press release, the EDPS has announced today to have started two investigation: the first one on the usage by European institutions of cloud computing services by Amazon and Microsoft in the filed of cloud contracts, and the other one on the usage of Microsoft Office 365 by the European Commission.

Those investigations are parts of a strategy in order to verify the compliance of the Schrems II Judgement of the 16^th of July 2021 in order to guarantee that “actual and future international transferences are carried out in compliance with the European legislation of personal data protection.”

The analysis already carried out by the EDPS reveals that the European Institutions depend on the services provided by big information and communication technologies providers, some of them are established in the USA, by considering that those data are transferred in that country, and it is underlined that those societies “are subjected to a legislation that, according to the Judgment Schrems II, permits to the USA authorities to carry out disproportionated surveillance activities.

SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DEL PORTOGALLO