Data Protection Alert: EDPS's Bold Move Against the European Commission's Microsoft 365 Usage

In a landmark move on March 11th, 2024, the European Data Protection Supervisor (EDPS) issued a stark warning to the European Commission regarding its use of Microsoft 365. After a thorough investigation, the EDPS found multiple violations of EU data protection laws, specifically Regulation (EU) 2018/1725. This regulation is the cornerstone of data protection for EU institutions, bodies, offices, and agencies, ensuring the privacy and security of personal data within the EU and its transfer outside the EU/European Economic Area (EEA).