The EU has launched an investigation into contracts Microsoft holds with its institutions to ensure data processing is conducted in compliance with the GDPR.
Regulator the European Data Protection Supervisor (EDPS) revealed yesterday that it was undertaking the investigation into contractual arrangements with the US tech giant after a Data Protection Impact Assessment Report in the Netherlands last November highlighted issues.
That audit found that: “Microsoft collects and stores personal data about the behavior of individual employees on a large scale, without any public documentation.”
Microsoft Office ProPlus was singled out for attention in that report.
Now the EDPS is warning of “increased risks to the rights and freedoms of individuals” for any EU institutions using the same apps detailed in the audit.