“A long time coming” - Microsoft data residency plans will see firm store all cloud customer data in the EU
Microsoft’s offer to store cloud customer data in the EU has been years in the making and builds on significant efforts to meet regulatory requirements
Microsoft has announced that all EU-based cloud customers will be able to store personal data in the region as part of a bid to comply with data sovereignty requirements.
The plans build on previous efforts from the tech giant to improve data sovereignty compliance in the EU in response to regulatory pressure, and follows the launch of its data boundary in January 2023.
Microsoft’s EU data boundary had initially enabled the processing of data in the region. However, the latest move will now include the processing of data found in system-generated logs that are automatically produced while using its services.
In a statement last week, Julie Brill, Microsoft’s corporate VP and chief privacy officer, said the decision makes the firm the “first large-scale cloud provider to deliver this level of data residency to European customers”.
“Microsoft is empowering customers by bringing significant enhancements and new features to the EU Data Boundary for the Microsoft Cloud,” she said.
“With today’s update, Microsoft takes another decisive step in expanding its suite of trusted cloud services that respect European values and meet the specific requirements of our commercial and public sector customers in Europe.”
The move from Microsoft has been welcomed by industry analysts as a positive step toward improving data privacy for European-based consumers.
Nader Henein, VP analyst at Gartner said the plans, which have been several years in the making in the wake of the Schrems privacy case, will create a more robust, secure, and compliant framework for Microsoft and its customers.
“This has been a long time coming,” he told ITPro. “It provides better protection as information in Europe is protected by EU law and the laws of various countries.”
Discover the power of integrating a data lakehouse strategy into your data architecture
DOWNLOAD NOW
Microsoft isn’t alone in its efforts to improve data sovereignty in the EU. Other major cloud providers, including Oracle, IBM, and AWS, have unveiled similar plans in recent months in a bid to meet regulatory requirements.
In June 2023, Oracle announced its long-awaited sovereign cloud region for EU customers. The company’s EU Sovereign Cloud is located entirely within the union, and allows private and public sector organizations across the union to “gain more control over data privacy and sovereignty requirements”.
The cloud region is also supported by EU-based personnel and operated by separate legal entities within the union.
In a similar move, AWS also confirmed it would allow data storage on EU servers in October 2023.
Has Microsoft acted quick enough?
While the move has been welcomed by industry analysts, some cloud sector stakeholders have questioned the speed of efforts to improve sovereignty among major hyperscalers.
Speaking to ITPro, Mark Boost, chief executive of Civo, suggested Microsoft shouldn't be praised for introducing policies that should've been implemented some time ago.
Boost added that the tech giant has attempted to frame itself as being highly pro-active in efforts to improve data sovereignty despite long-standing calls from European companies to implement changes.
“For me, and many others operating in this space, data should have always been sovereign,” he said. “The lack of commitment from hyperscaler providers to guarantee this has always been perplexing.”
“Making this into a new selling point for themselves, when it should have always been like this, suggests either an attempt to market themselves positively or, if we’re being generous, a lack of awareness of the value of this approach”
Cloud Pro Newsletter
Stay up to date with the latest news and analysis from the world of cloud computing with our twice-weekly newsletter
George Fitzmaurice is a staff writer at ITPro, ChannelPro, and CloudPro, with a particular interest in AI regulation, data legislation, and market development. After graduating from the University of Oxford with a degree in English Language and Literature, he undertook an internship at the New Statesman before starting at ITPro. Outside of the office, George is both an aspiring musician and an avid reader.