EU data protection supervisor express concerns over Microsoft contracts with EU institutions

In a recent statement, the European Data Protection Supervisor announced that preliminary results of its investigation into Microsoft contracts with EU institutions show serious issues over compliance with data protection rules. In April 2019, the European Data Protection Supervisor (EDPS) launched an investigation into the use of Microsoft products and services by EU institutions. The investigation identified the Microsoft products and services used by the EU institutions and assessed whether the contractual agreements concluded between Microsoft and the EU institutions were fully compliant with data protection rules. The EDPS also considered whether there were appropriate measures in place to mitigate risks to the data protection rights of individuals when EU institutions use Microsoft products and services.