By Vincent WELLENS, Partner and Ottavio COVOLO, Associate, NautaDutilh Avocats Luxembourg S.à r.l.
On 11 March 2024, the European Data Protection Supervisor (“EDPS”) – the authority responsible for overseeing the data protection compliance of European institutions – issued a press release announcing a reprimand and corrective measures against the European Commission over its use of Microsoft 365, comprising Windows and the Office suite, on personal data protection grounds, along with a ban on data flows towards Microsoft effective 9 December 2024. Will have these conclusions a spill-over effect under the GDPR towards private actors and national public entities?
Background
The origin of the investigation can...
|