Microsoft has admitted that it can’t protect EU data from U.S. snooping.
In sworn testimony before a French Senate inquiry into the role of public procurement in promoting digital sovereignty, Anton Carniaux, Microsoft France’s director of public and legal affairs, was asked whether he could guarantee that French citizen data would never be transmitted to U.S. authorities without explicit French authorization. And, he replied, “No, I cannot guarantee it.”
Google and Amazon will have the same problem with their “Sovereign Cloud” nonsense. The sooner it becomes clear to everyone that you cannot put EU citizens data on a US cloud provider, even if hosted in the EU, the better.
The US law is very clear on that stuff. I really don’t know why people are confused about those things.