Microsoft issued a statement on Thursday in response to the Court of Justice ruling for the European Union in a case that examines the transfer of data from EU counties.
“We want to be clear: If you are a commercial customer, you can continue to use Microsoft services in compliance with European law,” wrote Julie Brill, corporate vice president for global privacy and regulatory affairs at Microsoft. “The Court’s ruling does not change your ability to transfer data today between the EU and U.S. using the Microsoft cloud.”
The Wall Street Journal reported on the surprise ruling from the European Court of Justice that invalidates an EU-U.S. data-transfer agreement known as Privacy Shield, which was implemented about four years ago.
It could leave thousands of companies to face restrictions on storing information about European Union residents on U.S. servers.
The transatlantic data market worth hundreds of billions of dollars could hit turbulent waters after privacy advocates challenged how data is stored and transferred. Companies like Amazon, Google, Facebook, Microsoft and others use such contracts to allow them to send Europeans’ personal information outside of the EU.
Although the ruling invalidated the use of Privacy Shield, the Standard Contractual Clauses (SCCs) remain valid, according to Brill.
She explains in a post that the ruling does not change data flows for Microsoft’s consumer services.
Microsoft transfers data between users, for example, when one person sends email or other online content to another. The company will continue to do so in compliance with the ruling and further guidance from EU data protection authorities and the European Data Protection Board.