Brendon Lynch, Chief Privacy Officer, Microsoft, writes on the Microsoft on the Issues Blog:
Privacy is a top priority for many users of cloud computing, so Microsoft today is releasing a white paper that details many of the specific data protection policies, procedures and tools that have been integrated into Office 365, our newest cloud productivity service.
I recently returned from a two-week trip to discuss a range of privacy topics with customers and regulators in Australia and New Zealand. In virtually every conversation, I was asked about Microsoft’s approach to data protection in our cloud services. Microsoft representatives around the world report hearing similar questions regularly in each of their regions.
These questions are understandable. Entrusting information that is core to the success of your organization to a cloud service provider is a big decision. And information about the privacy policies of many cloud services is either hard to find or indecipherable to all but the most astute IT professionals.
Today’s whitepaper, “Privacy in the Public Cloud: The Office 365 Approach,” provides detailed answers to the most common cloud privacy questions in the context of one of our most mature cloud services for businesses, public sector agencies and educational institutions.
While cloud computing experienced another year of impressive growth in 2011, concerns about privacy and data protection continue to keep some potential beneficiaries from embracing cloud computing. News about hacking attacks, theft and misuse of data managed by online service providers has raised questions about the privacy and security of cloud computing.
At Microsoft, we understand that unless we are responsive to our customers’ and to regulators’ questions about data protection in public clouds, we will not earn the trust necessary for our cloud services to satisfy our customers’ needs.
As the white paper outlines, Office 365 was built from the ground up with strong data protection in mind. A team of privacy professionals was dedicated to the service early in the development cycle and worked in close partnership with engineers, business planners and marketers. As a result, privacy’s been an integral part of the service from the beginning, not an afterthought.
Microsoft also announced today that Office 365 customers with European users can sign data processing agreements with the standard contractual clauses published by the European Commission, which are known as the EU Model Clauses. We took a global perspective when we developed our data protection policies for Office 365, and we worked to accommodate the particular priorities of different regions when possible. For instance, we built more than 20 privacy controls into the service to align it with specific European privacy and data protection regulations. Our support for EU Model Clauses is another effort to accommodate the privacy demands of European markets.
I invite you to review the whitepaper and read today’s news release from the Office 365 team. We take our responsibility to safeguard cloud data seriously, and we want to be transparent so our customers can understand our approach to privacy and trust their information is in good hands.