A recent testimony by Microsoft France’s legal director Anton Carniaux and technical director Pierre Lagarde before the French Senate commission has shed light on a critical concern regarding data protection in Europe. The executives admitted under oath that the company cannot guarantee French citizen data stored in EU datacenters will remain protected from US agency access.
This admission contradicts years of security assurances provided by Microsoft regarding European data hosting, highlighting the limitations of technical safeguards in ensuring data sovereignty. According to Carniaux, the company maintains a rigorous process for evaluating government requests but must ultimately comply with legally valid demands.
The testimony has significant implications for European digital infrastructure, as it reveals that even major US technology providers like Microsoft are vulnerable to extraterritorial access by American authorities. This creates tension between France’s efforts to promote digital sovereignty and the practical realities of relying on American technological foundations.
The French Senate inquiry into public procurement decisions is aimed at addressing concerns over procurement arbitrage, which favors established international providers over domestic alternatives. The investigation highlights the need for stronger implementation of existing rules and regulations, as well as the development of new standards to ensure data sovereignty in Europe.
As European cloud infrastructure investments accelerate, Microsoft’s admission serves as a wake-up call for policymakers and industry stakeholders. The company’s involvement in the Bleu cloud project, a joint venture with Orange and Capgemini designed to provide sovereign cloud services, underscores the challenges of creating separation from extraterritorial effects.
Source: https://ppc.land/microsoft-cant-protect-french-data-from-us-government-access