French Data Under U.S. Firms Is Not Protected From U.S. Government Access brusselssignal.eu

Anne-Laure Dufeal, Brussels Signal:

The [French] Senate report cited Microsoft France’s legal director, Anton Carniaux, as admitting the company could not guarantee that French data it hosted would not be handed over to foreign authorities.

“Carniaux … was asked by the [French Senate] commission to guarantee that French citizens’ data hosted by Microsoft would never be transmitted to foreign authorities without the agreement of the French authorities. He replied: ‘No, I can’t guarantee that,’” the report stated.

Luis Rijo, PPC Land:

The testimony contradicts years of Microsoft’s security assurances regarding European data hosting. Despite implementing encryption and technical safeguards, the company acknowledged that US legislation ultimately supersedes protective measures when federal agencies issue valid data requests.

[…]

Amazon Web Services, Google Cloud, and other hyperscale providers operate under identical legal frameworks, potentially exposing European data to extraterritorial access. The testimony suggests widespread vulnerability in European digital infrastructure built on American technological foundations.

Ben Werdmuller:

Reliance on US services has become a point of vulnerability for everyone. This should be a concern regardless of American leadership; under the current administration, it’s become a frequent topic of conversation for security leaders both inside and outside of the country.

The U.S. set up a new court to handle European complaints, but it is under the umbrella of the U.S. Privacy and Civil Liberties Oversight Board which currently has a single board member, who happens to be a Republican. That is because the other three members of the board — all Democrats — were told to leave after Donald Trump retook the presidency, thus making it non-functional. Is the court hearing cases? That is a good question; the whole thing is one big secret.