Microsoft can't protect French data from US government access
We've known this for years, but it's significant to see Microsoft admit this under oath in a European court. When the US Government issues an NSL, Microsoft cannot say no:
Microsoft France's legal director conceded under sworn testimony that the company cannot guarantee French citizen data stored in EU datacenters remains protected from US agency access. The June 10, 2025 French Senate hearing marked a significant moment in European digital sovereignty discussions as Microsoft executives addressed concerns over extraterritorial data access.
During proceedings before the Senate inquiry commission investigating public procurement's role in promoting digital sovereignty, Anton Carniaux, Microsoft France's director of public and legal affairs, admitted fundamental limitations regarding data protection guarantees. When asked directly whether he could guarantee under oath that French citizen data would never be transmitted to US authorities without explicit French authorization, Carniaux responded: "No, I cannot guarantee it."
The testimony contradicts years of Microsoft's security assurances regarding European data hosting. Despite implementing encryption and technical safeguards, the company acknowledged that US legislation ultimately supersedes protective measures when federal agencies issue valid data requests.
So much for the EU Sovereign Cloud, eh.
Tags: cloud-computing microsoft eu us-politics sovereignty data-protection privacy via:davey_cakes