AnnouncementOn Monday 16 January 2015 Microsoft announced that they had adopted the first international Cloud privacy standard. The standard in question is ISO/IEC 27018, the code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.
DiscussionA ZDNet article entitled “Microsoft adopts international cloud privacy standard” was published yesterday which provided Microsoft’s summary of this development:
… under the standard, enterprise customers will have control of their data; will be informed of what’s happening with their data, including whether there are any returns, transfers, or deletion of their personal information; and will be protected with “strong security” by ensuring that any people processing personally identifiable information will be subject to a confidentiality obligation.
At the same time, Microsoft has ensured that it will not use any data for advertising purposes, and that it will inform its customers if their data is accessed by the government.