Microsoft will open data centers in three locations in the Community of Madrid “in the coming months.” This was announced by the president of the technology company, Brad Smith, during an event organized by the Association for the Progress of Management (APD) this Friday in Madrid. “We are no longer talking about years but we are talking about months”, he said about the centers located in San Sebastián de los Reyes, Algete and Meco (Madrid).
“The data of Spanish companies and the Spanish government will be stored in Spain,” he said. In Algete there will be two facilities, according to a statement from the local council. Microsoft has not given details of the number that there will be in total. Smith said the company has data centers in 17 countries in Europe, where it has invested €11.37 billion in the last two years.
Microsoft’s decision to open data centers in Europe has to do with the July 2020 ruling of the Court of Justice of the European Union that ended Privacy Shield, the agreement that since 2016 had allowed the sending of personal information of European citizens to data centers in the United States. Among the ruling’s arguments, the court explained that it had not found “limitations” to the use of the data for certain surveillance programs.
Since then, companies that send personal data of European citizens to the US have to comply with legal mechanisms included in the RGPD (transfers through adequate guarantees or binding corporate rules), which allows them to transfer them by offering certain guarantees.
By establishing its data centers in Madrid, Microsoft could guarantee that the personal information of its customers in Spain will be stored in the national territory. According to Miguel Ángel Abellán, from the consultancy specializing in data protection Audidat, “this implies that it would not be necessary to comply with the conditions established in the GDPR for flows of personal information outside the European Economic Area.”
In February, the company Meta sent a communication to the US stock market regulator in which it warned of the possible withdrawal of Europe from Instagram and Facebook “if a new transatlantic data transfer framework is not adopted and we cannot continue to use SCS [cláusulas contractuales estándar] or to other alternative means of data transfer from Europe to the US”.
California has a law that regulates the management of private data, but in the US there is no federal law that does so, which allows its trade between companies and the intervention of government agencies.
apologies. The president of Microsoft recognized the damage that the technology had caused to cloud service providers in Europe with its licensing policy. “I came to Brussels to explain the changes we are making and to say sorry,” he said. In 2019, the technology introduced a measure that limited or made the use of alternative clouds to Azure, its own cloud, for Windows and Office customers more expensive.
Changes. According to the Financial Times, the announced changes remove the obligation to purchase an additional license for customers uploading their data to one of Europe’s clouds. Those improvements do not apply to those who want to bring their data to AWS or Google Cloud.