Microsoft threw down a challenge to the US tech industry on Wednesday as it came up with a radical new regime to try to protect the data of some of its biggest European customers from US government over-reach.
The arrangement, which will ringfence European data with a new legal set-up designed put it beyond US courts and the country’s national security establishment, in one of the most drastic corporate responses yet to the American internet spying scandal.
Technology analysts called it a “watershed moment”, describing the manoeuvre as the first time a major US tech group had accepted its inability to protect customer data from the US government. The plan exposed the flaws in other recent attempts by US tech companies to ease European fears by simply opening more data centres in Europe, because these were still exposed to US intrusion, they added.
The US software company said it will allow foreign customers to hold data in new European facilities that are instead under the control of Deutsche Telekom, the German telecommunications group.
The legal and technical arrangement is intended to put the data of European government and business customers, along with millions of citizens, completely out of reach from US authorities.
Microsoft's initiative could have a ripple effect across the industry, creating a tough new privacy standard that customers may soon also demand from other "cloud computing" providers such as Google, Amazon and Oracle.
Silicon Valley groups are struggling to regain the trust of European customers in the wake of disclosures by NSA whistleblower Edward Snowden about widespread internet surveillance by US intelligence agencies.
Microsoft chief executive Satya Nadella said the effort was designed to regain the trust of customers which had been lost as a result of the Snowden disclosures. "We need to earn both trust of our global customers and operate globally. That's at the cornerstone of how we've done business and how we will continue to do business," he said.
In response, US tech groups have moved to build data centres in European countries. But many of the region’s customers remain unsatisfied that these efforts alone can protect against snooping.
"I think Microsoft have come to the conclusion that they can't get away from being a US company," says Carsten Casper, analyst at Gartner, the research group. "I find that more honourable than others who try to move their data centres to Europe to appease customers, but how good is it to have data centres in those countries if you can access it from abroad with no particular problem?"
Analysts say Microsoft’s concession could complicate negotiations between US and EU politicians on a new transatlantic data sharing pact known as “Safe Harbour”. Talks have been faltering for months over the thorny political issue of surveillance.
Financial Times