Microsoft acknowledges lack of assurance regarding sovereignty of UK policing data

Blog
Microsoft acknowledges lack of assurance regarding sovereignty of UK policing data

Microsoft has informed Scottish policing bodies that they cannot guarantee the sovereignty of UK policing data hosted on its public cloud infrastructure. The company admitted that data uploaded to the Digital Evidence Sharing Capability (DESC) system may not remain in the UK as required by law. Microsoft acknowledged that data from their cloud infrastructure is frequently transferred and processed overseas, creating concerns for data protection compliance. They stated that technical changes could be made to ensure compliance but are currently only implementing these changes for DESC partners and not other policing bodies due to lack of requests.

As a result, concerns have been raised that UK policing data has been transferred abroad, breaching UK data protection laws. An independent security consultant highlighted the lack of compliance by Microsoft with UK data protection laws and raised questions about the offshoring of data by UK government users as well.
There are ongoing concerns about data sovereignty for cloud systems used by police in the UK, with regulatory and data protection experts questioning the legality of data transfers overseas. Microsoft has not made specific commitments to address these issues, leaving many questions unanswered.

While Microsoft has agreed to make changes to ensure DESC compliance, these changes are only being implemented for specific policing bodies and not all users of their cloud services. Experts believe that a move away from using Microsoft-based cloud services may be necessary to ensure compliance with UK data protection laws. The lack of competition in hyperscale cloud markets has meant that Microsoft is not incentivized to make broader changes, despite the legal concerns raised by UK policing bodies.

The challenges presented by Microsoft’s cloud services highlight the need for closer oversight and control of data transfers by UK policing bodies. The Information Commissioner’s Office has provided guidance to Police Scotland on measures to ensure DESC’s compliance with UK data protection laws. The issue extends to the wider government, as data sovereignty clauses in the latest G-Cloud framework may also be at risk of non-compliance.

Unlock your business potential with our expert guidance. Get in touch now!

Contact us
AI & Neural Networks Applications Big Data and Data Analysis Blockchain Cloud Computing and Services Digital Marketing in IT Digital Transformation E-commerce Technologies GLOBUS.studio GLOBUS.studio IT Consulting and Strategies IT for Businesses IT Security and Cybersecurity Learning Mobile Development News Project Management SaaS Solutions SEO/SMO/SMM Software Development Technologies Uncategorised UX/UI Web Development
DRL-Office-9624-1024x683.jpg

Call Center Quality Monitoring: Comparing Real-Time and Post-Call Approaches

  • GLOBUS.studio
tr_20240906-google-abusing-ad-tech-uk-cma.jpg

U.K. Government Claims Google is Misusing Its Dominant Position in the Ad Tech Industry

  • GLOBUS.studio
skills-unlock-training-jirsak-adobe-scaled.jpg

Accenture Reports UK C-Suite Possesses Greater Technical Skills Compared to Peers

  • GLOBUS.studio
tr_20240904-best-banks-quickbooks-integration.jpg

Top 10 Banks Compatible with QuickBooks in 2024

  • GLOBUS.studio
documents-paperwork-files-BillionPhotoscom-adobe.jpg

Lloyds Bank Implements Artificial Intelligence to Review Trade Finance Documents

  • GLOBUS.studio
airtable-alternatives.jpeg

9 Top Alternatives to Airtable for 2024

  • GLOBUS.studio
Nationwide-Building-Society-head-office-Swindon-PR.jpg

National Development Platform Leverages Red Hat Technology

  • GLOBUS.studio

Explore More

Your Gateway to Useful Resources