In this blog post, ownCloud COO Holger Dyroff answers the blog post by Microsoft’s Julie Brill, trying to assure customers about cross-border data flows after last week’s ruling of the European Court of Justice.
Nice try, Microsoft. We know your hands are bound. As your Chief Legal Officer Brad Smith argues, your home country should change its relevant laws (source: CNN). We are fully with you on that point.
But congress will not change the laws in the short term. Until now, there is just no signal whatsover that they contemplate protecting data privacy in the way that GDPR does in Europe. On the contrary: Just two weeks ago, the Senate Judiciary Committee advanced the ‘Earn It’ bill that in its current form would poke holes in Section 230 (source: TheVerge.com) and encourages state lawmakers to look for loopholes to undermine end-to-end encryption (source: EFF.org). That would affect your cloud products, Microsoft, as well, but not our on-premises customers.
You say you embraced Privacy Shield as a successor to Safe Harbor after that framework was invalidated. Yes you did, we noticed, and you were wrong, as the court ruled yesterday. You embraced Safe Harbor before it was invalidated and were wrong then.
The laws of the US and Europe are NOT compatible, as are the values of Europe and those of the US administration. We expect that the GDPR should and will not be changed, because data protection is a human right. On top of that, we believe real-time collaboration and data ownership are not mutually exclusive. We envision a future in which everyone has control over their data. We are on mission for more digital sovereignty, security and data protection. We also believe, based on your statements and those of Brad Smith, that you think alike, but you are bound by the laws of your home country. We’re sorry for you to be in this position.
Therefore, every single one of your customers should know that by 2025, you plan to end support of your most important on-premises products (source: Microsoft). As Klaus Vitt, former CIO of the Federal Republic of Germany, did rightfully state: “We need to look for other solutions now. Our goal is digital sovereignty for government agencies and the public sector” (source: Tagesspiegel Background, €).
We at ownCloud provide solutions that provide full digital sovereignty. They are also fully open and transparent.
We stand with our partners in Europe in enabling secure, efficient and fully sovereign workplaces and workspaces. Any European investments in further digitization should avoid your cloud offerings, just labeled risky by our highest court, the European Court of Justice, but go towards open and digital sovereign solutions.
Just as we currently do with Office Online Server, your on-premises browser-based Office Suite, we look forward to providing GDPR-compliant integrations of your products in future.