GDPR-like Legislation Needs to be Applied Worldwide -Microsoft CEO

Satya Nadella, Chief Executive Office of computing giant Microsoft, during an on-stage interview at the recent World Economic Forum in Davos Switzerland, called for the implementation of legislation that enshrines data privacy as a human right globally.

Nadella is an advocate of the European Union General Data Protection Legislation (GDPR) that became active on May 25 2018. He stated: “My own point of view on GDPR is it’s a fantastic start on really treating privacy as a human right. I’m hopeful that in the United States we will have something that is along the same lines.”

The point mirrored the views of Apple CEO Tim Cook regarding the introduction of GDPR-style legislation in the U.S.

Once GDPR became enforceable GDPR last year, Microsoft moved quickly to announce that it would apply EU GDPR rights on a worldwide basis. Along with this, the computing giant established an entire privacy center which details the type of data that Microsoft gathers, what use this data is put to and how data owners can manage how this data is distributed.

Nadella said that people need to be in utter control of their own private data, not just in the the U.S. but on a worldwide basis. He was delivering a keynote conference speech on privacy, data and Artificial Intelligence. Throughout his talk he commented on the need for a common standard in how privacy is dealt with.

Coming soon after Microsoft actively lobbied for the introduction of more lenient data protection regulations to be introduced in California, he remarked that he feels that there should be a global acceptance of privacy as a basic human right. Nadella commented: “In fact I will hope that the world over, we all converge on a common standard. One of the things we do not want to do is fragment the world and increase transaction costs, because ultimately it’s going to be born in our economic figures. I hope we all come together, the Unites States and Europe first, and China. All the three regions will have to come together and set a global standard.”

Nadella said that it is not sufficient to expect companies to self regulate as it is too complex for businesses to ascertain what the correct and ethical use of private data is. He stated: “In the marketplace there’s no discrimination between the right use and the wrong use… We welcome any regulation that helps the marketplace not be a race to the bottom.”

The US Senate will be drafting GDPR-like legislation in the near future. California, as mentioned earlier, introduced state data protection legislation in 2018 and is due to conduct six public forums on the California Consumer Privacy Act (CCPA) over the coming months and weeks. In the last few weeks, U.S. Senate and House of Representative committees carried out separate hearings to consider the possibilities for national privacy legislation. While there was consensus regarding the need for federal privacy legislation, they have did not agree on the finer points of the possible legislation.

Nadella’s comments come as Microsoft remains under investigation in the Netherlands in connection with a potential GDPR violation. Amid claims that Microsoft Office is collecting the contents of privates email correspondence the company released a statement which stated: “We are committed to our customers’ privacy, putting them in control of their data and ensuring that Office ProPlus and other Microsoft products and services comply with GDPR and other applicable laws. We appreciate the opportunity to discuss our diagnostic data handling practices in Office ProPlus with the Dutch Ministry of Justice and look forward to a successful resolution of any concerns.”

If Microsoft is found guilty then, in line with GDPR legislation, it could face a highest potential fine of €20m or 4% of annual global revenue for the most recent financial year.

All of this, in along with what appears to be the support of Microsoft and Apple for Federal data privacy legislation, further emphasize the importance for U.S. companies to now begin seeing to it that they are doing everything they can to secure the private data that they are collecting.

Author: Security News