Microsoft has become the world’s first company to adapt the international cloud privacy standard ISO/IEC 27018. The standard was released by the International Standard Organization (ISO) last year regarding the breaches done by the several spying agencies worldwide, including NSA.
The move makes the Redmond giant world’s first cloud service provider to adopt this standard, and on various levels the standard restricts the misuse of personal information of an individual. All of the Microsoft services, including Azure and Office 365, are now under of the umbrella of ISO/EIC 27018.
The standard ensures the clients that the vendors only have access to personally identifiable information or PII and nothing else. The vendors cannot access the information stored by the user, but the user’s personal information that was taken during the sign-up process.
It gives a transparency of storage, deletion, transfer, return and use of personal information inside the data center, however, if somehow a third-party or an advertiser see this information the vendor must inform the user about this.
Standard enforces the vendors to keep a record of all the activities related to the hacking crime done on their servers. It asks the seller to keep the information disclosures regarding PII requests by law and enforcement to the customer only, provided that it is not prohibited by the laws.
Brad Smith, Microsoft general counsel said, “As we’ve said before, customers will only use services that they trust. The validation that we’ve adopted this standard is further evidence of our commitment to protect the privacy of our customers online.”
Company’s adherence to this standard will put more trust among its customers, and will help limit the spying activities of the government agencies including NSA and GCHQ.
For the past few years, there have been several reports about the surveillance and government spying on the users’ data.