The logo of Microsoft is seen outside it's French headquarters in Issy-les-Moulineaux, outside Paris, Monday May 13, 2024. (AP Photo/Thibault Camus)

Microsoft slapped with EU complaint over alleged storage of Israeli surveillance data

Microsoft accused of enabling ‘surveillance, targeting, and occupation’ of Palestinians; software giant reportedly cut IDF unit’s access to Azure in September after Guardian report

by · The Times of Israel

LONDON — Microsoft is facing a complaint in the European Union filed by a nonprofit organization alleging it illegally stored data on Palestinians used for Israeli military surveillance.

The Irish Data Protection Commission (DPC) confirmed Thursday it had received the complaint against the US tech giant, saying it was “currently under assessment.”

Since Microsoft’s European headquarters are located in Ireland, the DPC is the EU’s lead data regulator for the company.

The organization that brought the complaint, Eko — which says it fights for “people and planet over profits” — accused Microsoft of violating Europe’s data protection law.

“Microsoft unlawfully processed personal data belonging to Palestinians and EU citizens, enabling surveillance, targeting, and occupation by the Israeli military,” it said in a statement.

The complaint followed a report in British newspaper The Guardian that the Israel Defense Forces used Microsoft’s cloud service Azure “for the storage of data files of phone calls obtained through broad or mass surveillance of civilians in Gaza and the West Bank.”

After investigating the report, Microsoft cut some of the Israeli army’s access to certain cloud services in September.

Illustrative: A soldier from the IDF’s Military Intelligence Directorate works at a computer. (Israel Defense Forces)

Eko has said that “new evidence shared by Microsoft whistleblowers indicates that the company rapidly offloaded vast quantities of illegally captured surveillance data after a Guardian investigation.”

In a statement, a Microsoft spokesperson said: “Our customers own their data and the actions taken by this customer to transfer their data in August was their choice.

“These actions in no way impeded our investigation,” they added.

According to The Guardian, the data was stored on Microsoft’s servers in Ireland and the Netherlands, placing it under the EU’s strict General Data Protection Regulation (GDPR).

GDPR, launched in 2018, aims to protect European consumers from personal data misuse and breaches.