Microsoft will process M365 Copilot data locally in 15 countries by utilizing regional data centers, addressing digital sovereignty concerns. The initiative begins in Australia, India, Japan, and the UK, expanding to other countries by 2026, aiming to enhance data governance and reduce latency for customers, especially in regulated industries.
European agencies, like Austria's Ministry of Economy, are increasingly migrating to open-source solutions (e.g., Nextcloud) to achieve digital sovereignty and control over sensitive data, distancing from US tech giants. This trend reflects broader efforts across Europe to manage data sovereignty, encourage local solutions, and ensure compliance with privacy regulations. While some migrations are successful, others face challenges requiring careful planning to avoid disruptions.
Microsoft Teams will record workplace presence starting December 2025 by detecting connections to office Wi-Fi, aiming to aid hybrid work setups. The feature automatically sets user status based on their location, raising potential data privacy concerns and necessitating employee consent and management activation for use. Critics warn it could undermine trust in remote work practices, emphasizing the need for legal compliance under GDPR and labor laws.
https://www.heise.de/en/news/Microsoft-Teams-can-record-office-presence-from-December-10899943.html
Microsoft 365 Copilot now lets employees quickly build apps, workflows, and AI agents with natural language prompts. New tools like App Builder, Workflows Agent, and Copilot Studio Lite enable users to create dashboards, automate recurring tasks, and develop work-focused agents. These features are fully integrated with Microsoft 365’s security and compliance standards, providing administrators with centralized controls for management.
Microsoft is being sued in Australia for allegedly misleading users of its Microsoft 365 subscriptions into paying for its AI assistant, Copilot, by not disclosing a cheaper, non-AI “Classic” plan. The ACCC claims Microsoft hid this option, leading to price increases for many users. The lawsuit seeks penalties and consumer redress for what is characterized as misleading conduct, including claims that accepting AI features or facing a price increase were mandatory.
https://cyberinsider.com/microsoft-sued-for-allegedly-forcing-m365-users-to-pay-for-ai/
UK government's trial of M365 Copilot shows no clear productivity boost; some tasks faster, others slower. Users liked it but productivity gains unclear. M365 Copilot effective for simple tasks but struggles with complex ones.
https://www.theregister.com/2025/09/04/m365_copilot_uk_government/
EDPS finds European Commission's Microsoft 365 use initially non-compliant with GDPR. Commission rectified issues by improving data processing instructions, safeguards for international transfers, and disclosure practices. Corrective measures were mandated, and significant improvements were noted. The EDPS emphasizes the need for all organizations to review data handling practices, warning that non-compliance can still exist. Companies should scrutinize cloud service agreements, especially regarding GDPR compliance.
Microsoft announces a new European Security Program to enhance cybersecurity amid increasing threats from nation-state actors and cybercriminals. The program focuses on AI-driven threat intelligence sharing, investment in cybersecurity resilience, and expanding partnerships. It is free for all 27 EU member states and other European nations, showcasing Microsoft's commitment to securing Europe's digital future through collaboration and proactive defense strategies against evolving cyber threats.
Microsoft is reacting to growing European skepticism about US tech companies by reinforcing data privacy commitments and enhancing its cloud infrastructure in Europe. Amid concerns over US policies and potential data vulnerabilities, Microsoft plans to increase its European data center capacity by 40%, implement a governance model compliant with European laws, and legally commit to contesting any government orders that threaten its operations in Europe. This strategy aims to restore customer trust and ensure compliance with local regulations amidst geopolitical tensions.
https://www.theregister.com/2025/04/30/microsoft_getting_nervous_about_europes/
Microsoft's cybersecurity strategy includes a Cybersecurity Governance Council and Deputy Chief Information Security Officers (CISOs) focusing on risk management, compliance, and operational security. Key figures Igor Sakhnov, Mark Russinovich, and Yonatan Zunger lead initiatives in identity security, Azure security, and AI safety. They stress the importance of integrating security into innovation, assume that breaches will happen, and highlight misconceptions about perfect solutions in cybersecurity. Their leadership showcases a commitment to building resilient systems that involve collaboration across the company's tech landscape.
