That's what he would say if the company was under a gag order in the US. So I would take anything they say with a mountain of salt.
This make it less likely he's lying. It could be possible Microsoft France has a "rogue" employee system where a key person only obeys to Microsoft US orders rather than his French boss and French law. Then the boss can swear to the Senate that they're complying.
This is exactly the system the US Congress accused TikTok of having set up.
In practice the US HQ could mandate a security update that secretly uploads all data to the US but that's a whole other can of worms that I don't think anyone is ready to open.
in a modern cloud dater center you don't need someone physically plugging a USB stick in a server, you just need a back door in a cloud software stack many times the size then any modern operating system which often even involves custom firmware for very low level components and where the attacker has the capabilities to convince your CPU vendor to help them...
Including certain contractual "standard"(1) agreements which would make some of their higher management _personally_ liable for undue data access even under Cloud act from the US!!!
(1) As in standard agreements for providers which store lawyer data, including highly sensitive details about ongoing cases etc.
So you can't really trust MS anymore at all, even if personal liability (e.g. lying under oath) is at stack. And the max ceiling for the penalties for lying under oath seem less then what you can run into in the previous mentioned case...
You also have to look a bit closer at what it even means if "the french MS CEO swears they are complying" it means he doesn't know about non compliance and did tell his employees to comply and hired someone to verify it etc.
But the US doesn't need the French CEO to know, they just need to gain access to the French/EU server through US employees, which given that most of the infra software is written in the US and international admin teams for 24/7 support is really not that hard...
And even if you want to sue the French CEO after a breach/he (hypothetically) lied he would just say he didn't because he also was lied too leading to an endless goose chase and "upsi" by now the French CEO somehow is living in the US.
And that is if you ever learn about it happening, but thanks to the US having pretty bad gag orders/secret court stuff the chance for that is very low.
So from my POV it looks like MS has knowingly and systematically lying and deceiving customer, including such with highly sensitive data, and EU governments about how "safe" the data is even if it lead to personal legal liabilities of management.
And I mind to remember that AWS was giving similar guarantees they most most likely can't hold, but I'm not fully sure. Idk. about Google.
Oh and if you hope that the whole Sovereign Cloud things will help, it wont. It's a huge mage pretend theater moving millions over millions into the hands of US cloud providers while not providing a realistic solutions to the problem it is supposed to solve and neglecting local competition which actually could make a difference, smh.
There wouldn't be any lawsuit. If you do this kind of things you get arrested, get a trial and then you are in prison forever.
"Every accusation is a confession" remains undefeated
This is actually amazing that all the tenders have not been rejected under national security grounds or simply security services (yet again) have not done the job tax payers pay them to do.
They should have arranged to get a 100 euro refund every time it happens, or 440 euros if the UK does it.
Hearing a distant shout of "hold my beer" from the White House...
The interesting thing is that the US is acting in the exact way that they accuse China of acting. Companies like Huawei are forbidden from installing telecom infrastructure for "national security" reasons [1]. One of justifications for first banning then forcing a sale of Tiktok was because of possible Chinese government interference. It's only a matter of time before the EU and China start making the same determination against US tech giants (eg Meta executive brags about silencing dissent [2]).
This administration really is killing the golden goose.
[1]: https://www.reuters.com/business/media-telecom/us-fcc-bans-e...
A better faith interpretation is that people are free to criticize Israel and Zionism on Meta, just not using racist tropes.
If they can make successful tax shelters they can architect the entities and the architecture to remove this option.
There's some 9-eyes thing where this is a feature not a bug
https://dirkjanm.io/obtaining-global-admin-in-every-entra-id...
giuliomagnifico•3h ago