No data violation found in Luxembourg Skype & Microsoft - NSA probe
(ADW/CS) In a Monday morning press release, Luxembourg's National Commission for Data Protection (CNPD) stated that it found no violation of fundamental data rights in Luxembourg by either Skype or Microsoft.
The probe was launched after the CNPD received a complaint by a private individual who believed that their fundamental rights and freedoms in regards to the protection of personal data had been violated.
The complaint came after the UK's Guardian had claimed, based on documents by Edward Snowden, that Skype had supplied the NSA with content from calls, as well as non-content information, such as email addresses and call details.
An investigation launched by the CNPD, however, did not confirm the complaint.
In an official statement issued on November 18, the CNPD states: "The fact finding operations conducted since July 2013 and the subsequent detailed analysis did not bring to light any element that the two Luxembourg-based companies [Skype and Microsoft] have granted the US National Security Agency mass access to customer data."
Additionally, the statements says: "Furthermore, the transfer of certain personal data to affiliate companies in the US, as laud down in the privacy statements of both companies, appear to take place lawfully under the rules of the adequacy decision 200/520/CE by the European Commission implementing the so called 'Safe Harbor' agreement."
The CNPD therefore concludes that it "did not find any violation of the provisions of the Luxembourgish data protection legislation by Skype Communications S.A.R.L. or by Microsoft Luxembourg S.A.R.L."