Mastodawn

You have been warned yet again, the US cannot be trusted...

Microsoft, under oath, admits the possibility that EU‑hosted data can be accessed by US agencies without any notifications

In sworn French‑Senate testimony, Microsoft’s legal chief for France(M. Anton Carniaux) conceded he cannot guarantee that data on French citizens stored wholly in EU Microsoft datacenters is safe from U.S. silent access and acknowledged that French or any EU authorities might not even be notified if access occurs.

Delivered under oath, this statement is an official legal recognition of the silent‑access risk inherent in relying on Microsoft’s infrastructure.

https://www-senat-fr.translate.goog/compte-rendu-commissions/20250609/ce_commande_publique.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en

CE Commande publique : compte rendu de la semaine du 9 juin 2025

Sénat

Daniel Durrans Jul 19, 2025

@devopscats @julesbl while every IT sysadmin has assumed this for years.

devopscats Jul 19, 2025

@dan @julesbl Indeed, but its finally been said out aloud

Duncan Blues Jul 20, 2025

@devopscats @dan @julesbl
And execs will _still_ just shrug it off. 🤷🏻

@duncan_blues @devopscats @dan @julesbl I would some time ago naively think execs will want their company data as protected as possible... I've yet to meet such execs.

m0xEE Jul 22, 2025

@[email protected] @[email protected] @[email protected] @[email protected] @[email protected]
Execs cannot be trusted. They are supposed to think about company's interests, but in fact most often pursue their own goals, therefore only think short term 🤷

@m0xEE @duncan_blues @devopscats @dan @julesbl If we did want to achieve better security, cutting out execs (and .exes) would definitely help!

@m0xEE @duncan_blues @devopscats @dan @julesbl Now, would security eventually devolve into a bunch of grumpy, perhaps armed sysadmins locking encrypted drives in safes? Mayhaps. But would the data be secure? You bet.

@m0xEE
I can imagine the job ads though. "Sysadmin wanted. Must have firearms licence. Perks: company bulletproof vest."
@duncan_blues @devopscats @dan @julesbl

Duncan Blues Jul 22, 2025

@ozzelot @m0xEE @devopscats @dan @julesbl
👇
https://norden.social/@duncan_blues/114865003643931005

Duncan Blues (@[email protected])

@[email protected] @[email protected] My boss asked me, why I carry a gun around the office. "To fight the Decepticons!" My boss laughed, I laughed, my MDE enrolled PC laughed, I shot the PC.

norden.social

Colin Rosenthal ✡️🕎 ❤️🇮🇱❤️ 🕎✡️Jul 20, 2025

@dan @devopscats @julesbl Well yes, but sysadmins don’t write company IT strategies!

"Wish the sun to stand still.." 🌞Jul 21, 2025

@dan Really?

Remind me to never turn my back on one.

A source: https://ppc.land/microsoft-cant-protect-french-data-from-us-government-access/
Cc: @X_net

Microsoft can't protect French data from US government access

Company admits under oath that American authorities can demand European citizen information despite security promises.

PPC Land

Xnet Jul 21, 2025

@evilham https://mastodon.social/@X_net/114875105666213724

zl2tod Jul 19, 2025

Phear Mutual Legal Assistance Treaties as well as US law.

Relevant precedent from almost 20 years ago:

https://www.eff.org/cases/indymedia-server-takedown

Indymedia Server Takedown

Updated August 2005 » EFF press release about unsealed documents Aug 2 2005 On October 7 2004 more than 20 Independent Media Center (IMC) websites and other Internet services were taken offline pursuant to a Commissioner's Subpoena. The Electronic Frontier Foundation (EFF) represented the interests...

Electronic Frontier Foundation

Spitefully Optimistic Jul 19, 2025

@devopscats now where is that shocked face emoji I was saving for this occasion...

People who say they wouldn't touch Huawei hardware because of spying concerns, gladly run stuff on US made hardware in a US owned cloud and pretend that it's all ok.

@devopscats The best approach any organization or individual can do now is to host their own email. Cloud computing just cannot be trusted to do the right thing. It’s why I pulled my email and data out of the cloud and I now #selfhost. I need to go back to writing a guide on how to do this so more people can do it and reclaim their freedom.

Coralie Renée Jul 19, 2025

@housepanther @devopscats

"Email self-hosting for dummies who don't know nada".

Yes please!!!

Stingray's Badger Friend Jul 20, 2025

@globcoco @housepanther @devopscats

Also, yes please from me, a simple guide and dejargoning of all the terms world be really helpful if you have time

@StingrayBadger @globcoco @devopscats Okay, will do! 👍

Stingray's Badger Friend Jul 20, 2025

@housepanther @globcoco @devopscats

Thank you, you're very kind!

I'd be happy to idiot test also!

Coralie Renée Jul 20, 2025

@StingrayBadger @housepanther @devopscats

Same here 🖐.

𝙲:\𝚝𝚛𝚊𝚗𝚔𝚣𝚎𝚗> █Jul 20, 2025

@StingrayBadger @globcoco @housepanther @devopscats To anyone who wants to self-host things like email but don't know where to start, I can't recommend our friends @yunohost enough. As a non-profit, they provide turnkey solutions to host tons of services on your own hardware, along with ample documentation. Visit https://yunohost.org/ to know more

YunoHost: garden your own piece of the Internet!

YunoHost is a system that installs itself on a server and allows you to install and maintain - with very little technical knowledge - digital services (apps) that you control.

Kurt Kremitzki Jul 20, 2025

@trkzn @StingrayBadger @globcoco @housepanther @devopscats @yunohost thank you for sharing!

@trkzn @StingrayBadger @globcoco @housepanther @devopscats @yunohost

If you install #Nextcloud using #Yunohost you already have everything you need to organize and communicate. Very powerful Combo i think.

Blort™ 🐀Ⓥ🥋☣️Jul 20, 2025

@trkzn @StingrayBadger @globcoco @housepanther @devopscats @yunohost

I'm no tech genius, but I've been successfully hosting my email using #Yunohost for years. My main advice, make sure you follow the recommended domain settings in Diagnosis and make sure you're using a host that isn't a US based, cheap, mass hosting company like GoDaddy, Hostgator etc, as all their IP addresses have been used by spammers.

rosbeefandino Jul 21, 2025

@trkzn @StingrayBadger @globcoco @housepanther @devopscats @yunohost self host email server on users isp is complicated. on vps its OK but why to pay a vps when you can have a fullmanaged service by a confident host like @ouvaton hosted on @Octopuce or @lacontrevoie ... ?

@housepanther @devopscats self-hosting isn't really an option for most people though, it requires a lot of time, money, and technical computer knowledge

@hazelnot @devopscats It requires time and knowledge but not much in the way of money.

Paul Tichonczuk Jul 19, 2025

@devopscats https://www.disconnect.blog/p/getting-off-us-tech-a-guide

Getting off US tech: a guide

I’m in the process of dropping US tech services. Here’s how I did it, and options you should consider.

Disconnect

David Scott Moyer Jul 19, 2025

@devopscats I guarantee you that every single tech-savvy nation on the planet is developing and/or buying the capability to do that, and the US is probably not leading the pack. That would be China.

@devopscats in french IT we are aware of this since more than 2 years, and we are working to migrate away from microsoft towards self-hosted solutions for emails, cloud and tools. and now lawyers are forbitten of using microsoft/google email addresses.

devopscats Jul 19, 2025

@Stellar most of us have suspected this in Australia ever since we became a member of the five eyes, but having it said out aloud shows we were not paranoid after all

enuts_Jul 20, 2025

@Stellar @devopscats Weeeell are you aware of the number of CAC40 compagnies that use Microsoft 365/Teams ?

@enuts_ @devopscats as i said. we are working on moving away from microsoft tools and moving away eventually from windows all together because of windows recall. as for companies not obligated to safeguard data and who don't care about data sent to a fascist state we can't force them to move away from microsoft.

enuts_Jul 20, 2025

@Stellar @devopscats Who do you put in this "we" ?
Because for example I know that Crédit Agricole is moving from in-house hosting to Microsoft since a couple of years (and not the opposit)

Dagnabbit, Pascaline! 💥Jul 19, 2025

As soon as a company says 'we cannot guarantee' this means 'whatever'.

Jorge Alvarez Jul 19, 2025

@devopscats The @EUCommission should stop using Microsoft products immediately if they really care about their citizens.

oh right I'm at easterhegg rn Jul 19, 2025

@devopscats heya, do you per chance have a summary/source that is company laywer compatible?
e.g. a link to the court documents or such

devopscats Jul 19, 2025

@4censord https://www-senat-fr.translate.goog/compte-rendu-commissions/20250609/ce_commande_publique.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en

CE Commande publique : compte rendu de la semaine du 9 juin 2025

Sénat

oh right I'm at easterhegg rn Jul 19, 2025

@devopscats thank you!

Kuba Orlik Jul 19, 2025

@devopscats do you have a source at hand?

devopscats Jul 19, 2025

@kuba https://www-senat-fr.translate.goog/compte-rendu-commissions/20250609/ce_commande_publique.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en

CE Commande publique : compte rendu de la semaine du 9 juin 2025

Sénat

@kuba @devopscats here, in French: https://www.senat.fr/compte-rendu-commissions/20250609/ce_commande_publique.html

and here, in English: https://brusselssignal.eu/2025/07/digital-vassals-french-government-exposes-citizens-data-to-us/

CE Commande publique : compte rendu de la semaine du 9 juin 2025

Sénat

Kuba Orlik Jul 20, 2025

@hazelnot @devopscats thank you!

David J. Atkinson Jul 20, 2025

@devopscats Nor France or any other country, allies or not.

This is nothing new, especially when it comes to international situations that interest the intelligence community. The safe assumption is that they will gain access to information quickly and silently. The info will never be acknowledged but it will be used, if needed.

devopscats Jul 20, 2025

@meltedcheese true, but only some countries overthrow other allies governments

gossen Jul 20, 2025

@devopscats
Maybe a interesting read from @bert_hubert https://berthub.eu/articles/posts/you-can-no-longer-base-your-government-and-society-on-us-clouds/

It is no longer safe to move our governments and societies to US clouds - Bert Hubert's writings

The very short version: it is madness to continue transferring the running of European societies and governments to American clouds. Not only is it a terrible idea given the kind of things the “King of America” keeps saying, the legal sophistry used to justify such transfers, like the nonsense letter the Dutch cabinet sent last week, has now been invalidated by Trump himself. And why are we doing this? Convenience.

Bert Hubert's writings

devopscats Jul 20, 2025

@gossen Thanks reposted.
Realistically we've know this has been happening for decades, it's just that's it's been acknowledged and it's full mask off with this administration.
Frustratingly in many countries, like Australia, we have the ability to do it ourselves, but our governments have been compromised by multinational companies and their lobbyists, which have transferred a lot of wealth out of the country that could have gone towards making us more independent, and building our own capabilities.

gossen Jul 20, 2025

@devopscats
It is truly a horrifying idea that super private EU citizens information can and is being used/analyzed by other parties. Maybe it is time for these kind of measurements: https://999eagle.moe/posts/visor/

building a visor for unit ⛧-440729

this unit has built a visor for itself (and is still continuing to work on that) based around a gas mask. anyone at chaos events or following it on fedi has a pretty good chance of [having seen, seeing] it wear the visor and because it has been asked quite a few times, it is now writing this post on how the visor is built.

glyn Jul 20, 2025

@devopscats Microsoft, under oath, admits the Pope is a Catholic. 😉

vampirdaddy Jul 20, 2025

@devopscats
Original-Link:
https://www.senat.fr/compte-rendu-commissions/20250609/ce_commande_publique.html

CE Commande publique : compte rendu de la semaine du 9 juin 2025

Sénat

Dan Jul 20, 2025

@devopscats wow https://windowsforum.com/threads/european-digital-sovereignty-at-risk-microsofts-senate-testimony-and-the-future-of-data-privacy.374016/ . This should be a game changer towards self hosted and open source solutions in Europe.