Microsoft CEO calls for Global GDPR-like Data Privacy Rights

The CEO of Microsoft has called for the implementation of GDPR-legislation worldwide to enhance global attitudes to data privacy rights.

Microsoft CEO Satya Nadella made the statement during a live interview at the World Economic Forum in Davos Switzerland. He called for world leaders to treat data privacy as a human right, and legislation should be enacted to protect this right.

Commenting on the EU’s recent GDPR legislation, a landmark piece of data privacy law, Nadella stated: “My own point of view on GDPR is it’s a fantastic start on really treating privacy as a human right. I’m hopeful that in the United States we will have something that is along the same lines.”

Apple CEO Tim Cook previously aired similar views on the introduction of GDPR-style legislation in the U.S.

Although GDPR only applies to data collected in the EU, once it was enacted in May 2018, Microsoft announced that it would apply EU GDPR rights to data collected around the world. That is, even though the same data privacy laws do not protect data collected inside and outside the EU’s borders, Microsoft would treat them as if they were.

Microsoft has since established an entire privacy centre which collects information on the types of data that Microsoft gathers, how they use this data, and how individuals can control how this data is distributed.

While delivering a keynote conference speech on privacy, data and Artificial Intelligence, Nadella commented on the need for a common standard in how privacy is dealt with around the world.

“In fact, I will hope that the world over, we all converge on a common standard. One of the things we do not want to do is fragment the world and increase transaction costs because ultimately it’s going to be born in our economic figures. I hope we all come together, the United States and Europe first, and China. All the three regions will have to come together and set a global standard.”

These remarks are coming soon after Microsoft actively lobbied for the introduction of more lenient data protection regulations to be introduced in California.

Nadella said that governments and consumers should not expect companies to self-regulate, as it is too complicated for businesses to ascertain what the correct and ethical use of private data is. He stated: “In the marketplace, there’s no discrimination between the right use and the wrong use… We welcome any regulation that helps the marketplace not be a race to the bottom.”

The US Senate is expected to draft GDPR-like legislation soon. In 2018, California introduced state data protection legislation and was due to conduct six public forums on the California Consumer Privacy Act (CCPA) over the coming months and weeks. Even in recent weeks, the Senate and House of Representative committees carried out separate hearings to discuss the potential for national privacy legislation. While there was general agreement that there exists an urgent need for federal privacy legislation, there was little consensus on the form this legislation would take.

Nadella’s comments come as Microsoft remains under investigation by Dutch authorities regarding a potential GDPR violation. According to the claimants, Microsoft Office is collecting the contents of private email correspondence.

In response, the company released a statement which stated: “We are committed to our customers’ privacy, putting them in control of their data and ensuring that Office ProPlus and other Microsoft products and services comply with GDPR and other applicable laws. We appreciate the opportunity to discuss our diagnostic data handling practices in Office ProPlus with the Dutch Ministry of Justice and look forward to a successful resolution of any concerns.”

If Microsoft is found guilty then, in line with GDPR legislation, it could face the highest potential fine of €20m or 4% of annual global revenue for the most recent fiscal year.

Link copied to clipboard
Photo of author

Posted by

Emma Taylor

Emma Taylor is the contributing editor of Defensorum. Emma started on Defensorum as a news writer in 2017 and was promoted to editor in 2022. Emma has written and edited several hundred articles related to IT security and has developed a deep understanding of the sector. You can follow Emma on and contact Emma at