Microsoft announced plans today to offer cloud services including Azure, Office 365 and Dynamics CRM Online from two data centers in Germany.

This follows an announcement yesterday that it also plans to develop a number of data centers in the UK and extend existing data centers in Ireland and the Netherlands.

The centers are expected to be operational late in 2016. In the case of Germany, the centers will be operated by a third-party or data trustee — in this case, T-Systems, a subsidiary of Deutsche Telecom — and will serve the entire European market.

Both Ireland and the Netherlands will provide additional capacity for customers across Europe, the Middle East and Africa.

New Data Model

The new data trustee model means that Microsoft will not be able to access customer data stored in those centers without the express permission of the trustee. As a result, it cannot be forced by any third party, including US courts, to hand over data.

The centers will also offer all the uptime and security guarantees that Microsoft offers with its data centers globally.

The development of the new data centers responds to growing concerns about the data security of European customers of US companies operating in Europe.

While there has always been a certain amount of unease among European companies about the safety of client data, several high profile cases in recent months have brought the issue into focus.

First, the European Union strike down the Safe Harbor agreement between the US and Europe. The 15-year-old set of rules allowed US companies to import European personal data while complying with strict EU privacy regulations. While US legislators are working on a new framework and hope to have it finalized by the end of the year, there is still a great deal of uncertainty around the issue.

The other case involves Microsoft. Microsoft is appealing the ruling of a US District Court order forcing the company to hand over the emails of a suspected drug trafficker whose nationality has not been identified.

Securing Data

While storing European data in Germany-based data centers will help allay legal concerns about the geographical location of data, the fact that they are managed by trustees will ensure than cases like the one that prompted the Safe Harbor lawsuit do not arise again. (The lawsuit against the Safe Harbor Framework was filed in Ireland in 2013 by Max Schrems, a graduate student at the University of Vienna. Schrems, a Facebook user, was concerned that the US National Security Agency was collecting personal information through the social network.)

These locally deployed versions of Microsoft’s commercial cloud will also enable enterprise to monitor and view how and where data is processed.

“Microsoft is pioneering a new, unique, solution for customers in Germany and Europe. Now, customers who want local control of their data combined with Microsoft’s cloud services have a new option, and I anticipate it will be rapidly adopted”, says Timotheus Höttges, Chief Executive Officer, Deutsche Telekom AG said in a statement.

For security, all centers will offer multi-factor authentication with biometric scanning and smart cards, data encryption by SSL/TLS protocols based on German certificates, physical security controls, and protection against natural disasters and power outages.