3
Microsoft Azure Cloud Services: Export Controls of the US, UK, EU and Japan
February 2022
This paper offers a brief overview of United States, United Kingdom, European Union and Japan
export control laws and regulations as they may apply to use of Microsoft Azure cloud services and
platform, with some general guidance concerning the considerations that Azure customers should
bear in mind to assess their obligations under US, UK, EU, and Japan export controls. The Azure
platform offers flexible options, capabilities and tools that customers may use to help ensure
export-compliance in their use of Azure cloud services.
US export controls are laws and regulations to control the export and transfer of items from the
United States or to non-US persons, in the interest of protecting US national security and furthering
US foreign policy and other interests. The UK, EU and Japan implement similar export controls. US,
UK, EU and Japan export controls apply not only to traditional cross-border shipments of physical
goods, but also transfers, uploads or downloads of controlled software and data. That includes
transfers, uploads or downloads of software or specific technical data using cloud-based services.
Microsoft Azure is a comprehensive set of robust and flexible cloud services, with a global network
of datacenters, for enterprises of all sizes as well as individual developers and IT professionals to
build, deploy, and manage applications, to support and integrate enterprise networks, power data
analytics and computing, and store data. Microsoft Azure offers the full gamut of cloud service
offerings to allow customers to quickly deploy infrastructure and services to meet business needs.
Infrastructure as a Service (“IaaS”) allows customers to provision computing, storage, and
networking resources, and deploy and run software, which can include operating systems and
applications. Platform as a Service (“PaaS”) provides customers with a complete development and
deployment environment in the cloud, including operating system, middleware, development tools,
business intelligence services, and database management systems, and allows enterprises to deploy
their own application code on the Azure cloud platform. Software as a Service (“SaaS”) delivers a
complete software solution where the service provider manages the hardware and software, and
with the appropriate service agreement, will ensure the availability and security of the application
and customer data as well. Microsoft Azure also supports on-premises deployments at customer
datacenters, and hybrid models that seamlessly integrate cloud-based and on-premises resources.
The Microsoft Azure platform and services by their nature involve storage and processing of
customer data on Microsoft’s global cloud infrastructure, and transmission of customer data across
the Internet to and from Microsoft’s cloud infrastructure, within and between Azure datacenters
and regions, and between the customer’s virtual machines and its end users. The Azure suite of
cloud products makes use of physical infrastructure that is located inside and outside of the United
States, UK, EU and Japan; and some Azure service operations personnel who have access to
customer data subject to export controls of one of those countries or regions may in some cases be
persons who are located in or nationals of a different country or region.