[{"data":1,"prerenderedAt":569},["ShallowReactive",2],{"navigation-docs_en":3,"/en/blog/microsoft-copilot-flex-routing-posts_en":51,"/en/blog/microsoft-copilot-flex-routing-surround-posts_en":559},[4],{"title":5,"path":6,"stem":7,"children":8,"page":25},"En","/en","en",[9],{"title":10,"path":11,"stem":12,"children":13,"page":25},"Docs","/en/docs","en/1.docs",[14,26],{"title":15,"path":16,"stem":17,"children":18,"icon":25},"Getting Started","/en/docs/getting-started","en/1.docs/1.getting-started/1.index",[19,21],{"title":20,"path":16,"stem":17,"children":-1},"Introduction",{"title":22,"path":23,"stem":24,"children":-1},"Migration Roadmap","/en/docs/getting-started/migration-fahrplan","en/1.docs/1.getting-started/2.migration-fahrplan",false,{"title":27,"path":28,"stem":29,"children":30,"page":25},"Technologies","/en/docs/technologies","en/1.docs/2.technologies",[31,35,39,43,47],{"title":32,"path":33,"stem":34,"children":-1},"Nextcloud","/en/docs/technologies/nextcloud","en/1.docs/2.technologies/1.nextcloud",{"title":36,"path":37,"stem":38,"children":-1},"Matrix / Element","/en/docs/technologies/matrix","en/1.docs/2.technologies/2.matrix",{"title":40,"path":41,"stem":42,"children":-1},"ONLYOFFICE","/en/docs/technologies/onlyoffice","en/1.docs/2.technologies/3.onlyoffice",{"title":44,"path":45,"stem":46,"children":-1},"Ubuntu Linux","/en/docs/technologies/ubuntu","en/1.docs/2.technologies/4.ubuntu",{"title":48,"path":49,"stem":50,"children":-1},"Keycloak","/en/docs/technologies/keycloak","en/1.docs/2.technologies/5.keycloak",{"id":52,"title":53,"authors":54,"badge":60,"body":62,"date":513,"description":514,"extension":515,"faq":516,"howto":534,"image":551,"meta":553,"navigation":554,"path":555,"seo":556,"stem":557,"__hash__":558},"posts_en/en/3.blog/12.microsoft-copilot-flex-routing.md","Microsoft 365 Copilot Flex Routing – How the EU Data Boundary is Quietly Being Eroded in 2026",[55],{"name":56,"to":57,"avatar":58},"europioneer Team","/",{"src":59},"/favicon.svg",{"label":61},"AI & Compliance",{"type":63,"value":64,"toc":496},"minimark",[65,69,89,104,121,126,138,141,161,177,181,205,240,244,255,262,266,269,274,285,289,296,300,311,315,318,322,364,368,375,411,422,426,441,460,466,469,474],[66,67,53],"h1",{"id":68},"microsoft-365-copilot-flex-routing-how-the-eu-data-boundary-is-quietly-being-eroded-in-2026",[70,71,72,73,77,78,81,82,85,86],"p",{},"On ",[74,75,76],"strong",{},"April 17, 2026",", Microsoft activated a feature called ",[74,79,80],{},"Flex Routing"," for all EU and EFTA tenants. For new tenants created after March 25, 2026, it is ",[74,83,84],{},"enabled by default",". The result – without notice to end users, without explicit consent from data controllers: ",[74,87,88],{},"Copilot requests leave the EU under load.",[70,90,91,92,95,96,99,100,103],{},"In parallel, on ",[74,93,94],{},"January 7, 2026",", Microsoft added the US AI company ",[74,97,98],{},"Anthropic"," as a sub-processor for Copilot in Word, Excel, PowerPoint and the new Researcher – ",[74,101,102],{},"explicitly outside the \"EU Data Boundary\"",".",[70,105,106,107,110,111,114,115,120],{},"For IT leads in European SMEs, schools, and public administrations this is ",[74,108,109],{},"not a minor update",". It is a ",[74,112,113],{},"structural shift of the contractual baseline",". We explain what Flex Routing technically does, why it is GDPR-, NIS2- and ",[116,117,119],"a",{"href":118},"/en/blog/bsi-it-grundschutz-microsoft-365","BSI IT-Grundschutz","-relevant, and which steps need to happen this week.",[122,123,125],"h2",{"id":124},"what-flex-routing-technically-does","What Flex Routing technically does",[70,127,128,130,131,134,135,103],{},[74,129,80],{}," is Microsoft's own term for a ",[74,132,133],{},"dynamic load-balancing mechanism",": whenever EU inference capacity in Microsoft's data centers is overloaded – Microsoft does not publicly define \"load\" – requests are forwarded to LLM endpoints in the ",[74,136,137],{},"United States, Canada, or Australia",[70,139,140],{},"Concretely affected:",[142,143,144,152],"ul",{},[145,146,147,148,151],"li",{},"The ",[74,149,150],{},"raw prompt content"," (everything an employee types into Copilot, plus context from open documents in Word, Excel, Outlook, Teams).",[145,153,154,157,158,103],{},[74,155,156],{},"Pseudonymized telemetry"," (model IDs, tenant IDs, token metrics), which may also be ",[74,159,160],{},"stored permanently outside the EU",[70,162,163,164,167,168,171,172,176],{},"Microsoft promises \"encryption in transit and at rest\" – but ",[74,165,166],{},"the key custody remains with Microsoft",". We have analyzed this gap extensively in the ",[116,169,170],{"href":118},"BSI Grundschutz article"," for ",[173,174,175],"code",{},"CON.1.A8"," (Secure storage of cryptographic keys): BYOK does not change anything fundamental about this.",[122,178,180],{"id":179},"the-legal-assessment-short-and-painful","The legal assessment – short and painful",[70,182,183,186,187,190,191,195,196,200,201,204],{},[74,184,185],{},"EU Data Boundary"," is a ",[74,188,189],{},"Microsoft marketing construct",", not a legal status. This was true before Flex Routing – we derived it in detail in our pieces on ",[116,192,194],{"href":193},"/en/blog/schrems-iii-cjeu-ruling","Schrems III"," and the ",[116,197,199],{"href":198},"/en/blog/cloud-act-2026","CLOUD Act",". With Flex Routing, Microsoft's own definition is now ",[74,202,203],{},"self-documentedly riddled with holes",":",[206,207,208,214,220,226],"ol",{},[145,209,210,213],{},[74,211,212],{},"GDPR Art. 44 ff."," – Third-country transfer. Each prompt processed in the US is a transfer. Standard contractual clauses plus a Transfer Impact Assessment would need to cover it – and fail under Schrems II.",[145,215,216,219],{},[74,217,218],{},"GDPR Art. 28(2) + Art. 30"," – Sub-processor changes. Microsoft added Anthropic to the processing chain without specific consent. The DPA clause \"general written authorization\" does not, in the view of most European supervisory authorities, cover this.",[145,221,222,225],{},[74,223,224],{},"CLOUD Act §103(b)"," – US government access. Anything processed in the US can be requested via subpoena, regardless of where the data is at rest in the EU.",[145,227,228,231,232,235,236,103],{},[74,229,230],{},"NIS2 Art. 21(2)(d)"," – Supply chain security. A vendor that unilaterally changes defaults and adds sub-processors is, in the NIS2 sense, an ",[74,233,234],{},"elevated supply-chain risk"," – see ",[116,237,239],{"href":238},"/en/blog/nis2-gdpr-microsoft-paradox","NIS2 GDPR Paradox",[122,241,243],{"id":242},"who-carries-the-responsibility-hint-you","Who carries the responsibility? (Hint: you.)",[70,245,246,247,250,251,254],{},"In Microsoft's own Flex Routing documentation: ",[74,248,249],{},"\"Customers are responsible for ensuring compliance with applicable data protection laws.\""," Translation: if you do not disable Flex Routing and a complaint hits, the ",[74,252,253],{},"GDPR controller responsible"," is the customer, not Microsoft.",[70,256,257,258,261],{},"That is legally clean for Microsoft – and an ",[74,259,260],{},"unexploded device"," for every SME with employee or customer data in Copilot's reach.",[122,263,265],{"id":264},"immediate-measures-for-european-smes-schools-and-public-administrations","Immediate measures for European SMEs, schools, and public administrations",[70,267,268],{},"Mandatory this week (details as numbered HowTo in steps 1–4 above):",[270,271,273],"h3",{"id":272},"step-1-check-flex-routing-step-1","Step 1: Check Flex Routing {#step-1}",[70,275,276,277,280,281,284],{},"In the Microsoft 365 admin center, open ",[74,278,279],{},"Settings → Org settings → Copilot"," and locate ",[74,282,283],{},"\"Flex routing for the EU Data Boundary\"",". Note status (On/Off) and date.",[270,286,288],{"id":287},"step-2-disable-flex-routing-step-2","Step 2: Disable Flex Routing {#step-2}",[70,290,291,292,295],{},"Set the toggle to ",[74,293,294],{},"\"Off\""," and save. Document the change in the Microsoft Purview audit log.",[270,297,299],{"id":298},"step-3-verify-the-anthropic-sub-processor-toggle-step-3","Step 3: Verify the Anthropic sub-processor toggle {#step-3}",[70,301,302,303,306,307,310],{},"Under ",[74,304,305],{},"Copilot → AI models",", verify the ",[74,308,309],{},"\"Allow Anthropic models\""," toggle. For EU/EFTA tenants the default is \"Off\" – document this in writing.",[270,312,314],{"id":313},"step-4-update-gdpr-and-nis2-documentation-step-4","Step 4: Update GDPR and NIS2 documentation {#step-4}",[70,316,317],{},"Update the records of processing (Art. 30 GDPR), risk register (NIS2 Art. 21), Transfer Impact Assessment and DPIA with the status \"Flex Routing disabled / Anthropic disabled / as of DD.MM.2026\".",[122,319,321],{"id":320},"key-terms-briefly-defined","Key terms – briefly defined",[142,323,324,329,338,344,350],{},[145,325,326,328],{},[74,327,80],{},": Microsoft's load-balancing mechanism that may shift Copilot LLM inference from the EU to the US, Canada, or Australia.",[145,330,331,333,334,337],{},[74,332,185],{},": Microsoft's self-commitment to keep certain data in the EU. ",[74,335,336],{},"No legal status",", no external certification, changeable by Microsoft at any time.",[145,339,340,343],{},[74,341,342],{},"Sub-processor",": A processor engaged by the main processor (Microsoft). Requires controller consent under Art. 28 GDPR.",[145,345,346,349],{},[74,347,348],{},"LLM inference",": The computational step in which a language model generates an answer from the prompt. The full prompt material must be available in the inference server's memory.",[145,351,352,355,356,359,360,363],{},[74,353,354],{},"Pseudonymization (GDPR Art. 4(5))",": Processing personal data such that attribution ",[74,357,358],{},"without additional information"," is no longer possible. ",[74,361,362],{},"Not"," the same as anonymization – the data remains personal data.",[122,365,367],{"id":366},"the-structural-alternative-ai-sovereignty-without-routing-roulette","The structural alternative: AI sovereignty without routing roulette",[70,369,370,371,374],{},"Flex Routing is not a bug. It is a ",[74,372,373],{},"predictable consequence"," of the business model \"hyperscaler holds the keys, routing logic, and sub-processor decisions in one hand\". For organizations that no longer accept this, 2026 offers a mature alternative:",[142,376,377,383,399,405],{},[145,378,379,382],{},[74,380,381],{},"Self-hosted LLMs"," on EU hardware (vLLM, Ollama, llama.cpp on Hetzner / IONOS / OVH servers), models from the Hugging Face Hub, controlled sub-processor list (= none).",[145,384,385,388,389,393,394,398],{},[74,386,387],{},"Open-source alternatives"," for the surrounding Microsoft stack: ",[116,390,392],{"href":391},"/en/blog/microsoft-teams-alternative","Element/Matrix"," instead of Teams, ",[116,395,397],{"href":396},"/en/blog/nextcloud-vs-onedrive-sharepoint","Nextcloud instead of OneDrive/SharePoint",", Keycloak instead of Entra ID, Mailcow/Stalwart instead of Exchange Online.",[145,400,401,404],{},[74,402,403],{},"Privacy by design",": the prompt does not leave your own infrastructure. Routing to the US is physically impossible, not \"contractually promised not to happen\".",[145,406,407,410],{},[74,408,409],{},"Auditable",": own logs, own keys, own sub-processor decisions.",[70,412,413,414,417,418,103],{},"A directory of sovereign AI and office tools is at ",[116,415,416],{"href":416},"/en/alternativen",". The matching service stack including implementation is on our ",[116,419,421],{"href":420},"/en/pricing","pricing page",[122,423,425],{"id":424},"bottom-line","Bottom line",[70,427,428,429,432,433,436,437,440],{},"Within four months, Microsoft has made two structural changes to Copilot processing – both ",[74,430,431],{},"weaken the EU Data Boundary",", both were ",[74,434,435],{},"unilateral"," and ",[74,438,439],{},"default-on",". The argument \"but we have a C5 attestation / the EU Data Boundary / a DPA annex\" no longer holds in 2026.",[70,442,443,444,447,448,451,452,455,456,459],{},"Anyone subject to ",[74,445,446],{},"NIS2",", anyone aiming for ",[74,449,450],{},"GDPR-compliant operation",", or anyone simply unwilling to run a new admin-center security review every quarter, should ",[74,453,454],{},"disable Flex Routing today"," – and concretely plan the ",[74,457,458],{},"exit path"," out of Copilot in parallel. We can help.",[70,461,462],{},[116,463,465],{"href":464},"/en/contact?subject=Copilot-Flex-Routing","Request a Copilot risk assessment →",[467,468],"hr",{},[70,470,471],{},[74,472,473],{},"Related posts:",[142,475,476,481,486,491],{},[145,477,478],{},[116,479,480],{"href":118},"BSI IT-Grundschutz and Microsoft 365 – Why the combination cannot be fully compliant",[145,482,483],{},[116,484,485],{"href":238},"NIS2 and GDPR with Microsoft 365 – The Compliance Paradox",[145,487,488],{},[116,489,490],{"href":198},"CLOUD Act 2026 – Why US cloud is no longer legally tenable",[145,492,493],{},[116,494,495],{"href":193},"Schrems III – What the CJEU ruling means for European SMEs",{"title":497,"searchDepth":498,"depth":498,"links":499},"",2,[500,501,502,503,510,511,512],{"id":124,"depth":498,"text":125},{"id":179,"depth":498,"text":180},{"id":242,"depth":498,"text":243},{"id":264,"depth":498,"text":265,"children":504},[505,507,508,509],{"id":272,"depth":506,"text":273},3,{"id":287,"depth":506,"text":288},{"id":298,"depth":506,"text":299},{"id":313,"depth":506,"text":314},{"id":320,"depth":498,"text":321},{"id":366,"depth":498,"text":367},{"id":424,"depth":498,"text":425},"2026-05-20T00:00:00.000Z","Since April 2026, Copilot AI inference leaves the EU under peak load – by default. Plus Anthropic as a sub-processor outside the EU Data Boundary. What German SMEs must check and disable now.","md",[517,520,523,526,529],{"q":518,"a":519},"What exactly is Microsoft 365 Copilot Flex Routing?","Flex Routing is a feature Microsoft activated on April 17, 2026 for EU/EFTA tenants. Whenever Microsoft's EU data centers come under load during LLM inference, Copilot requests are automatically routed to the United States, Canada, or Australia – including the storage of pseudonymized telemetry outside the EU. For tenants created after March 25, 2026, the feature is enabled by default.",{"q":521,"a":522},"Does Flex Routing break the EU Data Boundary?","From Microsoft's marketing perspective no – they argue that only inference (i.e. ephemeral processing) and \"limited pseudonymized data\" leave the EU. From a GDPR perspective that is not enough. As soon as personal data is contained in a prompt, a third-country transfer occurs – and the CLOUD Act applies regardless of where data is at rest.",{"q":524,"a":525},"What does Anthropic have to do with this?","Microsoft added Anthropic as a sub-processor for Copilot in Word, Excel, PowerPoint and Researcher on January 7, 2026. Anthropic models are explicitly excluded from the EU Data Boundary. For EU/EFTA tenants the toggle is off by default – but any admin who flips it on starts exporting content to the United States from that moment.",{"q":527,"a":528},"Which data is processed outside the EU concretely?","The raw prompt contents for LLM inference (everything an employee types into Copilot, plus context from open documents in Word, Excel, Outlook, Teams), plus pseudonymized operational telemetry. \"Pseudonymized\" under GDPR is not \"anonymized\" – re-identification is possible, so the data remains personal data.",{"q":530,"a":531},"Is it enough to disable Flex Routing in the admin center?",{"It is the first mandatory step":532},{" But it does not solve the structural problem":533},"Microsoft can change defaults at any time (as happened with Flex Routing and Anthropic). A GDPR-resilient solution requires that sub-processor changes and routing decisions cannot be made unilaterally by the vendor.",{"name":535,"description":536,"totalTime":537,"steps":538},"Check and disable Copilot Flex Routing and the Anthropic sub-processor toggle in the Microsoft 365 admin center","Four-step immediate review for IT leads – including documentation for the GDPR records of processing and NIS2 risk register.","PT45M",[539,542,545,548],{"name":540,"text":541},"Check tenant status for Flex Routing","In the Microsoft 365 admin center under Settings → Org settings → Copilot, open the \"Flex routing for the EU Data Boundary\" entry. Record the status (On/Off) and the date. For tenants created after 25 March 2026 the default is \"On\".",{"name":543,"text":544},"Disable Flex Routing","Set the toggle to \"Off\" and save. Document the change in the audit log (Microsoft Purview → Audit). Note – disabling this may cause performance drops or temporary Copilot unavailability under peak load.",{"name":546,"text":547},"Check the Anthropic sub-processor toggle","Under Copilot → AI models, verify the \"Allow Anthropic models\" toggle. For EU/EFTA tenants the default is \"Off\" – document this in writing. If it is \"On\", switch it off and perform a roll-back audit (who accessed which Anthropic models, when?).",{"name":549,"text":550},"Update GDPR and NIS2 documentation","Update the records of processing (Art. 30 GDPR), risk register (NIS2 Art. 21), Transfer Impact Assessment under Schrems II, and DPIA with the status \"Flex Routing disabled / Anthropic disabled / as of DD.MM.2026\". Check the DPA annex to see whether Microsoft has expanded the standard sub-processor list since contract signing – this is notification-relevant.",{"src":552},"https://images.unsplash.com/photo-1620712943543-bcc4688e7485?w=1200&q=80",{},true,"/en/blog/microsoft-copilot-flex-routing",{"title":53,"description":514},"en/3.blog/12.microsoft-copilot-flex-routing","4p6nzMni09uGRz3eKLvYT5YFwk754xtL03ksOvRc61Y",[560,564],{"title":561,"path":118,"stem":562,"description":563,"children":-1},"BSI IT-Grundschutz and Microsoft 365 – Why the Combination Cannot Be Compliant","en/3.blog/11.bsi-it-grundschutz-microsoft-365","Germany's BSI demands demonstrable control over keys, location and audit in its IT-Grundschutz catalogue. Microsoft 365 fully meets none of the critical modules. We walk through OPS.2.2, APP.5.2, CON.1, CON.3 – and the migration path that does work.",{"title":565,"path":566,"stem":567,"description":568,"children":-1},"Nextcloud for SMEs – The Secure Alternative to OneDrive and SharePoint","/en/blog/nextcloud-for-smes","en/3.blog/2.nextcloud-for-smes","Nextcloud provides everything SMEs need for file management, team collaboration, and communication — on their own servers, GDPR-compliant.",1779405609847]