Skip to main content
  1. Home
  2. Computing
  3. News

Office 365 has been banned from German schools due to privacy concerns

By
Microsoft surface
Microsoft Image Gallery/Microsoft

Cloud-based productivity apps aren’t exactly the kinds of apps you’d normally think were deserving of being banned from a school. But a few schools in Germany have done just that, and Microsoft’s Office 365 is the target.

According to TNW, German state Hesse has found that Office 365’s current configuration isn’t compliant enough with the European Union’s new General Data Protection Regulation (GDPR) guidelines to be utilized in German schools.

Recommended Videos

On July 9, a statement on the legality of using Office 365 in German schools, was published online by the Hessian commissioner for data protection and freedom of information. According to a translated version of that statement, the first concern with using Office 365 in German public schools is that using the cloud service also involves schools having to store the personal data of children in a European cloud, which could, in turn, be accessible “by U.S. authorities.”

Related

As TNW notes, this particular issue came about because initially, such schools used to store this personal data in a German data center until Microsoft shut that center down in 2018. As a result, the storage of that data was moved to a European data center that may allow U.S. authorities access to that information.

And the other concern is that like Windows 10, Office 365 transmits “a wealth of telemetry data” to Microsoft and, as the Commissioner notes, Microsoft hasn’t clarified the exact nature of the content of that data “despite repeated inquiries.” TNW also noted that this telemetry data can contain personal information such as “user content from Office applications” or even email subject lines in addition to software diagnostic data. And collecting this kind of personal data is illegal according to the EU’s GDPR guidelines. The only possible loophole is asking for individual consent for the collection of this data, but since kids can’t provide that consent, collecting this data from their usage of Office 365 is still illegal.

It is essentially because of these issues, that the commissioner has ruled that Office 365 and Windows 10 cannot be used in schools since they aren’t GDPR compliant.

In addition, the Commissioner also said that the use of Google and Apple cloud services aren’t acceptable alternatives to using Office 365 in German public schools because those services suffer from the same issues and are just as noncompliant, citing a lack of transparency. Instead, the commissioner has advised that schools use local, “on-premises” software versions of Microsoft Office apps until cloud services like Office 365 become GDPR compliant.

On July 16, Microsoft did issue its own statement to TNW regarding the Office 365 privacy concerns. In the statement, Microsoft emphasized its own efforts to be more transparent about its data collection, its efforts to allow customers to have more control over their data, and expressed an interest in working with the commissioner directly to address its concerns:

“We routinely work to address customer concerns by clarifying our policies and data protection practices, and we look forward to working with the Hessian Commissioner to better understand their concerns. When Office 365 is connected to a work or school account, administrators have a range of options to limit features that are enabled by sending data to Microsoft. We recently announced (here and here), based on customer feedback, new steps towards even greater transparency and control for these organizations when it comes to sharing this data. In our service terms we document the steps we take to protect customer data, and we’ve even successfully sued the U.S. government over access to customer data in Europe. In short, we’re thankful the commissioner raised these concerns and we look forward to engaging further with the Commissioner on its questions and concerns related to Microsoft’s offerings.”

Editors' Recommendations

Topics
Anita George
Anita George
Computing Writer
Anita has been a technology reporter since 2013 and currently writes for the Computing section at Digital Trends. She began…
Google bans employees from using Zoom over privacy concerns
Working remote

Google has banned its employees from downloading and using Zoom on their work computers over the videoconferencing service's recent security and privacy woes.

Google announced the new policy in an email to employees last week. The story was first reported by Buzzfeed News.

Read more
Microsoft runs your office. Microsoft 365 Personal wants to run your family, too
microsoft 365 personal teams for family deepen your connection to and friends with skype

Skype is used by over 100 million people today. More than 38 billion people subscribe to Office. Teams is used by more than 44 million folks on a daily basis to organize meetings and schedules.

But your home life? In the era of working from home, when coordination is more important than ever? It’s a mishmash of Wunderlist, Remember the Milk, scribbled notes, and Google Hangout chats -- if you’ve gotten yourself even that organized.

Read more
Office 365 becomes Microsoft 365, adds features and the power of A.I.
office app

It’s Office … only better?

Microsoft is unveiling big changes to its Office 365 product, the company said Monday, starting with a name change: Office 365 is now Microsoft 365, a change meant to signify to customers that more of Microsoft is coming in the subscription service, such as tech support and the power of A.I. The company is using A.I. to create new tools, add new rich content types, and include new cloud-powered experiences.

Read more