Security Market Segment LS
Sunday, 14 July 2019 22:23

Microsoft Office 365 and Windows 10 barred from use in German schools

By

The Hessian Commissioner for Data Protection and Freedom of Information has said that the use of Office 365 and Windows 10 was illegal under local data protection laws.

Hesse is one of German's states and the State's Privacy Commissioner has warned that data stored in the cloud by Office 365 could be accessed in the US. In effect, personal information related to teachers and students would be in the cloud and available to US agencies.

Michael Ronellenfitsch, Hesse's data protection commissioner, stated that, even if such information was stored in European data centres, it remained "exposed to possible access by US authorities".

Ronellenfitsch said public institutions in Germany "have a special responsibility with regard to the permissibility and traceability of the processing of personal data."

Further, the German Federal Office for Information Security (BSI) noted that Windows 10 sends "a wealth of telemetry data to Microsoft." BSI requested Microsoft to advise them what data they take, but had received no response. Commentary suggested that data could include anything from standard software diagnostics to user content from inside applications, potentially sentences from documents and email subject lines, all of which contravenes the EU's General Data Protection Regulation (GDPR).

For the past couple of years, Microsoft has provided a localised version of Office 365, which for quite some time Ronellenfitsch had supported, stating in 2017 that schools could use Office 365, provided that they adhere to Germany's data protection laws. Recently, permission to use that local resource was rescinded, when all services were migrated back to US data centres.

Ronellenfitsch asserts that mere consent to the rules Microsoft provides is not sufficient, because the data remains compromised as the security and traceability remain dubious.

Ronellenfitsch adds, "As soon as, in particular, the possible third-party access to the data in the cloud and the issue of telemetry data have been resolved in a comprehensible and data protection-compliant manner, Office 365 can be used as a cloud solution by schools." (translation via Google Translate)

The full statement (in German) is available here

Buried in that statement is the observation (in German, translated using Google translate): "The HBDI is aware of the demands that vocational schools, in particular, make for the use of office packages. Therefore, there is also the interest to come together with Microsoft for a privacy-compliant solution. However, this is not up to HBDI or the other German supervisory authorities, but especially to Microsoft itself. As soon as the possible access of third parties to the data in the cloud as well as the topic of the telemetry data are reconciled and compliant with data protection, Office 365 can act as a cloud Solution can be used by schools. Until then, school can use other tools such as on-premise licenses on local systems."

Essentially, this statement is offering schools the option of Windows 7 and whatever stand-alone Office version they can purchase.

Further, the statement notes, "What is true for Microsoft is also true for the Google and Apple cloud solutions. The cloud solutions of these providers have so far not been transparent and comprehensibly set out. Therefore, it is also true that for schools, the privacy-compliant use is currently not possible." (grammar slightly edited for clarity).


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
David Heath

David Heath has had a long and varied career in the IT industry having worked as a Pre-sales Network Engineer (remember Novell NetWare?), General Manager of IT&T for the TV Shopping Network, as a Technical manager in the Biometrics industry, and as a Technical Trainer and Instructional Designer in the industrial control sector. In all aspects, security has been a driving focus. Throughout his career, David has sought to inform and educate people and has done that through his writings and in more formal educational environments.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments