{"id":24228,"date":"2022-04-26T00:01:00","date_gmt":"2022-04-25T22:01:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=24228"},"modified":"2022-04-25T18:35:30","modified_gmt":"2022-04-25T16:35:30","slug":"datenschutz-microsoft-365-muss-ab-sommer-2022-in-baden-wrttembergs-schulen-ersetzt-worden-sein","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2022\/04\/26\/datenschutz-microsoft-365-muss-ab-sommer-2022-in-baden-wrttembergs-schulen-ersetzt-worden-sein\/","title":{"rendered":"Data protection: Microsoft 365 banned in Germany's Baden-Württemberg's schools by summer 2022"},"content":{"rendered":"

\"Stop[German<\/a>]The use of Microsoft 365 at schools in German state of Baden-W\u00fcrttemberg has been banned after the summer 2022. Schools must offer suitable alternatives for students and teachers. This is pointed out by the State Commissioner for Data Protection and Freedom of Information of Baden-W\u00fcrttemberg, Dr. Stefan Brink, in a recent press release. This is a failure with an announcement, because the data protection officer had already noted in 2021 that he had serious concerns about the GDPR conform use of Microsoft 365 (including Office 365) in Baden-W\u00fcrttemberg's schools after an audit lasting several months.<\/p>\n

<\/p>\n

Ban after the end of this school year <\/h2>\n

\"\"In a statement<\/a> dated April 25, 2022, the State Commissioner for Data Protection and Freedom of Information of Baden-W\u00fcrttemberg, Dr. Stefan Brink, comments on the use of Microsoft 365 (MS 365) in schools in this state. I became aware of the issue via the following tweet.<\/p>\n

\"Microsoft<\/a><\/p>\n

The message from the State Commissioner for Data Protection and Freedom of Information (LfDI) Baden-W\u00fcrttemberg is crystal clear:<\/p>\n

\n

As of the coming school year (2nd half of 2022), the use of MS 365 at schools must be terminated or its data protection-compliant operation must be clearly demonstrated by the responsible schools<\/p>\n<\/blockquote>\n

After the summer vacations in 2022, schools must, according to the LfDI, offer alternatives to the MS 365 cloud service for school operations. Dr. Stefan Brink will soon approach schools known to him that use the cloud service Microsoft 365 (MS 365) or MS Teams from Microsoft. The LfDI will inform the schools of its legal assessment on the use of this online service and ask for a binding timetable for switching to alternatives. To bridge the gap until the summer vacations in 2022, the state commissioner expects that teachers and students will be offered alternatives.<\/p>\n

Microsoft 365 not compliant with GDPR<\/h2>\n

The State Commissioner for Data Protection and Freedom of Information (LfDI) in Baden-W\u00fcrttemberg monitored the use of MS 365 over a long period of time in an intensive and extensive process. Fueatures of MS 365 that were particularly questionable from a general data protection perspective (GDPR) had already been switched off or deactivated as far as possible. This included, for example, the collection of telemetry and diagnostic data. Furthermore, additional security functions were implemented and accounts were only assigned to teachers, but not to students.<\/p>\n

In April 2021, the LfDI informed the Ministry of Education about the data protection assessment of this pilot project and recommended against using the tested version of MS 365 in schools due to high data protection risks and to promote alternative solutions. Despite intensive testing and cooperation with the parties involved, the pilot project did not succeed in finding a solution that complied with data protection law. <\/p>\n

In a nutshell: Microsoft 365 cannot be used in schools in a privacy-compliant manner (GDPR compiant). The statement of the LfDI and the results of the audit have been publicly available for some time (e.g. via Documents Dokumente Online: Empfehlung zum Pilotprojekt zur Nutzung MS 365 an Schulen<\/a>, Nov. 2021, and summary underHinweise des LfDI zur Nutzung von Microsoft 365 durch Schulen<\/a>). The Ministry of Education and Cultural Affairs subsequently announced that it would rely on a data protection-compliant digital education platform in the future.  <\/p>\n

Alternative solutions<\/h2>\n

In his statement, the State Commissioner points out that alternative digital tools are now also available. These have already been used many times over a longer period of time and can still be used successfully. <\/p>\n