Office 365 ban in German schools 'temporarily' lifted

Schools will be forced to manually block diagnostic data from being sent to the US

A ban on the use of Office 365 products in German schools has been temporarily lifted following a series of talks between Microsoft and the Hessian Data Protection Commissioner, according to an updated statement released today.

The German state of Hesse imposed restrictions on the use of Microsoft software in July after ruling Office 365 exposed information on students and teachers to potential access from US officials, and was therefore in breach of the EU's General Data Protection Regulation.

The decision followed several years of debate around whether German public authorities should use such cloud software at all, given that a large chunk of data is funnelled back to the US.

Office 365 was largely tolerated so long as Microsoft continued to invest in a local German cloud service, removing the need to send data back to the US. However, last August the company decided to shutter this service, leading officials to eventually conclude last month that Office 365 use no longer complied with data laws.

Advertisement
Advertisement - Article continues below

Yet, in another twist, the Hessian Data Protection Commissioner, Professor Michael Ronellenfitsch has now decided to "provisionally tolerate" the use of Office 365 in German schools, provided a series of conditions are met.

"The legality of using Office 365 is not yet fully understood," said Ronellenfitsch, in a statement. "In my opinion dated 09.07.2019 I have drawn the conclusion and explained that according to the state of the checks, the use of Office 365 in Hessian schools can not be tolerated.

"Since then, there have been intensive discussions with Microsoft about the privacy compliance of Office 365's use in the school, which has led to a privacy-related assessment and has invalidated a significant proportion of the concerns."

The ruling allows schools that have already purchased version 1904 of Office 365 and its various apps to continue using the software "until further notice".

However, those schools are also required block the transmission of any kind of diagnostic data themselves, although Microsoft is required to provide support with this - that is until the data protection authorities are able to provide a more permanent solution.

The Hessian data authority has also promised to conduct an audit of the current arrangement over the next few months, and will deliver a more permanent data protection assessment for the school sector, the statement added.

The decision appears to be something of an attempt to limit any potential disruption an outright Office 365 ban might have. However, it's likely that the ban will return unless Microsoft comes up with a way of preventing diagnostic data from leaving the country.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/laptops/34636/microsoft-surface-laptop-3-hands-on-review-powerfully-tempting
Laptops

Microsoft Surface Laptop 3 13in review: Almost the perfect laptop

6 Dec 2019
Visit/hardware/laptops/354275/microsoft-surface-laptop-3-15in-review-ryzen-falls
Laptops

Microsoft Surface Laptop 3 15in review: Ryzen falls

4 Dec 2019
Visit/cloud/354231/the-it-pro-podcast-is-the-future-multi-cloud
Cloud

The IT Pro Podcast: Is the future multi-cloud?

29 Nov 2019
Visit/business-strategy/collaboration/354160/microsoft-teams-surpasses-20-million-daily-users
collaboration

Microsoft Teams surpasses 20 million daily users

20 Nov 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/mobile/5g/354286/why-5g-could-be-a-cyber-security-nightmare
5G

Why 5G could be a cyber security nightmare

6 Dec 2019