Microsoft educational software accused of violating data rights of EU schoolchildren

Microsoft educational software accused of violating data rights of EU schoolchildren
Microsoft educational software accused of violating data rights of EU schoolchildren

NOYB asked the Austrian privacy watchdog to investigate the use of Microsoft Education 365.


It is likely that hundreds of thousands of European schoolchildren are being tracked for him educational software of Microsoftwidely implemented in schools across the continent, according to an NGO that filed a formal complaint on this matter with an Austrian regulatory body last Tuesday.

The NOYB organization has asked the watchdog to investigate what data it processes Microsoft 365 Education (a product widely used in classrooms), since it states that neither the company’s privacy documentation, nor the access requests, nor NOYB’s own investigation have been able to fully clarify it, which viola the provisions on transparency of the General Data Protection Regulation (GDPR).

Close advertising

NOYB claims that software providers such as US tech giant Microsoft ignore GDPR rights by “offloading” legal responsibilities under EU privacy rules onto schools that provide the software for educational purposes.

“Microsoft has all the key information about data processing in its software, but is pointing the finger at schools when it comes to exercising rights. Schools have no way to meet obligations of transparency and information,” said Maartje de Graaf, data protection lawyer at NOYB.

Felix Mikolasch, another data protection lawyer at NOYB, stated that the software also tracks users regardless of age. “Is likely that this practice affects hundreds of thousands of students of the EU and the European Economic Area. The authorities should finally step up and effectively enforce the rights of minors“, he claimed.

Microsoft ensures that it complies with the Regulation

A Microsoft spokesperson said the product “GDPR compliant and other applicable privacy laws” and that the company protects thoroughly Privacy of its young users. “We will be happy to answer any questions data protection agencies may have about today’s announcement,” the spokesperson added.

Appropriateness decisions

It is not the first time that Microsoft products have been in the crosshairs of privacy regulators. In March, the European Data Protection Supervisor (EDPS), which oversees data protection issues in the EU institutions, ordered the European Comission to adjust your use of Microsoft 365 office programs to the Privacy rules.

The EDPS said that the Commission violated EU rulesincluding those relating to transfers of personal data outside the EU or the European Economic Area (EEA), because in its contract with Microsoft the Executive did not sufficiently specify what types of personal data were going to be collected and for what purposes.

The GDPR imposes strict restrictions to personal data, prohibiting sharing it with countries that do not have an equivalent level of protection. The data transfer agreement between the EU and the US was invalidatedin 2015 by the Court of Justice of the European Union (CJEU) after Austrian lawyer Max Schrems (founder of NOYB) challenged it, and the same thing happened with the replacement data transfer framework.

The United States officially regained its “adequacy” status in July 2023, after the US government issued a executive order for limit the data collection from the EU to “necessary and proportionate” levels“.

For Latest Updates Follow us on Google News


PREV Warren Buffett partners with oil giant to produce lithium for batteries
NEXT The airlines rebel against the 150 million fine and warn that “there will be no changes” to the charge for cabin luggage