Not secure enough! Germany, France to “block” Microsoft Office 365
Data is already an important security asset in the Internet and cloud era, and it is not only valued by individual users and vendors, but even elevated to a strategic level by some countries and regions.
Recently, the German Federal and State Data Protection Authorities said in a monitoring report that despite attempts to communicate with Microsoft for two years, they found that Micosoft 365 (i.e. Office 365, etc.) still violates the EU's General Data Protection Act (GDPR), that is, many of these services still give Microsoft the right to access non-encrypted, non-pseudonymous data.
It turns out that, as required by the GDPR, service providers cannot store the data of minors under the age of 13, and those between the ages of 13 and 16 must seek permission from a guardian. Even adults have the right to delete the stored data.
This report states that Micosoft 365 cannot be legally used in schools and public institutions in Germany, with the exception of ordinary consumers and businesses.
In response, Microsoft protested, stressing that Micosoft 365 (Sovereign Edition) not only meets but far exceeds the requirements of the GDPR specification. Any customer in EU countries, including Germany, can use the product safely and securely.
Matthias Pfau, a security expert, said he did not expect that the U.S. manufacturer was still blatantly trampling on the GDPR years after it was implemented. He advised those worried, especially schools and public institutions, to switch to new operating systems and new software as soon as possible, such as Open Office on Linux, which is a better alternative.
It is worth mentioning that earlier this month, the French side also pointed out that the free versions of Microsoft Office 365 and Google Workspace should not be used in schools for the same reason as this one.