The Dutch Ministry of Education has decided to suspend the use of Chrome OS and Chrome web browser until August 2023 over concerns about data privacy.
The officials worry that Google services collects student data and makes it available to large advertising networks, who use it for purposes beyond helping education.
Since the national watchdog doesn’t know where students’ personal data is stored and processed, there are concerns about the violation of the European Union’s GDPR (General Data Protection Regulation).
The Minister of Education and the Minister of Primary and Secondary Education have co-signed a letter to the Dutch parliament where they describe a range of cybersecurity and data protection matters.
The letter explains that conversations were held with Google, Microsoft, and Zoom, on the sensitive matter of data protection, and assurances were given to make future versions of software products more transparent and compatible with data protection regulations enforced across the EU space.
In the case of Google, the tech giant promised a new version of the Chrome web browser and Chrome OS to be ready by next year, so the temporary ban applies until then, when the Dutch regulator will make a new assessment.
Although Chrome is the most popular web browser in the world, educational institutes in the Netherlands will be able to find several quality and privacy-respecting alternatives.
The case of Chrome OS, though, is a bit more complicated as it’s an ecosystem linked to Google services designed to run on less expensive devices suitable for educational purposes.
Other cases of data privacy concerns
Google’s services have raised multiple concerns across Europe, about data privacy and the opaque data collection practices that underpin them.
In January 2022, Austria’s data protection authority decided that using Google Analytics violates GDPR, because collecting website visitors’ data was done with the the users’ specific consent and transferred outside Europe.
The French data protection office (CNIL) followed suit with a similar decision in February 2022, and later warned Google that minor changes won’t reverse the decision.
This month, the Danish DPA imposed a ban on the use of Google Workspace and Chromebooks in one of the country’s municipalities, Elsinore, criticizing the uncontrolled data transfers to third countries.
Source: https://www.bleepingcomputer.com/news/security/chrome-banned-from-use-in-dutch-schools-over-data-security-concerns/
