Microsoft found illegally tracking students in Austria education software

VIENNA: Austria’s data protection authority has determined that Microsoft illegally tracked students using its education software and must grant them access to their data.

The Austria-based privacy campaign group Noyb announced the regulator’s decision on Friday following its 2024 complaint against Microsoft.

Noyb accused Microsoft 365 Education software of violating European Union data protection rights for children across the continent.

The privacy group stated that Microsoft 365 Education installed cookies collecting browser data for advertising purposes.

This tracking practice likely affected millions of students and teachers throughout Europe according to the complaint.

Noyb confirmed the regulator issued its decision this week finding Microsoft 365 Education illegally tracks students.

The authority also determined Microsoft uses student data for its own purposes beyond educational needs.

Microsoft received orders to provide users including a minor complainant access to their personal data.

The Austrian data protection authority confirmed issuing the decision on Wednesday without providing further details.

Noyb claimed Microsoft tried shifting all responsibility to local schools when users requested data access.

Microsoft attempted to deflect accountability to other national institutions according to the privacy group.

The decision highlights the lack of transparency within Microsoft 365 Education said Noyb lawyer Felix Mikolasch.

He explained it is nearly impossible for schools to inform students and parents about data usage.

Parents and teachers cannot properly understand what happens with their personal information.

Microsoft stated it would review the decision and determine next steps in due course.

The company maintained Microsoft 365 for Education meets all required data protection standards.

Microsoft insisted education institutions can continue using the software in GDPR compliance.

Noyb founder Max Schrems has launched numerous legal cases against technology giants.

The privacy organization has filed more than 800 complaints across various jurisdictions.

These actions often prompt regulatory authorities to address GDPR violations by major tech companies. – AFP

Leave a comment

Your email address will not be published. Required fields are marked *