In the school district or municipality of Helsingør in Denmark, a conflict has arisen over the continuous use of Google Chromebooks despite the ban by the Danish Data Protection Agency (DPA).
Danish Data Protection Agency (DPA) bans Google Chromebooks
The ban was finalized this summer based on the concerning results of a risk assessment the DPA ordered last year. It proved that children’s data was not kept safe by Google and that the processing of personal data on Chromebooks is an infringement of several articles of the GDPR.
After the DPA’s decision, the Mayor of Helsingør, Benedikte Kiaer, took immediate action by formulating a plan to replace 8,000 Google Chromebooks. However, IT experts estimate this could come at a significant expense to the municipality, costing near 30 million DDK.
IT Professor advises solution
Luckily, there is another option.
That is, a Professor of IT and Pedagogy at Aarhus University, Jeppe Bundsgaard, has called out for all municipalities to switch to open-source solutions instead. He believes the installation of free Linux systems on the school’s Chromebooks would be cost efficient, and relatively easy to set up.
Not only that, but the benefits of replacing the current Google operating system would greatly outweigh its limitations and skepticisms.
Benefits of switching to open-source
Significantly less security problems
No longer would the schools be at risk of Google’s data harvesting and transferring of data to unwanted sources like US authorities.
“… first and foremost, the transition solves the problem that is the basis of this whole discussion, namely that municipalities use programs that share data with the US intelligence service and probably also use them for product development and marketing.”
– Jeppe Bundsgaard
Less expensive bills
Open-source solutions are free to use, and the implementation of the new system would be much less costly.
Not overly complicated to replace
“It’s quite a simple operation to do if you have a little technical ingenuity. And if you have to do it with a thousand computers in a municipality, you could probably figure it out.”
– Jeppe Bundsgaard
No conflict with the GDPR in the EU
The fact that Google Chromebooks and Workspace infringe upon several Articles of the GDPR will not disappear. In fact, if the municipality continues to use these products and ultimately break the DPA’s order, they could risk a multi-million dollar fine of roundabout DKK 16 million.
Schools can still use all the same systems i.e. Aula, Meebook, Outlook, etc.
Because most programs are almost all in the cloud and browsers can go online, this shouldn’t be an issue.
Researcher in data protection law at the University of Southern Denmark and member of the Data Ethics Council, Ayo Næsborg-Andersen, criticizes the dependency issue and having no plan B.
“The case illustrates very convincingly how dependent you become on a particular technology once you have introduced it. (…) Products that at first glance seem to be practical, easy and cheap solutions may turn out to be useless because they do not comply with the rules. And then you have a problem if you have adapted your entire system to these products and have no plan B,” said Ayo Næsborg-Andersen.
Furthermore, big tech giants create a lock-in strategy that keeps customers “locked” with them under the false assumption that there are no alternatives.
Having no dependencies when switching to open-source ultimately empowers the customer. The code is open to everyone and the customer has the freedom of options.
“It’s a bit difficult to switch over, but as soon as you’re there, you’re going to have a higher degree of power over the way you do things, and you’re not constantly pushing the boundaries of what’s legal in terms of sharing data.”
– Jeppe Bundsgaard
For independence and future of the economy
For both digital sovereignty and the future of the economy, Jeppe Bundsgaard strongly encourages the public of Denmark to follow the recommendations of the EU’s Open Source Software Strategy: avoid the products of big tech giants, and move to an open-source solution.
Google loves to keep customers in its ecosystem while on the other hand not caring for its customer’s individual needs, as seen in this case. Due to the pressing issue, the tech giant is in conversations with the municipality to overcome its problems, but until they change their data processing and transferring policies, their products and services will still unduly infringe upon the GDPR.
Nextcloud in Education
Yes, there are alternatives! Nextcloud offers an Enterprise solution for educational institutions so schools can take advantage of all the benefits of a secure, open-source solution.
Now, schools can regain control of their data, and keep it in their own hands.
Today, US-based file sync & share vendor Kiteworks announced their acquisition of ownCloud and Dracoon. Kiteworks points out that their customers now have access to their file-sharing application. It is to be expected they will not maintain 3 similar products, but customers will have to migrate to the US firms’ platform or look for another […]
As part of Schleswig-Holstein's state digitization strategy, the state chancellery has announced they will work with Nextcloud to develop AI for working with government documents. This comes just after we announced the first private AI assistant last weekend with Hub 6. The German state already uses Nextcloud and their AI strategy aligns with our work on ethical, local AI technologies.
Over the last year, AI has become a popular topic. Some is hype, some is substance. Some is good, some is bad. We want to give you the good, not the bad, and ignore the hype! AI has a ton of opportunity – but also risk. So we put you in control – off by […]
The serious security flaws in ownCloud (now owned by Kiteworks) do NOT affect Nextcloud. We have strict security processes in place, and do not ship test data from libraries that can cause security breaches.