Hesse is one of German's states and the State's Privacy Commissioner has warned that data stored in the cloud by Office 365 could be accessed in the United States. In effect, personal information related to teachers and students would be in the cloud and available to US agencies. Michael Ronellenfitsch, Hesse's data protection commissioner stated that, even if such information was stored in European data centers, it remained "exposed to possible access by US authorities." Ronellenfitsch continued to say that public institutions in Germany "have a special responsibility with regard to the permissibility and traceability of the processing of personal data." Further, the German Federal Office for Information Security (BSI) noted that Windows 10 sends "a wealth of telemetry data to Microsoft." BSI requested Microsoft advise them what data they take, but had received no response. Commentary suggested that data could include anything from standard software diagnostics to user content from inside applications, potential sentences from documents and email subject lines. All of which contravenes the EU's General Data Protection Regulation (GDPR). For the past couple of years, Microsoft has provided a localized version of Office 365, which for quite some time Ronellenfitsch had supported, stating in 2017 that schools could use Office 365, provided that they adhere to Germany's data protection laws. Recently, permission to use that local resource was rescinded, when all services were migrated back to US datacenters. Ronellenfitsch asserts that mere consent to the rules Microsoft provides is not sufficient, because the data remains compromised as the security and traceability remain dubious. Check out OUR FORUM for more.