Danish Data Protection Agency bans Google Workspace for Municipalities (opens in new tab)

(blog.simpleanalytics.com)

58 pointsironman13y ago27 comments

27 comments

Wow, stunning. The real test will be whether chromebook use gets banned in schools - an office you can switch over, but a whole school bound to chromebook hardware? This will be a very difficult/expensive switch. Alternatively one could dream that this brings Linux to schools - which would be the basis of a long-term break with the MS/Apple/Google dependency.

hulitu3y ago

Chromebooks are not so popular in europe.

ecmascript3y ago

This is a good thing! I hope my country (Sweden) follows suit.

dontreact3y ago

Why do you think this is a good thing?

nisa3y ago

Not OP but but I try to explain it from my subjective perspective: It's good because that's not your small nodejs startup but rather Municipalities. They process sensitive data about their citizens and I'm sure Denmark has strict privacy laws for that. Giving that data to Google means it's now in the US and can be used by NSA or other organisations for spying. Does that happen? I don't know. But why take the risk. Secret court orders for national security are a thing. So it's a danger to the independence of the Danish state. Might all sound a little hyperbolic and theoretic but it can't be excluded. Furthermore it's illegal under current EU law ontop of that. See the other links to Max Schremps works here. Of course due to the sad state of public it infrastructure in Europe the risk for loosing the data is probably much higher than storing it at Google. I'm not optimistic that this will change. Too much lousy small firms and borderline corruption and too much tax money to earn.

3 more replies

frozencell3y ago

WikiLeaks argument.

petters3y ago

That would be bad, since that’d mean storing the data themselves, with an increased risk of data leaks. (There was a medical data leak as recently as today from a Swedish agency. The track record is unfortunately not good)

But the law is the law.

peterhunt3y ago

I’m trying to understand the current position of the EU commission on data transfers to the US. Based on this plus the recent google analytics decisions, it seems to me that data transfers to the US are going to be prohibited by default under the recent interpretations of chapter V. Am I understanding this correctly?

Y-bar3y ago

Since the entire Privacy Shield has been ruled invalid it seems all EU-US transfers/multinational corporations which process personal data are in a tough spot. I think Max Schrems (who took Facebook, among others, to court on GDPR) has a good explanation:

https://noyb.eu/en/project/eu-us-transfers

> At its core, this case is about a conflict of law between US surveillance laws which demand surveillance and EU data protection laws that require privacy.

jimkleiber3y ago

I really hope that in the (near) future we figure out a system of governance to better resolve inter-national conflict. I assume these conflicts will only increase as we increasingly interact across national borders.

betaby3y ago

As all court rulings that one uses wording which is impossible interpret unambiguously. Example " A general ban on processing with Google Workspace until adequate documentation and impact assessment has been made and until the processing operations have been brought into compliance with the Regulation" whatever it means.

ChrisArchitect3y ago

Just a changed URL from yesterday's post: https://news.ycombinator.com/item?id=32099850

lizardactivist3y ago

Well done Denmark!

A cue to other countries. Follow Denmark's lead and safeguard your data, your systems, and the privacy and security of everyone working in your municipalities.

theplumber3y ago

Finally some good things come out of GDPR

j / k navigate · click thread line to collapse