An article in The Verge reports on action taken by the Danish privacy regulator that will require cities in Denmark to provide assurances that student data transferred to Google via Chromebooks and Google Workspace complies with the European data privacy regulations. The concern is that student data is being used by Google for purposes that are not approved under current regulations. According to the regulatory authority, the use of student data for things such as analytics and feature improvement violates the regulations even if it does not entail targeted advertising. Cities that cannot prove the arrangements with Google comply with regulations will be forced to stop the use of Chromebooks and Google Workspace.
Although this case concerns schools in Denmark it raises similar issues for educational institutions at all levels. With Google Workspace and Chromebooks widely adopted, it is unclear how educational institutions that have entered into arrangements with Google monitor and guarantee that student data from applications that students are required to use confirm to privacy standards.