Austria Bans Microsoft’s Use of Tracking Cookies in Schools
The Austrian government has officially banned Microsoft from using tracking cookies to monitor the behavior of schoolchildren using its educational software. The ruling, announced on Tuesday, January 27, by the Austrian Data Protection Authority (DSB), targets the widespread use of Microsoft 365 and Teams in the country’s classrooms.
Vienna, January 27: In a significant move for digital privacy, the Austrian government has officially banned Microsoft from using tracking cookies to monitor the behavior of schoolchildren using its educational software. The ruling, announced on Tuesday, January 27, by the Austrian Data Protection Authority (DSB), targets the widespread use of Microsoft 365 and Teams in the country’s classrooms.
The Austrian government determined that the tech giant’s data collection practices violated the "Privacy by Design" principles essential for protecting minors under the General Data Protection Regulation (GDPR). The decision follows a lengthy investigation into how educational software handles "telemetry data" and third-party cookies. The DSB found that Microsoft was collecting information beyond what was strictly necessary for the technical functioning of the software, potentially creating digital profiles of students for commercial or analytical purposes. Microsoft Windows 11 Emergency Update Fixes Outlook Crashes and Missing Emails After January Patch.
The "Cookie" Controversy in Schools
At the heart of the ban is the distinction between "strictly necessary" cookies and "tracking" cookies. While some cookies are required to keep a student logged into a virtual classroom, Microsoft was found to be using additional trackers that monitored how long students stayed on specific tasks and which features they interacted with most.
The Austrian authorities argued that because students are a "vulnerable group" and have no choice but to use the software provided by their schools, they cannot give meaningful consent to being tracked. "Education should be a safe space for learning, not a data-mining ground for multinational corporations," a spokesperson for the Austrian Ministry of Education stated following the ruling. Microsoft Hands Over BitLocker Encryption Keys to FBI To Unlock Data in Guam Fraud Investigation; Tech Giant Faces Criticism Over User Privacy.
Microsoft’s Response and Grace Period
In response to the ban, Microsoft issued a statement emphasising its commitment to privacy and noting that it already offers "robust" data protection controls for its enterprise and education customers. The company maintains that telemetry data is used solely to improve service reliability and security.
However, to comply with the new Austrian mandate, Microsoft must now:
- Disable non-essential trackers: All tracking cookies must be turned off by default for "Education" licensed accounts.
- Simplify Data Transparency: Provide clear, jargon-free reports to parents and schools regarding what data is being processed.
- Compliance Deadline: The company has been given a 60-day grace period to implement these technical changes across Austria’s national school network.
This ruling is part of a broader "Tech-Lash" across Europe, where countries like Germany, France, and Denmark have previously raised concerns about the use of American cloud services in public sectors. In 2024, similar concerns led to a temporary suspension of Microsoft software in some German states.
(The above story first appeared on LatestLY on Jan 27, 2026 05:51 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).