Microsoft, Google, Apple and other large tech firms usually have issues with privacy and data use. The French government is taking some measures to protect children’s data. The French national education and youth minister said that schools should not use free versions of Microsoft Office 365 and Google Workspace. This stance reflects Europe’s constant concern over cloud data safety and privacy rules. In August, French National Assembly member, Philippe Latombe told National Education Minister Pap Ndiaye that the free version of Microsoft Office 365, while attractive, amounts to illegal dumping. He claims that there are control issues with cloud data. France is not happy to have its citizen’s data in U.S. cloud services.
Last week, the Ministry of National Education published a written answer confirming that French public procurement contracts require “remuneration” – payments. “Therefore, free service offers are in principle outside the scope of public procurement,” said the ministry statement. This is the same position that Minister Pap Ndiaye has. This applies to other free services such as Google Workspace. If paid versions of these cloud services aren’t already banned, they might be an option.
Storing French data in the U.S. breaks the law
French authorities have argued that Microsoft and Google cloud services, which store data in the US, do not comply with European data regulations such as GDPR and “Schrems II” – a 2020 ruling by the European Court of Justice on the cross-border sharing of data. The “Schrems II” ruling invalidates the US-EU Privacy Shield agreement. This is because the EU court found that US law did not meet European privacy standards.
The “Central Cloud” policy and the National Commission for Computing and Liberty (CNIL) stated in May 2021 that higher education institutions are advised to use GDPR-compliant cloud collaboration services. Also, universities are advised to avoid deploying Office 365 or Google Workspace. German data protection authorities came to a similar conclusion in 2019. They too did not allow Microsoft Office 365 to be used in classrooms in Hesse.
No official response
At the moment, Google did not respond to a request for comment. On Microsoft’s part, it did decline to comment. However, in July this year, Microsoft announced Microsoft Cloud Sovereignty Edition. This is a service that will allow public sector customers to use Microsoft’s cloud services in a policy-compliant manner.
Gizchina News of the week
Microsoft also plans to deploy its EU Data Boundary by the end of 2022. Although data from EU customers can be processed in compliance with data regulations. Google made a similar move last year to meet EU data protection requirements. Last month, the US president signed an executive order directing US agencies to implement the transatlantic data privacy framework announced in March. The EU must now take steps to adopt the rules, which may take some time. Once adopted, data transfers between the US and EU should become easier to manage. Google and Microsoft may find it easier to win cloud computing contracts from European governments.
Microsoft Office 365 email will disable TLS 1.0/1.1 for POP3 and IMAP4 on December 10
Microsoft recently issued a change notice about email accounts. The company reveals it will disable TLS 1.0/1.1 of POP3 and IMAP4 on December 10, 2022. The email alert shows that from December 10, 2022, Office 365 will begin to phase out Transport Layer Security (TLS) 1.0 and 1.1 for POP3 and IMAP4. TLS is the standard communication protocol used to provide secure web communication for POP3 and IMAP4. POP3 and IMAP4 are client/server protocols for receiving e-mail. Microsoft will be mandating an upgrade to TLS 1.2 to provide enhanced encryption and help keep your emails more secure. Microsoft has retired TLS 1.0 and 1.1 for most Microsoft 365 services in global environments.
POP3 and IMAP4 will not be able to connect with TLS 1.0 and 1.1 from Dec 10 this year. After that, you will not be able to receive emails using POP3 / IMAP4 protocols. To continue using POP3 or IMAP4 to access email accounts, please upgrade/update the client to support TLS 1.2. Your email will not be deleted, but you will not be able to access it without upgrading your client.
If you are unable to update/upgrade legacy clients, Microsoft provides opt-in endpoints. These allow connections to continue via TLS 1.0/1.1. For legacy clients, POP3 must be set to pop-legacy.office365.com. Also, IMAP4 must be set to imap-legacy.office365.com. However, using older versions of TLS is not as secure as TLS 1.2. Thus, it is better that you update to use TLS 1.2.
Microsoft Office 365 21Vianet will completely disable TLS 1.0/1.1 from June 30 next year
From June 30, 2023, Office 365 operated by 21Vianet will begin to disable TLS 1.0 and 1.1 for all services. Microsoft will enforce Transport Layer Security (TLS) 1.2 on all Office 365 services. This is to provide better encryption and ensure services are more secure by default. Microsoft has disabled TLS 1.0/1.1 in global markets outside of China. In China, Microsoft disabled TLS 1.0/1.1 for OneDrive and SharePoint in 2021. Microsoft will do the same for other Office 365 services operated by 21Vianet.
After June 30, 2023, all clients using the TLS 1.0 and TLS 1.1 protocols will not be able to connect. All Microsoft Office 365 services operated by 21Vianet will no longer be available. However, customers and their partners can only use TLS 1.2 and Office 365 Services to communicate. However, these customers must ensure that TLS 1.2 is supported. They have to update or replace clients and servers that rely on TLS 1.0 and 1.1 protocols to connect to Office 365 as soon as possible.
If you have problems sending mail using SMTP Auth on a client or device with legacy TLS protocol, you can try to configure the outgoing mail server address as the endpoint smtp-legacy.partner.outlook.cn. Meanwhile, the administrator needs to run the PowerShell command.