{"id":39886,"date":"2021-03-05T10:15:06","date_gmt":"2021-03-05T10:15:06","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/"},"modified":"2021-03-05T10:15:06","modified_gmt":"2021-03-05T10:15:06","slug":"dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/","title":{"rendered":"Dutch government: Did we say 10 &#8216;high data protection risks&#8217; in Google Workspace block adoption? Make that 8"},"content":{"rendered":"<p>A Dutch government report identifying &#8220;10 high data protection risks&#8221; for users of Google Workspace, formerly known as G Suite, has been revised after Google&#8217;s response, and now says eight high risk issues still remain.<\/p>\n<p>The <a target=\"_blank\" href=\"https:\/\/www.rijksoverheid.nl\/documenten\/publicaties\/2021\/02\/12\/google-workspace-dpia-for-dutch-dpa\" rel=\"noopener noreferrer\">study<\/a> (available in English) was conducted by the Dutch Ministry of Justice and Security together with SLM Microsoft Rijk (Strategic Vendor Management Microsoft).<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",button,mpu,\" data-sm=\",button,mpu,\" data-md=\",button,banner_plus,mpu\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Despite the name, this is not an offshoot of Google&#8217;s Redmond-based rival, but a government department which manages vendor relations with the company, and which undertook to assess the risks of deploying Google Workspace instead of Office 365, in a process called a DPIA (Data Protection Impact Assessment). It has conducted similar studies into privacy risks with Microsoft&#8217;s services.<\/p>\n<p>The DPIA, first published in July 2020, came up with a number of recommendations, some of which Google has now adopted or undertaken to adopt. For example, Google said it will enable admins to block the use of consumer Google accounts in the Workspace environment, according to the report, and to provide a clear visual indicator to users showing whether or not they are in the enterprise environment.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",button,mpu_plusplus,\" data-sm=\",button,mpu_plusplus,\" data-md=\",button,mpu_plusplus,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Despite these assurances, at the time of writing, the DPIA still considers that there are legal obstacles to adopting Google Workspace around the roles and obligations of data processors and data controllers under the EU&#8217;s General Data Protection Regulation (GDPR).<\/p>\n<p>\u201cThe use of Google Workspace as offered under the privacy amendment of the Dutch government, still leads to 8 high risks for the different categories of data subjects involved (not just employees, but all kinds of other data subjects that may interact with the Dutch government),\u201d said the report as updated.<\/p>\n<h3 class=\"crosshead\"> <span>Why exactly are you collecting data?<\/span><br \/>\n<\/h3>\n<p>The GDPR distinguishes between data controllers, which determine the purpose and means of data processing, and data processors, which carry out processing on behalf of the controller. An organisation administering a Google Workspace has a measure of control over what data is collected and how it is used, and is therefore a data controller. Google is a data processor, but also a data controller, since it also determines how data is used, although the scope of its role as data controller is (to nobody\u2019s surprise) complicated.<\/p>\n<p>Lack of detail over the purposes for which Google collects data is an obstacle to the legal obligations of organisations using Workspace. The Netherlands government and Google are joint controllers of data processed through Google Workspace, but the report said that, \u201cdue to the lack of purpose limitation and transparency, Google and the government organisations currently don\u2019t have a legal ground for any of the data processing.\u201d<\/p>\n<p>A consultancy called Privacy Company, which assisted with the report, summarised the state of play <a target=\"_blank\" href=\"https:\/\/www.privacycompany.eu\/blogpost-en\/privacy-assessment-google-workspace-g-suite-enterprise-dutch-government-consults-dutch-data-protection-authority-on-high-privacy-risks\" rel=\"noopener noreferrer\">here<\/a>, where it said that while Google has improved its description of purposes, \u201cit does not solve the problem that the State loses control over the personal data of its employees if the State allows Google to process these data for its own commercial purposes.\u201d<\/p>\n<p>Other issues are that purposes \u201care broad and unclear\u201d and that \u201cGoogle can change the purposes for the processing of the Service Data at will, by amending the privacy statement,\u201d subject to certain prohibited purposes.<\/p>\n<h3 class=\"crosshead\"> <span>Multiple agreements, huge complexity<\/span><br \/>\n<\/h3>\n<div class=\"CaptionedImage Center\" readability=\"10\"><a href=\"https:\/\/regmedia.co.uk\/2021\/03\/04\/agree.png\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2021\/03\/04\/agree.png?x=442&amp;y=391&amp;infer_y=1\" alt=\"A user signing in to a Google Workspace account has to agree separately to the Core Services under their organisation\u2019s terms, and Additional Services under Google\u2019s terms. Which is used when? It\u2019s complicated.\" title=\"A user signing in to a Google Workspace account has to agree separately to the Core Services under their organisation\u2019s terms, and Additional Services under Google\u2019s terms. Which is used when? It\u2019s complicated.\" height=\"391\" width=\"442\"><\/a><\/p>\n<p class=\"text_center\">A user signing in to a Google Workspace account has to agree separately to the Core Services under their organisation\u2019s terms, and Additional Services under Google\u2019s terms. Which is used when? It\u2019s complicated&#8230;<\/p>\n<\/div>\n<p>A key facet of this report is the distinction between &#8220;Core Services&#8221;, such as Docs, Sheets, Meet and Calendar, and &#8220;Additional Services&#8221; including YouTube, Maps, Assistant and Search. The difference is critical because when end users sign up for a Workspace account they enter into multiple agreements. Use of the workspace is governed by the policies of their organisation, but users also have to agree to the generic consumer Google terms of service and privacy policy.<\/p>\n<p>Google has said this is because users may use the Additional Services while logged in with the enterprise account, which \u201crequires a direct contractual relationship with end users of products not sold under the G Suite Enterprise terms.\u201d<\/p>\n<p>An enterprise admin may attempt to turn off one of the Additional Services but if so \u201cthe end user is silently signed out from the Google Account, and can visit the service as end user without Google Account.\u201d<\/p>\n<p>A complication is that a user may be signed in simultaneously with both a Workspace and a personal account. In this case, they may use an Additional Service under the terms of their personal account. This interweaving makes policies hard to enforce.<\/p>\n<p>Does the user know whether they are using Core Services or Additional Services? The DPIA looked at the spellchecker feature in Chrome. In answer to enquiries, Google said there are three kinds of spellchecker: a spelling and grammar feature, a basic local spellchecker, and an enhanced spellchecker. The spelling and grammar feature is defined as part of the Core Services, the enhanced spellchecker (which processes data differently) is an Additional Service. Both are accessed by a right-click.<\/p>\n<p>\u201cFor the end-user, the difference with the G Suite Feature Spelling and grammar is not obvious. When checking the spelling of a document, the end user can use all three spellcheckers, without any clear distinction of its origin, part of a Core Service or part of the Additional Service,\u201d said the DPIA.<\/p>\n<p>There is a way of disabling enhanced spell check, but only via Chrome Enterprise policies, which on Windows can be enforced through Group Policy after installing the Chrome Enterprise Bundle. \u201cChrome Enterprise is not included in the G Suite Enterprise contract, and is therefore out of scope of this DPIA,\u201d said the report.<\/p>\n<p>Another head-spinning entanglement was with Google Maps. Calendar is a Core Service and Maps an Additional Service, but \u201cIn Calendar traffic to Google Maps takes place when working with Calendar items that contain a location,\u201d said the report. \u201cIn reply to this DPIA, Google explained that the traffic to Maps was not traffic to an Additional Service, but an embedded processing within the Core Services.\u201d<\/p>\n<h3 class=\"crosshead\"> <span>Data subject access requests denied<\/span><br \/>\n<\/h3>\n<p>The DPIA went into detail about how it conducted its investigation. That said, it noted: \u201cBecause G Suite Enterprise is a remote, cloud-based service, data processing takes place on Google\u2019s cloud servers. As a result, it is not possible to inspect via traffic interception how Google processes Diagnostic Data in its system generated logs about the use of the Core Services, the Additional Services, or the Google Account.\u201d<\/p>\n<p>The Dutch researchers discovered that Google does not provide all the personal data it holds when asked to do so under the GDPR provisions for the right to request access to this. \u201cGoogle \u2026 explains that it does not provide certain personal data in reply to a data subject access request, because (i) it is impossible to reliably verify the identity of the data subject as that of the requester and (ii) in some cases such transparency would hurt Google\u2019s efforts to protect the security of its systems,\u201d said the report. Similarly, if users &#8220;delete activity&#8221; from a Google service, it may not actually be deleted.<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2017\/05\/31\/burning_money_shutterstock.jpg?x=174&amp;y=115&amp;crop=1\" width=\"174\" height=\"115\" alt=\"Burning money\"><\/p>\n<h2 title=\"Sees businesses signing up for long deals, confident the black ink will come\">Google&#8217;s cloud services lost $14.6bn over three years \u2013 and CEO Sundar Pichai likes that trajectory<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2021\/02\/03\/google_q4_2020\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>In respect of YouTube activity, for example, Google said \u201cif you delete activity, it\u2019s no longer used to personalise your Google experience \u2026 for business or legal compliance purposes Google must retain certain types of data for an extended period of time.\u201d<\/p>\n<p>The Dutch researchers responded by offering Google \u201cmultiple ways to verify their identity,\u201d even including copies of passports, but \u201cGoogle has refused all these options.\u201d<\/p>\n<p>Measures the report suggested to the Dutch government include prohibiting the use of Chrome OS and the Chrome browser, and not using Workspace Enterprise until data processing \u201ccan be based on one or more legal grounds.\u201d<\/p>\n<p>Google Cloud veep for EMEA Samuel Bonamigo, in response to the updated report, <a target=\"_blank\" href=\"https:\/\/cloud.google.com\/blog\/topics\/inside-google-cloud\/our-commitment-to-the-privacy-and-security-of-google-workspace-customer-data\" rel=\"noopener noreferrer\">posted<\/a> about privacy and security in Workspace.<\/p>\n<p>Bonamigo said that \u201cwe never use customer data or service data (such as usage activity) for ads targeting\u201d and that \u201cwe only process Cloud customer data according to instructions set out in our customers\u2019 agreements.\u201d<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",button,dbutton,mpu_plus,dmpu,\" data-sm=\",button,dbutton,mpu_plus,dmpu,\" data-md=\",button,dbutton,mpu_plus,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>He added: \u201cWe will continue to discuss the findings with the Dutch government in the next few months, with the goal of reaching an agreement.\u201d \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2021\/03\/05\/dutch_government_identifies_10_high\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Untangling privacy implications of using Google&#8217;s productivity suite not easy A Dutch government report identifying &#8220;10 high data protection risks&#8221; for users of Google Workspace, formerly known as G Suite, has been revised after Google&#8217;s response, and now says eight high risk issues still remain.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-39886","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Dutch government: Did we say 10 &#039;high data protection risks&#039; in Google Workspace block adoption? Make that 8 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Dutch government: Did we say 10 &#039;high data protection risks&#039; in Google Workspace block adoption? Make that 8 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-05T10:15:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Dutch government: Did we say 10 &#8216;high data protection risks&#8217; in Google Workspace block adoption? Make that 8\",\"datePublished\":\"2021-03-05T10:15:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/\"},\"wordCount\":1414,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/\",\"name\":\"Dutch government: Did we say 10 'high data protection risks' in Google Workspace block adoption? Make that 8 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2021-03-05T10:15:06+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#primaryimage\",\"url\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Dutch government: Did we say 10 &#8216;high data protection risks&#8217; in Google Workspace block adoption? Make that 8\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Dutch government: Did we say 10 'high data protection risks' in Google Workspace block adoption? Make that 8 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/","og_locale":"en_US","og_type":"article","og_title":"Dutch government: Did we say 10 'high data protection risks' in Google Workspace block adoption? Make that 8 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-03-05T10:15:06+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Dutch government: Did we say 10 &#8216;high data protection risks&#8217; in Google Workspace block adoption? Make that 8","datePublished":"2021-03-05T10:15:06+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/"},"wordCount":1414,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/","url":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/","name":"Dutch government: Did we say 10 'high data protection risks' in Google Workspace block adoption? Make that 8 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2021-03-05T10:15:06+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YESWdOAXnjoGE@zkbFgjdAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/dutch-government-did-we-say-10-high-data-protection-risks-in-google-workspace-block-adoption-make-that-8\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Dutch government: Did we say 10 &#8216;high data protection risks&#8217; in Google Workspace block adoption? Make that 8"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39886","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=39886"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39886\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=39886"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=39886"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=39886"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}