The Danish data protection authority (Datatilsynet) has issued an injunction regarding student data being funneled to Google through the use of Chromebooks and Google Workspace services in the country's schools.
Nextcloud is a very solid cloud solution which doesn't suffer from those data leaks. https://nextcloud.com/
You do not have to sell the chromebooks, you can replace the OS with fedora. You can customize your OS acording to your needs with ublue https://universal-blue.org/
I applaud your optimism that there are enough people employed in the school IT to do that properly.
Don't get me wrong, you are absolutely right with those statements, but the schools used Chromebooks for a reason I would think, the same reason that if they had not used Chromebooks it would be some Windows installation.
It is what people know, it is "easy" to work with and so on. Those are obviously not great reasons and not 100% true, but that is what counts for those schools.
I am very curious what they are going to replace this with and I am unfortunately 100% sure it is going to be Windows and the Onedrive/Outlook ecosystem.
Concerning the cloud workspace, it would be possible, that the IT services of the Danish regions (or of the whole state) run centralised clouds (Nextcloud, Moodle, ...).
Having worked with schools that use chromebooks before, generally the entire point of using them is that Google is your IT department. You don’t need any on site servers beyond a router from your isp, and can just return anything that breaks to Google for a replacement, all very cheaply. The records can all be administered by whatever teacher is least scared of computers and can use the nice gui. Especially for smaller schools with say a dozen or so total staff, not needing to pay a employee or MSP to fix the computers is a big deal.
Nextcloud however, as much as I like using it, requires a server. It requires the ability to understand hardware requirements enogh to get a good nas, an ok understanding of dns, and when the gui updater breaks, an ability to ssh in and run the updater manually. You need ssl certs, and if your using letsencrypt port forwarding, and public dns entery, and keeping on top of updates. Jan, fourth grade teacher who plays Stardew Valley and so isn’t too terrified when asked to go into the brightly colored menu, is not going even know it exists, much less install it.
Also, the problem with Fedora is that it also requires an domain, which means installing and configuring dedicated domain controllers, which is not an simple task. You need a deficated IT person, or you go with an MSP, and the MSP will just set up a windows environment in a few hours and be done with it.
In our university we have an Ansible playbook to set up firewall rules etc. and change the network share and user logins so that they can't access the Internet or any previously saved files.
Practical consequence to comply: throw away all them Chromebooks. Because one thing a Chromebook will not do is refrain from sending personal data to Google.
Or better: convert them into Linux machines. But I doubt whoever went with Chromebooks in the first place has the resources or the knowledge to do this: why would they have chosen to buy Chromebooks otherwise?
Indeed. And all that goodness is on purpose: Chromebooks are Google's trojan horse into your private data.
All Google products are designed to be as attractive and popular as possible so people are drawn to them like flies to a turd and give Google their data. That's why Google axes so many projects that aren't quite attractive and popular enough.
I know the word is overused now, but this is basically endhittification step one.
And considering it's Google, I'm not sure there need to be any other steps. They are luring people in as young as they can, establishing patterns with them (using Google services and Google software as soon as possible) and basically guaranteeing customers / surveillance targets for life