Do you know who’s peering over your child’s shoulder at school? It’s not just the teacher.
Technology has enabled schools to completely overhaul how they collect, store, and control access to sensitive student data. A recent survey by Fordham’s Center on Law and Information Privacy found that “95 percent of schools rely on cloud services for a diverse range of functions,” including data hosting, planning bus routes, classroom instruction and assessments.
Many schools also use free apps for instruction or homework assignments. But these “freemiums” aren’t actually free – they’re paid for with students’ privacy. Thousands of public school districts, for example, are now using Google’s Apps for Education, a suite of web-based tools including their popular email service Gmail. Google now admits it scans and indexes the emails of these student accounts.
A student in the classroom, or doing homework, should not be the unknowing participant in a continuous corporate focus group. Yet that is exactly what he or she becomes when we allow non-stop “data-mining” into the classroom. The tools our teachers use to improve the quality of education should not be compiling marketing dossiers on who kids are, what they’re like, and how they’re vulnerable.
The rush to get student data into the cloud has not been accompanied by careful attention to student privacy. The Fordham review found that “districts often surrender control of student information when using cloud services.” Providers often dictate the terms of contracts with school districts and many agreements allow companies to change the conditions without notice. These contracts often place few limits on how the data can be used by vendors; fewer than 7 percent of the agreements restricted the sale or marketing of student information.
There is an implicit arrangement that when we use the Internet, we surrender some personal information in exchange for free content. But in schools, students and their parents are deprived of the ability to opt in or out of this arrangement. We cannot rely on the goodwill of companies or expect the marketplace to protect student’s privacy. So much of what is occurring happens without parents’ knowledge or consent – and even educators often lack a full understanding of how student data is used.
Many of the laws and regulations that govern the collection and dissemination of their personal information were enacted when records were kept on paper in a filing cabinet. As is the case with many societal issues today, the law has not kept pace with the technology.
Privacy legislation is pending in Washington and on Beacon Hill. Any legislative fix should set rules for how student data is transmitted, stored and secured. It should ensure that vendors destroy that data when their contract with a school district expires. Most importantly, it must prevent any student data from being exploited for marketing purposes. These measures are the only way we have of watching our children’s backs.