Skip to main content

The Journal Gazette

Wednesday, March 16, 2016 7:15 am

Offering an education in surveillance

Rachael Stickland and Leonie Haimson

Schools today are tracking students far beyond George Orwell’s wildest fears. In addition to their grades and test scores, students generate thousands or more data points over the course of each school day. When it comes to surveillance, the NSA is getting schooled by the education technology industry.

A typical day for the average student might look like this: When Johnny boards a school bus, his ID badge emits a frequency tracking his location; in class, his laptop delivers instruction and tests and then records the results, all sent to an off-site vendor along with his racial, economic and disability status. When he speaks in class without raising his hand, the teacher catalogs the event and gives him a demerit via a behavior app devised and stored by a software company; at lunch, his meal selections are recorded and his fingerprint scanned to authorize payment; his heart rate and other biometric data are monitored and uploaded during PE class; and when he returns home, Johnny is assigned online homework via Google apps or other programs.

All the information is collected and data-mined by vendors – often without his parents’ knowledge and consent, and may be used to create a “profile” that incorporates his personal preferences, academic performance and health.

Ostensibly, schools want real-time access to this data to offer students “personalized” learning, government agencies want the data to evaluate programs or teachers, and companies want it for product development and to market their wares directly to students. In most cases, there are few, if any, legal restrictions on how this highly sensitive data are used and disclosed to other third parties.

Existing federal laws governing student privacy, including the Family Education Rights and Privacy Act, all fall short of protecting students, especially asFERPA’s fundamental right of parental consent was effectively eliminated by the U.S. Department of Education in 2008 and 2011.

In response, parents and privacy advocates are organizing and demanding action. Last summer, after defeating the data-gobbling, Gates-funded corporation called inBloom Inc., we formed the national Parent Coalition for Student Privacy to demand that parent voices be heard in the debate over student privacy.

We called on Congress to strengthen FERPA and have released a set of core principles which include the rights of parental notification and consent, the ability to correct and delete data collected by vendors directly from children, robust security provisions to prevent against breaches, and enforcement mechanisms, including the right of parents to sue if their children’s privacy is violated.

Reps. Luke Messer of Indiana and Jared Polis of Colorado recently introduced a bill to restrict the way companies use the student data they collect. This bill is an important step in the right direction – it bans the sale of student data – but it could use improvement by requiring parental notification and consent before children’s most personal data is handed off to third parties. The bill also allows targeted ads to kids – as long as the ads are selected based on information data-mined during a student’s single online session.

We strongly believe there should be no advertising allowed in instructional programs assigned to students, as they are a huge distraction to learning. Moreover, how can a parent know whether any ads that her child is subjected to are based on mining their data during one session or over time?

There are no specific security provisions required by the bill, only that they should be “reasonable.”

We believe that any vendor with access to sensitive student personal information should be required to employ data encryption, undergo regular security audits and other important measures to protect against devastating breaches.

Once a child’s most personal information is scattered across the Internet, his privacy can never be wholly regained.

But technology companies won’t give up without a fight. In Colorado, lobbyists for K12 Inc., Microsoft and Google led a successful effort to weaken that state’s privacy bill, inserting amendments that took all the teeth out of the law so that the bill’s co-sponsor allowed it to die on the last day of the session.

But we parents won’t give up either: our children’s privacy and safety are precious and should not be put at risk for the sake of commercial exploitation or gain.