By Ben Johnston
Mary Shelley’s Frankenstein was published in the early 19th century when scientific discoveries like chemistry and electricity captivated a generation. These discoveries also terrified them. The book embodies these tensions.
We know the story..
The protagonist and budding scientist, Victor Frankenstein, breathes life into an assemblage of body parts dug from the grave. After being mistreated, this being slipped out of hand and became a real monster.
Today, we stand at the intersection of incredible advancements—internet, technology, and student information. The captivation and fears are very much the same as in Mary Shelley’s day. Student data has incredible potential to inform education. It also can be terrifying with the potential to slip out of hand, and the stakes are high. It’s crucial that you become an informed steward of student data and make good decisions about the tools you purchase (or download for free) that collect student data (before you click the “accept” button).
I’ll share examples that shed light on the hidden but very real dangers. I’ll also explain how we (at Don Johnston) are committed to only storing safe and useful data.
You have apps, browser extensions, and software applications that can send just about anything they want to any server they want anywhere in the world. It’s likely that student information is being transferred from from your school computers to the cloud right now.
What if a student searches Google for something that is sensitive like “divorce”? (I’m sure you can imagine much worse search terms that could be collected.) A student creates a resume for college and includes their social security number. What if the student’s tools are installed onto a computer used at home and the parent logs into their bank account? What data is being tracked?
That data could instantly sit on a server (or several servers) somewhere in the world, and that data wouldn’t necessarily have the same guidelines as your home country.
The free text-to-speech app you downloaded to read content could be collecting data on you and your students. Remember what your parents told you about free? When you click “agree” to your app’s terms and conditions, you are often agreeing that a 3rd party non-educational institution can track and store data on the student. You should be diligent before agreeing—even if the app is free.
What precautions should you take to protect student data?
Here are some simple questions to ask companies before you buy their products (or download their free apps).
1. Exactly what information is collected by the 3rd party vendor?
It’s easiest for companies to send everything that is searched for, written, and read to the server. This also puts privacy at the most risk—even if it reaches the server and is immediately deleted. If you track everything that is written, what happens when a student fills out a college app or a job app-that company has a social security number (from our earlier scenario)?
2. Do you have an easy way to delete all data held on a student and disable data tracking for a particular student without disabling access to the tool? Describe the process to make this happen.
Under Children’s Online Privacy Protection Act (COPPA), parents can request to receive all of the data held on a child even by third party vendors. They can also request that the data be deleted. Would you be comfortable if a parent requested this information from every technology you utilize that is collecting data? Would you be comfortable telling a parent where this data is being stored? Parents can also request that no data be passed to a 3rd party vendor outside of the educational institution.
3. Where are your servers located, and could my data ever be sent outside of my home country?
Different countries have different regulations that may not coincide with your privacy requirements, so it’s important to know where your data is being stored.
Just because a company says they’re COPPA or FERPA (Family Educational Rights and Privacy Act) compliant, or signed on to some list, doesn’t mean you’re off the hook. You’re not. Each has its own unique set of guidelines and may not protect you completely. COPPA only applies to children under 13, and FERPA has separate parent rights that transfer to student when turning 18.
The stakes are huge. inBloom, the $100 million funded nonprofit backed by the Bill and Melinda Gates Foundation, was shut down over student privacy concerns raised by parents.
Flint Schools in Michigan was recently sued by a disability rights group because the district didn’t respond in proper form to the request for special education data under FOIA (Freedom of Information Act).
Under COPPA, “A court can hold operators who violate the Rule liable for civil penalties of up to $16,000 per violation.”
How do we (Don Johnston) protect student privacy?
We extensively researched the regulations and even go beyond the minimum requirements to ensure your data is valuable, yet safe. We also asked ourselves, “What would we (as parents) be comfortable with a third party collecting on our children?”
Here’s how we handle privacy with Co:Writer and Snap&Read:
We process data including what students read and write on the local computer or device and only send metadata to our servers solely to be viewed by the educational institution. For example, with Co:Writer, we collect 1) how much time the student spent writing, 2) how many words were written, and 3) the specific words written matching up to academic, transition, and important words. This data doesn’t give any context to know what was written. There is no potential for sensitive data to be stored on our servers. We don’t collect search terms, websites visited, passwords, or the specific text read or written. They never even reach our servers. We want to make sure that you get powerful data that won’t jeopardize and put you at risk of violating student privacy.
We also include the ability to delete all data stored on particular students so you can comply with parent requests under COPPA. A Privacy Mode restricts any data from being collected on students when selected. Importantly, the students can continue to use their accommodations without data being collected or stored. And all of our servers are located in the United States where you can be confident of the laws regulating them.
When you have our tools, like Co:Writer and Snap&Read, you can be confident that your data is safe and well-managed, so you can face your parents and confidently tell them the data that is being collected, how it is collected, and where it is stored. You can feel confident that your student data won’t slip out of hand and become a monster!
Want to get our LeaderLink Newsletter delivered right to your inbox?