Cyber Security: Can We Protect Kids’ Privacy?

Last week this blog covered the brouhaha in New Jersey, when a school superintendent was notified by Pearson that a student had posted information on Twitter about a question on the electronically administered PARCC Common Core test.  A couple of days after the story broke in New Jersey, Stephanie Simon, Politico‘s top education reporter, explained that we shouldn’t be surprised: “But Pearson is hardly the only company keeping a watchful eye on students.  School districts and colleges across the nation are hiring private companies to monitor students’ online activity, down to individual keystrokes, to scan their emails for objectionable content and to scrutinize their public posts on Twitter, Facebook, Vine, Instgram and other popular sites.  The surveillance services will send principals text-message alerts if a student types a suspicious phrase or surfs to a web site that raises red flags.”  Companies and the school districts that hire them are not only scanning for cheating on standardized tests, but also looking for signs of bullying, threats of violence, and indicators of depression.  Simon reports that a dozen states have passed laws to try to curtail such activity, “But such laws protect only accounts marked as private.  Many kids post publicly to build up their online followings.  And when they do, companies with names like Social Sentinel, GeoListening, Varsity Monitor and UDiligence are there to read them.”

Emma Brown of the Washington Post reports that the issue very likely emerged into public view last week because of the way the Common Core exams are being administered—the same test given in several states on a staggered schedule.  “It used to be that all students across a state took a paper-and-pencil test on the same day or days.  Now children are taking the same Common Core tests in multiple states during a period lasting longer than a month.  That has created a more intense test security problem for K-12 standardized exams.”  Security is also increasingly complicated when students are using computers—and even taking home computers—owned by their school district.

In the House of Representatives, Reps. Luke Messer (R-IN) and Jared Polis (D-CO) are circulating a draft bill, to be introduced early next week, that they say will curtail such surveillance of students and increase student privacy.  While the law’s sponsors say it is intended to ensure that data collected by monitoring students will be used only for educational purposes, in a follow-up article for Politico, Stephanie Simon reports, “The bill lets education technology companies continue to collect huge amounts of intimate information on students, compile it into profiles of their aptitudes and attitudes—and then mine that data for commercial gain.  It permits the companies to sell personal information about students to colleges and employers, and potentially to military recruiters as well…”  It wouldn’t stop what is happening when students use educational programs created by education software companies: “And every time a student clicks through an online textbook, watches tutorials, plays games or takes quizzes online, he sheds an enormous amount of data, not just about what he knows but also about how he learns, thinks and perseveres in the face of challenge.  Top ed-tech companies boast of collecting millions of unique data points on each child each day.  That’s orders of magnitude more than Facebook or Google gather on their customers.  And most of that data isn’t protected by existing federal privacy law because it’s not part of a students’ official ‘educational record’…”

Simon reports that while many people believe Messer and Polis’ bill would at least prevent companies’ using personal information to advertise to students and would require that ed-tech companies delete data within 45 days if a school were to request it, the bill is filled with loopholes.  For example, data companies could continue to sell students’ data if a parent or the student requests that it be shared—even by checking off a box on the test itself: “An online textbook, tutorial service or gaming app could likely fulfill this requirement by asking kids to check a box if they want to hear from colleges or employers interested in students just like them.”

The problem is that most of us don’t even know how to think about what feels like spying on kids.  Anya Kamenetz, reporting for NPR, interviews privacy experts who suggest several specific issues to consider: “SECURITY   My child’s information will be stolen and misused by hackers… TRANSPARENCY   My child’s information is being collected, stored and shared, but I don’t know where or by whom or why… COMMERCIALIZATION    My child’s information will be used to target online advertising or otherwise exploited for commercial gain… REPUTATION   My child’s information will be ‘out there,’ discoverable in the ether somewhere…”

Even if Messer and Polis’s bill is passed by Congress, nobody thinks it will be a final or permanent solution.  What does student privacy and security mean in our online world?  How much can we control?


One thought on “Cyber Security: Can We Protect Kids’ Privacy?

  1. Jan, Great Articles recently! The cyber security exposure and self-disclosures could
    prove to be life long problems for high schools and college students. Rev. Ron Hooker

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s