To educate students in the age of COVID-19, schools are relying heavily on technology during the pandemic—from videoconferencing programs to teaching tools and to temperature-taking apps. Fortunately, the physical distancing measures have slowed the spread of COVID-19, and most students and educators have found ways to adjust to remote learning.
Though the quick transition from in-person to remote learning initially created many, many challenges, a new normal has begun to emerge. It’s clear that remote learning in some form must remain an option, and an unforgettable lesson has been that institutions must be prepared for pandemics in the future.
The issues of data and privacy protection for students are supremely important. As in the worlds of business and government, vigilance will remain necessary.
For students’ data privacy in remote teaching, what are the responsibilities of educational institutions?
ONLINE LEARNING HIGHLIGHTS PRIVACY CONCERNS
The decision by schools around the world to move to online learning has aggravated security challenges and raised fresh privacy issues about the technologies that support virtual learning. With their adoption of technologies, many schools and teachers have shown a preference for ease of use more than considering a product or platform that will best protect student privacy.
As children move through the stages of education, from K-12 and on to college or trade school, they and their family engage with technology at every step in each stage. Whether it’s a computer lab at the local elementary school, a homework assignment that must be submitted online, or a cloud-based platform that enables teachers and parents to collaborate, the education environment also is a high-technology environment.
The onset of the pandemic has meant that much of a student’s daily life, from learning to socializing, has migrated to the world wide web. Students are also immersed in technology after school, enabled by having their own cell phone or at least having access to a home or public computer. Students text each other, post to social media, or play along in online games.
With every keystroke or screen tap or swipe on a device at school or through remote platforms monitored by the school, children provide their schools and other organizations with data that may or may not be protected by federal and state laws. Consequently, all data that a student generates might be at risk. Data that might be inadvertently tracked by the equipment or service vendor range from educational records to a student’s behavior on a school’s online platform.
WHAT IS DATA PRIVACY?
Data (or information) privacy refers to the handling of data in compliance with data best practices and the laws for data protection. Data privacy is about how data should be securely collected, stored, managed, and shared while in compliance with applicable privacy laws, such as the California Consumer Privacy Act (CCPA) or Europe’s General Data Protection Regulation (GDPR).
Protected data means that only authorized persons or organizations can access the data to see, copy, or alter it (which includes erasing the data). Data protection laws around the world seek to return control of an individual’s personal data to that individual or to parties authorized by the individual. The laws empower people to understand how their data is being used, by whom, and why, and to give people control over how their personal data is being processed and used.
Why is Data Privacy Important?
The importance of data privacy is much more than a need not to be embarrassed or humiliated (although this need is very important). Grave dangers can arise when personal information gets into the hands of malign actors, whether those actors are criminal organizations trying to empty a bank account or steal an identity, stalkers, kidnappers, or tyrannical governments or corporations. Stolen data can be weaponized to make someone’s life a living hell (in the common saying, or to “do a person down” in the British idiom).
Personal data is being weaponized for malign purposes. Before the “information age,” someone could hire a private investigator to follow a target (such as a dodgy spouse) to “catch them in the act.” Now, personal data can be collected and sold to a person or group simply to hurt someone. In 2018, Apple CEO Tim Cook warned that our personal data are being weaponized against us. In 2021, the investigative journalism site Vice.com confirmed how this works in a detailed story titled The Inevitable Weaponization of App Data Is Here. In April 2022, Vice.com described how creeps are making money off children in How Roblox ‘Beamers’ Get Rich Stealing from Children.
We cannot say we haven’t been warned.
The information that data merchants gather and sell for profiling and tracking the locations of adults can also be used for children. Refer to Presence articles on protecting privacy and hiding location data on a smartphone and how to spot misuse of your personal information online.
Who is Responsible for Securing Students’ Data Privacy?
Schools are legally and ethically obligated to keep student PII private, regardless of where and how the student data is created, used, or stored.
Student data privacy encompasses the collection, uses, movement, storage, processing, and governance of students’ personally identifiable information (PII). This PII includes any information that can be used to identify, locate, or contact an individual student—information such as name, address, student ID, and login information. PII also includes the student’s academic, health, and disciplinary records, as well as information that can be combined to identify a particular student, such as demographics and birth data.
A student’s data privacy is important enough for there to be legal restrictions and ethical standards for a student’s PII. Federal and state laws regulate the privacy of student PII, and while historically the enforcement has been lax, the legal landscape is changing.
Meanwhile, data collection and the use of student information inside and outside of schools is rising all the time. More collection and uses of PII create more risk for students because each point of collection, storage, and sharing is a potential vulnerability and, therefore, in need of safeguarding. In addition to the creation and sharing of PII—even if done carefully—administrators are outsourcing data services and bringing more technology into the classroom, resulting in more contracts with information technology (IT) service and solution providers.
These types of technical evolution should serve as a wake-up call for all types of administrators.
Typical Steps to Secure Online Learning
When considering the protection of data in online learning, stakeholders should know the common steps for the use of all their online learning tools, which consist of:
1) Preparing and correctly configuring devices, networks, applications, and teaching tools.
2) Preserving security and privacy for students when they initially sign up and regularly log into learning platforms.
3) Protecting privacy while students navigate learning platforms.
4) Best practices for staying safe while learning with social networking.
5) Clearing personal data after a session, class, or semester of online learning.
U.S. Federal Laws for Online Protection of Children
Following the enactment of the Privacy Act in 1974, the U.S. enacted special legislation in the fields of finance, consumer protection, and child discipline, such as The Children’s Online Privacy Protection Act (COPPA), The Protection of Pupil Rights Amendment (PPRA), K-12 Cybersecurity Act of 2019, etc.
Know About Your Data
Every day, you or your children will likely provide data, even if as a once-a-day entry of login credentials. You give identification documents and contact details to your employer, or the name of your kids and other information to their school, or your medical information to a medical facility or insurance company, or your IP address to provide your location and obtain directions, and so on. The solution is not to disconnect entirely and start living in a cave; on the contrary, you should keep on doing your daily activities while being about the information you are sharing, to whom you are giving access, and whether your information is securely stored and disposed of.
YOUR CHILD, OUR CONCERN
Effectively protecting personal data is easier said than done. Many internet users don’t have the appropriate tools or know-how to secure their online privacy (which is why our blogs seek to educate technology consumers). With modern advances in technology, the internet and its dangers constantly evolve and grow at a pace most people cannot match.
Begin your digital privacy education by taking the time to understand best practices around safely interacting with the virtual world we live in today.
Download the Presence app to manage your online identity. Presence offers a visual tool to help you see and manage your online privacy on social media and across the entire Internet. Presence Global gives you the ability to detect, protect (by auditing security and privacy settings), and control your online identity. Download the Presence Global app to get started at Apple Corporation’s App Store or the Google Play Store.
Explore these Presence articles and external resources to learn more about protecting the online privacy of school children and you.
#Study of the infusion#Join the movement