I will be writing a thread about what I learned at the Work Session on data privacy yesterday. Some is good, some not-so-good (with Director Carr asking the best questions). But I can say that SPS has NOT done enough.
From Education Week:
As part of a potentially explosive lawsuit making its way through
federal court, giant online-services provider Google has acknowledged
scanning the contents of millions of email messages sent and received by
student users of the company’s Apps for Education tool suite for schools.
In the suit, the Mountain View, Calif.-based company also faces
accusations from plaintiffs that it went further, crossing a “creepy
line” by using information gleaned from the scans to build
“surreptitious” profiles of Apps for Education users that could be used
for such purposes as targeted advertising.
Gmail is a key feature of Google Apps for Education, which has 30
million users worldwide and is provided by the company for free to
thousands of educational institutions in the United States.
“This should draw the attention of the U.S. Department of Education, the
Federal Trade Commission, and state legislatures,” said Khaliah Barnes,
a lawyer with the Electronic Privacy Information Center, or EPIC, a Washington-based advocacy group. “Student privacy is under attack.”
The questions swirling around Google Apps for Education also have
major implications, observers say, for how the Family Educational Rights
and Privacy Act, or FERPA, will be interpreted and enforced in the new
era of digital technology and “big data” in schools.
They note that the Houston School District declined to adopt the Google Apps for Education exactly because of worry over what Google would be doing with data it gets from student use.
“The landscape of what districts are facing is changing at light speed,”
Mr. Schad said. “We have to come together as educational entities and
say to vendors that certain privacy protections are non-negotiable, and
we won’t do business with you until they are in place.”
How many people are involved?
In California, a total of nine plaintiffs are accusing Google of
violating federal and state law. They hope to turn the case into a class
action and are seeking financial compensation for millions of Gmail
users, as well as better disclosure by Google of its practices. (Google could not provide a current number of K-12 users in the United States.)
From a Google declaration to students at the University of Alaska:
"The University of Alaska (“UA”) has a “Google Mail FAQs,” which
asks, “I hear that Google reads my email. Is this true?” The answer
states, “They do not ‘read’ your email per se. For use in targeted
advertising on their other sites, if your email is not encrypted,
software (not a person) does scan your email and compile keywords for
advertising. For example, if the software looks at 100 emails and
identifies the word ‘Doritos’ or ‘camping’ 50 times, they will use that
data for advertising on their other sites.”
“The fact that Google put this in their declaration means we take
it as true,” said Ms. Barnes of the privacy watchdog group EPIC.
Google’s sworn court statements reveal that the company has violated
student trust by using students’ education records for profit.”
And again, information could follow a child forever and they might never know.
To illustrate the potential harm of Google’s alleged data-mining
practices, Bradley S. Shear, a social-media and digital-privacy lawyer
based in Bethesda, Md., posed a hypothetical situation in which a
teacher using Google Apps for Education emails a parent with information
related to a child’s disability status or mental health.
If the full range of allegations in the California suit is true,
Mr. Shear said, the contents of such an email could be used by Google to
build a digital-user profile that might follow that student
This is why I am concerned. You should be as well.