Opinion: The case for safeguarding students' digital privacy
Loading...
Proper framing is the key to moving any debate forward. Unfortunately, the student privacy discussion keeps dancing around a fundamental question: Should elementary schools talk directly to students about the risks and long-term impacts of their online activities?
From a distance, it may seem that schools are simply creating high-tech versions of last century’s textbooks and worksheets. But what's really happening is much more than just repurposing printed supplies for the Digital Age. Schools are selecting cutting-edge technologies that will transform how students are taught, what they learn, and that will help define their attitudes toward technology for years to come.
Think about putting a first-grader in front of a computer and teaching her to set up an account and create a password. This differs immensely from telling her 1980s predecessor “open your textbook to page 3,” and not just because interactive content is available. Little Lucy is acquiring computer skills that can be exercised outside of the classroom when her teachers aren’t watching. And she might be motivated to hop online then, too – especially if she believes a trusted authority like Ms. Teacherstein taught her to see computers as useful devices.
The Future of Privacy Forum (an organization we both work for) recently commissioned a Harris Poll survey of 672 parents of public school students from across the country to get a sense of what they consider appropriate uses of student data. The full version of the survey will be released on Monday at the 2015 National Student Privacy Symposium in Washington.
Perhaps most importantly, the survey indicates that parental concerns over security and privacy mirror the results of other polls for Americans on privacy in general. Simply put, parents care about schools, agencies, and ed-tech vendors handling and protecting student data in much the same way they care about their own financial and health information. For example, most parents worry about hacked or misused student data.
We can infer from these results that parents have accepted – if not embraced – Digital Age ideals about the value of making information easy to access and analyze. Parents believe schools can effectively manage the long-term accumulation of student data by doing a good job of handling it. Of course, determining which security standards are appropriate remains a matter of debate. For the past two years, state legislatures around the country have been holding tough conversations about security.
Now, boundaries are becoming clear and the spectrum of policy solutions is narrowing. This is a containment model of education: carefully police the labels, profiles, and tracking-based activities that occur within the educational ecosystem; ensure that information which stops being educationally relevant is deleted.
Parents showed they’re aware of the dark side of electronic education records. They are concerned that a college or employer could examine these dossiers and draw negative conclusions (68%). This means they’re worried about their children losing opportunities because of how others respond to digital information. But children create their digital presences early on. They might begin when elementary schools provide computer training and encourage students to accumulate experience with online activities. And once these presences take shape, they easily begin to multiply across domains and platforms.
We personally believe elementary schools that integrate tablets, laptops, and desktops into their curricula should be assuming more responsibility for confronting the long-term implications of online identities created by students.
When students are led through the process of creating accounts and setting up passwords, schools become responsible for providing a broader explanation for why passwords matter and what happens once information is stored in databases and others can analyze it. Even if the ideals reflected in the survey became safeguarded by perfect procedures – even if schools and vendors strictly limited data access and use for properly designed educational purposes and expunged it upon completion – students still would remain vulnerable to all kinds of extra-curricular data collection and scrutiny.
We realize this may be a controversial view. We’re both parents and we know that parents can disagree with schools about all kinds of issues involving age-appropriate learning. In this case, reasonable people can have different takes on when to introduce online accounts and when to teach good privacy and security practices.
But the fact remains that lots of young kids are violating terms of service conditions and signing up for social media accounts and other products before they’re old enough. Should schools accept the reality that underage pupils are digitally active, so to speak, and respond accordingly? Or should they turn a blind eye since technically the activity shouldn’t be happening? And what about the fact that while some kids are only exposed to the Internet in computer labs, others are getting smartphones, tablets, laptops, and desktops before they complete the fifth grade?
We might hope that parents introduce privacy and security concerns at least as early as they introduce these devices. But that’s probably idealistic. It presupposes two questionable things: that parents are sufficiently literate about privacy and security matters; and that parents are sufficiently reflective about how their behavior sends distinct messages about privacy and security.
At a minimum, elementary schools should be responsible for introducing the ideas of digital presence and the enduring nature of online information, and explaining basic security and privacy rules that accompany the hardware and software they put in students’ hands. This will be a difficult task that requires lots of guidance and resources to get right. But unless schools move in this direction, they won’t be promoting truly smart digital literacy or respecting the long-view of privacy protections.
Evan Selinger is a professor of philosophy at Rochester Institute of Technology. Follow him on Twitter @EvanSelinger.
Brenda Leong is senior counsel and director of operations at the Future of Privacy Forum. Follow her on Twitter @BrendaKLeong.