FPF’s Education Privacy Newsletter – April 2020

FPF’s Education Privacy Newsletter – April 2020

Welcome to the April edition of the Education Privacy Newsletter!

As you can imagine, concerns about student and child privacy have grown exponentially in the wake of the COVID-19 pandemic as education has shifted almost entirely online. In an effort to cut through the noise, we just released this new resource offering best practices to help school districts and educators more effectively adopt online learning tools during this confusing time. Also check out the video and slides from our webinar on student privacy and online learning FAQs.

Check out key news stories below, and, as always, feel free to reach out to us at any time with student privacy questions.

Top News

Previously, we’ve summarized reports about schools relying on location tracking for attendance. However, now that classes are now entirely remote, advocates worry that COVID-19 spurred changes will “Usher in an Era of Mass Surveillance in Higher Education” while schools are looking for new ways to measure outcomes and engagement:

  • Some schools are using online proctoring tools that record test-takers, track student bodily movements for “suspicion scores,” or use facial recognition are raising questions about school-mandated surveillance; students worry that these tools force them to “giv[e] up their freedom” and advocates argue that these tools “exist because they are selling a narrative that students can’t be trusted.” Students required to use proctoring tools report that they slow down their computers considerably and require strong Wi-Fi connections, creating equity concerns for those without new devices or stable internet connections.
  • Inside Higher Ed published a piece on the consequences that rushed online learning environments can have on students, and how a focus on policing cheating is misguided. Instead, instructors should focus on relieving anxiety and pressure, which serve as “tipping points” for dishonesty.
  • EDUCAUSEReview reminds administrators and educators that while “the temptation to compare online learning to face-to-face instruction in these circumstances will be great,” remember the distinction between online learning and “emergency remote teaching”; exigent circumstances have created the current education environment.
  • Hybrid Pedagogy published a piece on the harms that can result from online proctoring tools, including privacy and dignity harms, the risk of discrimination, and accessibility issues.
  • Faculty at the University of California Santa Barbara wrote to campus officials that they “are not willing to sacrifice the privacy and digital rights of our students for the expediency of a take-home final exam” with regard to ProctorU, a proctoring tool the university rolled out amongst its online learning services. In response, ProctorU submitted a ridiculous demand letter with accusations of defamation and more.
  • The University of California, Berkeley banned the use of proctoring tools for the remainder of the semester, urging professors to hold open book exams and schedule shorter tests instead.

Schools across the country are struggling to roll out online learning measures, and some states are already preparing to extend online education programming into the fall semester of the 2020-21 academic year. If school closures continue into the fall, the College Board announced that students will be able to take the SAT college admissions exam at home and online. Administrators are grappling with finding privacy-protective tools for their students, responding to an increase in cybersecurity incidents, and supporting equity in access:

  • EdWeek reports that as more online learning platforms expand free offerings for schools, state and local technology offices are struggling with teachers “bypassing the typical vetting procedures for new tech products by adding . . . free products directly to their single sign-on platforms for students and teachers to use.” This issue is complicated by the fact that many educators are turning to non-educational tools to serve their students.

  • Hackers and trolls have taken advantage of the increased use of Zoom’s web conferencing tool by “zoombombing” and disrupting user experiences. Privacy advocates have expressed concerns over the company’s data security and sharing practices.
    • As a result of this increased scrutiny, several school districts across the country have banned the use of the platform altogether, creating new upheaval and confusion for teachers who had already started teaching on the platform. However, some security and student privacy experts pushed back on the push-back, largely worried that the knee-jerk banning of Zoom would just lead to educators and the general public using software with similar issues that aren’t currently under a microscope in the way Zoom is.
    • After the FBI issued a warning about Zoom “teleconference hijacking,” several state attorneys general launched investigations into Zoom, requesting information about the company’s security and data privacy practices.
    • In response, Zoom made updates to its privacy policy indicating privacy is top of mind, especially with regard to student users through institutional accounts.
    • On March 31, Connecticut Senator Blumenthal wrote a letter to Zoom’s CEO requesting information about the company’s data privacy and security practices, echoed by Massachusetts Senators Warren and Markey, who also wrote a letter with a concerted focus on how protecting children and student privacy requires special attention. On April 3, Ohio Senator Brown wrote to the FTC, requesting that the Commission investigate Zoom for deceptive practices.

  • The Washington Post reports that even well-planned remote and online learning plans can run into issues when current students are the ones causing havoc, with issues such as racist usernames or homophobic comments occurring on the first day back in one of the largest and most technologically adept districts in the country.

  • Cybersecurity incidents are plaguing schools across the country, as increased reliance on online platforms exposes how ill-prepared school infrastructures were for the shift to online learning.
  • School districts are finding creative ways to help ensure students can continue learning at home, including employing school buses as Wi-Fi hotspots, partnering with startups and corporations to provide students with internet access, and even working with TV stations to provide educational programming to students.
    • Some school districts worry that shifting to online learning without ensuring equal access to the internet not only risks leaving students behind4 in 10 teens say they haven’t participated in online learning since schools closed; students with disabilities are at risk of regressing – but also exposes school districts to potential lawsuits. Federal policymakers hope to address these concerns through aid packages, and advocacy groups have voiced support for coronavirus legislation to fund Wi-Fi hotspots, broadband internet access, and devices for students.
    • But what does this have to do with privacy? The big question for privacy nerds is if CIPA’s requirements to filter and monitor the internet and/or devices will follow any policymaking or dollars aimed at closing the digital divide.

FYI: Quick Hits

  • Social distancing measures have also thrust children’s privacy into the spotlight. The FTC recently published a blog post for parents on remote learning and children’s privacy, and The New York Times published “Teaching Your Kids to Be Safe Online: A Hasty Primer” for parents who need to quickly establish ground rules and protections for their children’s increased internet interactions.
  • Advocates worry that North Carolina’s online learning platform may “out” transgender students because the system requires students to register with “their legally recognized name and designated sex at birth,” rather than using the information they use at school.
  • In an opinion sent to the Arizona House of Representatives, the state’s Attorney General believes that universities “should favor transparency” and use appropriate HIPAA/FERPA exceptions to disclose information about COVID-19 cases. The Arizona Board of Regents responded stating that universities should “balance protecting . . . students, keeping confidentiality under the law, and public purpose” when considering releasing details about individuals to the public.
  • The Ohio Supreme Court will hear oral arguments in the lawsuit on whether FERPA allows media to access the K-12 school records of the deceased 24-year-old who “opened fire in [Ohio’s] Oregon District” last August.
  • The World Privacy Forum published a report focused on FERPA’s directory information exception. For anyone who’d like an overview of that exception, why it is needed, and best practices to protect student privacy when it is used, check out the article Amelia wrote in 2017 here.
  • Two Illinois students have sued Google for violating Illinois’ Biometric Information Protection Act by storing student “face templates” and “voice prints” without parental knowledge or consent.
  • MIT Technology Review reports that “children are using Facebook Messenger Kids to deal with coronavirus isolation.”

Resources

Recess

In these unprecedented times, we give you four things to brighten your day:

The New Yorker: An Introduction to Zoom for Teachers

Pay close attention to the kids’ lyrics on online learning!:

 

Related Resources