We live in a world that embraces “fast.” Fast food, fast lane, fast track. Let’s face it—we like things to move quickly, especially when they make our lives easier and more convenient. Technology plays a huge role in almost all fast-changing endeavors, from how we shop, to how we socialize, to the hardware and software we purchase.
But let’s slow down a minute. Speed and convenience are highly valued in our society, but so too is privacy. When we talk about student privacy, and the protection of student data, you might be inclined to gloss over the topic as too trivial to care about. However, considering how many K-12 school districts are starting the 2020 –21 school year with at least some remote learning, student data protection matters now more than ever.
It’s vital we remind ourselves what can happen when student data is compromised. Security expert Tony Porterfield wrote in an EdSurge piece entitled “Why Student Data Security Matters”, “While it’s true that most adults and even teenagers regularly enter personal information to services that may not keep it private or secure, including social media, there’s a fundamental distinction between this and what happens in the educational setting. At schools, student information is entered by educators, or by students themselves, to online services chosen by educators on a student’s behalf. Students and their parents are rarely asked permission and younger children are not capable of making such decisions. There is an obligation and responsibility on the part of the service providers and educators to make sure that the information is protected.”
Porterfield isn’t the only one concerned with what happens if student data gets into the wrong hands. In a March 2020 Education Week piece entitled “Massive Shift to Remote Learning Prompts Big Data Privacy Concerns,” Cheri Kiesecker, co-chair of the Parent Coalition for Data Privacy points to a 2018 warning from the FBI that notes companies collecting too much data from students without properly protecting it, “could result in social engineering, bullying, tracking, identity theft, or other means for targeting children.”
These are worst-case scenarios, but schools have a legal and ethical obligation to protect student data. While FERPA (The Family Education Rights and Privacy Act) is the federal legislation that forbids schools from disclosing student information without parental consent, like most laws, FERPA isn’t perfect. With the growing impact of education technology over the last seven years, most states have enacted additional student data protection laws to bring stronger protections to students being served in public schools.
But technology moves faster than legislation ever will. Unfortunately, so do pandemics. And when Covid 19 crippled the delivery of traditional K-12 education this past spring, it would be an understatement to say the forced transition to virtual learning went a little awry. This isn’t about blame—everyone on the planet, including educators, adapted as best they could to working remotely. They used whatever tools they could find. And one of the things educators quickly discovered was Zoom.
Zoom was free, easy to use, and provided a “fast” solution, but Zoom was also designed as a business software tool without K-12 student protection in mind; hence not the safest bet for a classroom setting. The Zoom fallout was swift and loud, and the term “Zoom bombing” became notoriously affiliated with disruptive classroom intrusions by internet trolls.
EdSurge wrote, “A standard Zoom account is ‘not at all’ compliant with FERPA, COPPA or state student privacy laws...and should not be used by schools or students in any official educational capacity. Recent analyses from Consumer Reports and Motherboard have found that the app shares data with third parties including Facebook.”
This New York Times tech report by journalist Shira Ovide entitled “Zoom is Easy. That’s Why It’s Dangerous” takes the argument a step further. “People who work on technology products obsess about removing anything that slows us down. ‘Friction’ is bad. As was the case for other companies that decided to make things as easy as possible, Zoom’s ease was good until it wasn’t.” As Ovide further points out, entering a password before joining a video call and making the administrator approve entrance is a hassle, but it also provides a layer of security for everyone on that call. And when students are on that call, security really matters.
We aren’t intending to pick on Zoom. We’re simply making the point that free, fast and easy can come with grave, albeit unintended consequences for schools. The software they use and the technology they provide to educators and students must be secure. Student data must be protected at all costs. Children must be kept safe. If that means slowing it down a beat or two to evaluate different platforms, entering passwords for entry, or paying more than you think a software license should cost, consider all that’s at stake. Afterall, fast, easy and free comes with its own price.