First steps at protecting students’ privacy.

IMG_7359

I admit that at one point in time I was one of those educators who allowed students to sign into a site using a teacher’s credentials in order to gain access, for example, some of our intermediate students used Prezi for project work and signed in under the same generic Gmail account maintained by the teacher.

Nope:

Screen Shot 2014-09-28 at 7.21.09 AM

Over the past two years, however, thanks to the work of Audrey Watters, Bill Fitzgerald, and many others, maintaining the privacy and protecting my students online has become one of my main priorities as elementary technology coach. Prompted by a statewide communication last year from the education solicitors, our district set to work on making sure that parents were informed and involved in the decisions to allow their children to have accounts established at various educational websites and productivity services.

My scope is elementary, so I read a lot of Terms of Service/Terms of Use and privacy policies to make sure that our kids are even permitted to click on the website let alone establish accounts there. For example, we had been using Today’s Meet to organize classroom conversations in some of our intermediate classes. “No accounts are required, great!” was my initial reaction, and it worked well. I used it with staff in meetings, and I loved the ease and simplicity of use. Dig deeper, read its Terms of Use, and you’ll see that students under the age of 13 are not permitted to use Today’s Meet. Thus, I advise teachers to no longer use this service with elementary students, and it’s not on our approved list of educational websites for students <13 years old.**

Screen Shot 2014-09-28 at 6.41.26 AM

 

Let me please say that following are our initial steps in helping parents and teachers become more informed and involved in matters of student privacy and data use as it relates to educational service/website use. In no way is our procedure perfect. We need to continually work at improving this system to help ensure parents and students can be advocates for the way children’s privacy is maintained throughout their school careers (and lives). We also use  resources shared by Common Sense Media about privacy and protection to help students understand their rights as digital consumers and creators.

Due to COPPA language, we target our request for permissions to students under 13 years of age, which covers all of our elementary students as well as  a good number of seventh graders in our middle school. (However we really need to consider how we are informing all parents and community members, K-12 and beyond.) In opening week paperwork, parents receive this informational letter (modeled after the letter drafted for us by our solicitors), a consent form requiring parent signature, and the list of district-approved educational websites and productivity services where the child may have an account established. Not all teachers utilize all services on the list nor are they available to all students K-7, but we decided to compile them all on one list for ease of distribution. Parents receive a hard copy of the list in the fall, and we maintain this living list on this district site. If the district approves a new website for use, I update the living sheet and we send home an additional parent permission form to those students who will use the site. Homeroom teachers collect the forms and note any students who have not returned the consent form and forms are compiled/logged in the main office of each building. In the future we hope to integrate the logging of these forms electronically via our SIS and/or allow parents to consent via the parent information portal, but we’re not there yet. Parents are encouraged to contact building principals if they choose to opt out and/or if they have questions involving the educational use of any of the websites. They can choose to opt out of one or more services if they so desire. Learning accommodations are made for students who cannot interact with a digital service.

It’s a start. We still need to provide more parent and teacher education on the specifics of student data and privacy to help them protect their children in all elements of online and mobile interactions, not just their educational website use, which is supervised by caring teachers and school personnel.

I think it’s time we need to reign in our overzealous enthusiasm about the latest and greatest ed tech products and services. I get it. Shiny new things are cool and so are interactive websites and gee, the kids really are going to love it so I’m just going to set them up with usernames and passwords and let’s give it a try! I know, I know. We’re telling you to integrate and be all up in 21st century skills and now we’re warning you about doing so. Shame on us.

Just be smart. Read terms of use and privacy policies. Ask for help if the terms are so full of jargon and nonsense you can’t make heads or tails of the meaning. Be the adult. Inform and involve parents in decisions. Get your administrators informed, because sad to say, they’re likely not the most informed bunch when it comes to student data and privacy.

Protecting students’ data and privacy is becoming increasingly difficult every day, but that’s no excuse for not taking steps to do so.

It starts with you!

 

**At the time of initial publishing, the Today’s Meet terms were captured above. They have since updated their terms to read: “In order to create a TodaysMeet account, you need to be 18 or older, or be 13 or older and have your parent or guardian’s consent to this Agreement, and have the power to enter a binding contract with us and not be barred from doing so under any applicable laws.”

The point of this original post was not to call out certain services or products for their failure to acknowledge whether or not students <13 can lawfully use the service, but to relay the importance of reviewing terms (for educators and parents) before deciding whether to allow the use of tools.