How did you celebrate Data Privacy Day this year? Did you change all of your passwords? Or did you enact two-step verification on your login data?
Chances are you’re not even aware of what day it falls on (it’s 28th January for those playing along at home).
Despite being around for almost a decade, Data Privacy Day doesn’t get much news coverage. Like a lot of our personal data that we give out freely online, we don’t give it a lot of attention, even with fresh headlines each week of social media hacks, stolen personal images of the rich and famous, and whole corporations being held to ransom.
Whether it’s convenience, laziness or lack of education, our willingness to trust companies to not mine our data is at its peak.
Recent experiments that have raised awareness of the dangers of using free Wi-Fi networks from unknown providers include:
- Using a seven-year-old to hack a Wi-Fi connection following steps she found via Google;
- An Internet activist who fooled Swedish security and defense experts into joining an open Wi-Fi network set-up to monitor their Internet use; and
- A Finnish security firm including a ‘Herod clause’ in the terms and conditions of a free Wi-Fi network where “the recipient agreed to assign their first-born child to us for the duration of eternity”.
These examples highlight the dangers inherent in systems we use every day, albeit, extreme ones. Luckily, the six people who signed over their firstborn were given a reprieve.
What about student data?
It has taken a while for us to realise the importance of protecting the data and privacy of students.
Schools have long kept records on their students that included personal information, health issues, grades, suspensions, absentee and truancy records, etc. But, as school administration systems have moved to digital, storing this information on databases and in the cloud, the issue of how secure this information is and what should actually be recorded and retained has become of greater concern.
It’s not just school records in the spotlight either. Teachers using apps to monitor behaviour, school cafeterias using palm scanning technology to purchase meals, and social media sites being used to trade information on classes and school sports are all causes for concern when it comes to privacy.
Alarmingly, a recent survey in the US by Common Sense Media showed that only 13% of respondents knew “a great deal” about how their schools collected, used, stored and destroyed student data. Their results can be seen in the infographic below.
The backlash and response
The good news is that data security and privacy for students is an issue that is starting to garner more awareness in the media and with parents.
Recent cases around the world that have made the news include:
- Government departments being held to task over security lapses in school bus cards that exposed personal data of students;
- Concerns about a new primary school database that keeps students’ personal details, including religion and ethnicity, on file until their 30th birthday; and
- A $100 million database used to store “test scores, learning disabilities, discipline records – even teacher assessments of a child’s character” being scrapped after an outcry from parents and civil liberties groups.
In response to growing fears of student data being sold to third parties, identity theft and personal information finding its way into the public domain, governments are finally taking action.
Last week in the US, President Barack Obama unveiled the Student Digital Privacy Act to ensure that data collected by schools is used solely for educational purposes and cannot be sold on. It’s legislation based on a recently introduced Californian law “prohibiting educational sites, apps and cloud services used by schools from selling or disclosing personal information about students from kindergarten through high school; from using the children’s data to market to them; and from compiling dossiers on them.”
Australia also updated its privacy laws last year to regulate the collection, storage, use and disclosure of personal information by independent schools.
What can parents do?
For anyone concerned about student privacy and data, there are a number of things you can do to help keep sensitive information safe.
- Educate and get educated
The number one thing parents can do is to learn about the data collection practices and student privacy issues at their child’s school. Find out what systems are currently used, and read up on the company’s services and policies.
Keep abreast of any new technologies or systems being used by the school.
You should find out what data is collected, for what purpose it is used and with whom it is shared. Look into your rights to access the information or to opt-out of such services and ask about what policies are in place if these systems are breached.
It is also important to teach your child about keeping their information safe and the dangers of sharing it with others.
- Know your rights
A quick search online will help you understand your rights when it comes to data collection and storage. Ensure the school and third party vendors are adhering to them. Schools should be transparent when it comes to your child’s information. If they’re not, question why.
- Watch the news and be vocal
Follow any story about changes to laws and new legislations that may affect student privacy. Let your school know of any concerns you may have with new laws or with new and current systems being used. The closure of the aforementioned $100 million database shows the power that parents and lobby groups can wield.
It doesn’t have to be Data Privacy Day for us to keep the issues of data privacy and security in our sights. Being aware and raising awareness of the safety of you and your child’s personal information should be an everyday concern not only for you but also for your child’s school. Technology can make a teacher’s job much easier, giving them more time to spend with students.
It’s our responsibility collectively to ensure the products that make our lives easier are also safe for us to use.