May 07 2019

Biometrics in Schools to Yield Security Benefits and Privacy Concerns

Biometrics have potential to improve security, while raising new questions about privacy.

Biometric technology is already part of the K–12 ecosystem, where administrators are using iris scans and “facial fingerprints” to grant access to buildings and computer labs, track attendance, manage lunch payments, loan library materials and ensure students get on the right buses. 

Biotech is also touted as a security measure, particularly for young students who haven’t yet mastered the use of passwords. 

“We wanted to use it for younger children to log in to launch pads for their resources,” says Serena E. Sacks, CIO of Fulton County Schools in Georgia, describing the school system’s exploration of facial recognition scans. “This is something that would make it easier for students to access digital resources without using anonymous or generic logins.” 

MORE FROM EDTECH: Check out how K–12 schools can use biometrics to measure student engagement.

Biometrics Prompt Districts to Consider Data Storage and Access

Like many districts, Fulton County has yet to implement the technology, both for logistical reasons (not enough cameras that can read scans, for instance) and out of concern for data privacy

If someday the district does implement a biometric program, says Hoke Wilcox, director of instructional technology, the login “would be kept locally, so it’s not something that’s stored elsewhere.”

That’s important, Wilcox says, because the expansion of biometrics in schools is likely to fuel questions about the security of those scans, on top of the worries about student privacy. 

Much of the data that schools retain is considered “directory information,” says Rachael Stickland, co-chair of the Parent Coalition for Student Privacy. That’s information such as students’ names, physical addresses, email addresses and other records. The chain of custody for that data, and what happens with it, isn’t always clear — especially when educational technology companies are bought and sold, she says. 

The same goes for information collected in behavior management apps and biometric applications. 

“There’s no real starting point and end point with so many apps out there and tech products that are getting data from every single angle,” Stickland says. “The concern is not only that it’s being put in the hands of hackers and leaked onto the internet but also being misused by companies themselves.” 

MORE FROM EDTECH: See how schools can access facial recognition software to boost security measures.

Experts Predict Expansion of Privacy Concerns in K–12 Schools

For parents to accept biosensors in their children’s schools, says Tovah LaDier, executive director of the International Biometrics + Identity Association, they need to understand what the technology is and how it’s being used, and schools can help with that. 

She also recommends that schools establish safeguards to govern who has access to biometric data and conduct regular audits to ensure databases are protected.

Concerns about apps that track data and don’t disclose what information they’re collecting is a big topic in Washington, D.C., Stickland notes, primarily in regard to the consumer data privacy. 

“Everybody assumes that education is different than the consumer space because we have a lot of laws on the books,” she says, pointing to legislation such as the Family Educational Rights and Privacy Act (FERPA), Protection of Pupil Rights Amendment and Children’s Online Privacy Protection Rule. “What we’re going to find is that it’s going to happen on a school level. At some point, we’re going to hit a tipping point of ‘Oh my gosh, this has been happening in schools as well.’”

Tatomm/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.