Dec 02 2020

ISTE20 Live: 5 Questions to Ask about Data Privacy During Remote Learning

As schools expand online learning, administrators should be proactive about safeguarding student data across all digital platforms.

More teachers are integrating technology as well as digital tools and free apps to better engage students in instruction — whether that happens in person, online or both. But as tech integration increases, so do concerns about — and threats to — student data privacy.

While many apps and tools created for education factor in safeguards for student data, this practice isn’t universal. Educators must navigate apps and websites with caution to prioritize the physical and emotional well-being of all students.

“You run into problems when teachers are using other applications that aren’t as educationally oriented,” Ben Cogswell, a teacher at Bardin Elementary School in California, said during a recent session of ISTE20 Live, the annual conference of the International Society of Educators. “They’re great for the classroom but don’t fall under the same guidelines.”

Cogswell — along with co-presenters Jill Bronfman, privacy counsel for Common Sense Media, and Nancy Nelson, CTE and instructional technology administrator at Chief Leschi School in Washington — explained the importance of developing strong data privacy policies. They also shared best practices for protecting students’ personal information in digital spaces.

Here are 5 questions, based on Common Sense Media’s 2019 State of EdTech Privacy Report, that K–12 administrators and other educators should ask to determine whether an app or digital tool sufficiently addresses data privacy concerns.


1. What Personal Information Does the App or Digital Tool Collect?

The first step to answer this question is to read the terms of service, privacy policy or other related policies, according to Common Sense Media. Look out for red flags such as misleading or scant privacy policies. Ideally, educational products limit the type and amount of personal data collected from users, but as technology has evolved, what qualifies as personal information has expanded to include biometrics such as facial recognition, fingerprints and voice recognition.

Try to gauge whether the user agreements extend to educators or parents. Look for language that expresses whether the app shares information with third-party companies or advertisers, and details what information is shared.

2. What Rights Do Users Have to their Data?

Evaluate statements about user’s rights and protections as well as any of the app’s safety features. It’s crucial to ensure that all students, teachers and parents have the power to review, access, modify, delete and export their personal information.

MORE FROM EDTECH: Learn four key questions to ask about ensuring data privacy during remote learning.

3. What Interactions Within the App or Digital Tool are Visible to Other Users?

Applications should hide the user’s interactions with other users, Bronfman said. Such restrictions will foster the physical and emotional well-being of all students. To further streamline protections for K–12 students, Bronfman advises establishing a “standard of care” for evaluating commercial apps. Common Sense Media provides a helpful vetting and review process for online apps, helping schools guarantee safety for students online.

4. Does the Application Include Advertisements or Tracking that Might Compromise Sensitive Information?

Commercial apps and websites, such as YouTube or Facebook, could be a great resource for instructional videos. However, these resources also use advertisements and data tracking that pose significant data privacy threats.

“Advertising does sneak in a lot of places,” Nelson said.

Responsible advertisers will restrict the use of personally identifiable information for third-party marketing, targeted ads, tracking or profile generation.

5. Is Parental Consent Required?

The Children’s Online Privacy Protection Act requires operators of websites, online services and apps to notify parents and get consent if they collect information on children younger than 13. COPPA requires those operators to “choose a method reasonably designed in light of available technology to ensure that the person giving the consent is the child’s parent,” according to the Federal Trade Commission.

Join EdTech for written and video coverage of ISTE20. Bookmark this page and follow us on Twitter @EdTech_K12.

uchar/ Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.