How can public education institutions prevent the loss of children’s data?

Avoid collecting it in the first place and require #edtech vendors to purge it annually from their entire supply chain. It sounds sensible, but it’s easier said than done in our post-pandemic world.

fd2c76d6 bfb0 4ad6 9cb8
Read the referenced article here: Students’ psychological reports, abuse allegations leaked by ransomware hackers (nbcnews.com)

Since 2016, school boards have been under continuous pressure to adopt cloud applications to ‘centralize’ and ‘modernize’ learning. Unfortunately, the security problems inherent in cloud technology can create vast privacy violations of children’s data in a public education setting.

From the lack of consent offered to families to the absence of independent security certification of these platforms, data protection problems have been plaguing many edtech platforms for the better part of the past decade. 

Fortunately, there are many steps that can be taken to alleviate the problem:

  1. industry standards exist to validate the often-outlandish claims of edtech companies
  2. vendors should be required to demonstrate evidence of independent security and privacy auditing
  3. teachers should be trained to recognize privacy issues and report security incidents

Most importantly, school board administrators no longer need to be cowboys (and cowgirls) when selecting potentially dangerous technology. They can now learn from numerous mistakes made by the industry and share those lessons learned with their peers, or even with parents. In effect, parents and children are in the ideal situation to ask questions about the collection and use of their own data, because it’s their current safety and future well-being that will be impacted in the event of another data breach suffered by a hapless school board at the hands of a negligent “edtech” snake oil salesman.