In the U.S. and around the world, millions of digital data points are collected daily from children by private companies that provide educational technologies to schools. Some examples: Knewton’s “adaptive learning” technologies record the keystrokes, answers, and response times of over 10 million students as they do their classwork. Naviance’s “Do What You Are” survey collects information about students’ personalities. Remind stores communications between teachers, parents, and students. Other technologies help schools and districts collect, store, and report data on student attendance, test scores and grades for state longitudinal data systems. Further, branded apps or websites to which children may be directed by their teachers or schools may collect IP addresses and other information such as the pages, content or ads children click on, what they download, what games they play, and so on. These data may then be sold to marketers and others.
A third of U.S. middle and high school students use mobile devices issued by their schools. Many others use their own devices for their schoolwork, using software such as the widely adopted Google Apps for Education. If you have children in school, chances are good that people and organizations you don’t know are collecting massive quantities of information about your children and using this information for purposes you know nothing about.
We don’t know much about how children’s information is used, or by whom, or for what purpose
Once data is collected and the company that collected it uses it for its stated purpose, there is little in law or policy that prevents the company from also using the information for other purposes, such as “product development.” It may also sell the information to others for their use or archive it for possible later use. Many bills bearing on student privacy have been introduced in the past several years in Congress and state legislatures, and several of them have been enacted into law. However, protection of student privacy remains limited.
Our recent report explores how corporate entities use their involvement with schools to gather student data and how those data may be used for marketing and other non-school-related purposes. Although most people probably know that digital marketers target and track children on the devices they use, many would be surprised to learn that schools now serve both as a portal to and reinforcer of digital marketing messages to children. In so doing, they lend companies that collect, sell, analyze, and buy data both enhanced credibility and access to vast amounts of education-related data.
Why does this matter?
When “screen time” is required for school, parents cannot limit or control it. The more information marketers have about children’s preferences, the more precisely they can target children with advertising and other content personalized to appeal specifically to them. By appealing to students’ interests and withholding novel or challenging information, marketers carefully shape children’s interests, attitudes, and anxieties over time. This threatens children’s psychological and physical well-being. The consumerist materialistic worldview promoted by marketers has been associated with higher rates of anxiety, depression, and other psychological distress, with chronic physical symptoms such as stomachaches and backaches, and, in teenagers, with increased smoking, drinking, vandalism, and other negative behaviors. In addition, the heavy digital promotion of “junk” food is associated with negative health outcomes such as obesity, metabolic syndrome, and diabetes.
What to do?
While education technologies hold promise for helping improve educational outcomes, they also hold the potential to harm students profoundly if they are not properly understood, thoughtfully managed, and carefully controlled, to ensure that they serve students’ best interests. Ideally, children will be protected at all levels: by the parents, teachers, and administrators who serve as the most proximal protectors of their privacy at their schools, and by the legislators responsible for enacting relevant policy.
We recommend that school districts develop strong privacy policies, and that district and privacy specialists review all contracts with educational technology and other providers to check specifically for provisions or omissions that enable third parties to monitor and/or exploit students for commercial gain. Although companies often market their products directly to teachers, teachers can protect children by using only those products vetted and approved by their districts. Teachers can also, through their unions, advocate for strong privacy policies and care in the introduction and use of education technologies in school.
Rather than rely on insufficient industry self-regulation, we recommend that policymakers adopt enforceable legislation. Such legislation will be most effective if its language eliminates loopholes; protects the wide variety of student data now being collected and shared; explicitly addresses potential commercial use of the data; and holds schools, districts, and companies with access to student data accountable for violations of student privacy.
The first step toward protecting children is recognizing that data tracking and targeted marketing, although conducted under-the-radar while children do their schoolwork, is prevalent and powerful. It is past time that policymakers dragged digital tracking technologies out of the shadows.