Edtech vs student data privacy: (The Learnit Memo 17/06/22)

Dear global education leader,?

Do you ever have the feeling you’re being watched? Chances are, you are. Open your maps app — a dot will show your precise location. Pop open your favourite social media site — the ads are likely to showcase things you’ve bought or searched for. It’s unsettling, yes, but it’s a bargain each of us has made (remember all those T&Cs you accepted without reading?) to have access to tech tools that make our lives easier.?

But what about data collection from subjects who can’t give informed consent? We live in an age of constant accountability in education, and with that comes a slew of data — a child’s background, their attendance, their attainment, their progress…even their trips to the loo. As the pandemic raged and the edtech sector rode in to provide much-needed solutions, the amount of student information in the system ballooned — and so did the number of concerns about how that data would be collected, stored and used.?

A report last month from Human Rights Watch shows that such concerns were warranted. Of the 150+ edtech platforms HRW investigated — all endorsed by national governments — a staggering 89% were found to have engaged in data practices that, as the report explains, “put children’s rights at risk, contributed to undermining them, or actively infringed on these rights”. That doesn’t point to the actions of a few bad apples; it shows that such unethical and unnecessary data collection is baked into the fabric of the edtech sector. That needs to change.

Even where data is collected in the right way, there are worries. It’s not just young companies that have issues: in February, Denmark’s Data Protection Agency said it wasn’t certain that Google’s education products complied with the EU-wide General Data Protection Regulation, which regulates data privacy. Cyberattacks are becoming more common, with education institutions a top target. In the past fortnight alone, a high-profile attack targeted student data in the biggest cities in the US, and the personal information of thousands of students in India and Israel was left exposed by a misconfigured server. Young people aren’t blind to what’s happening, either: over half of students are concerned about what’s happening to their data.??

So, how do we balance the privacy rights of learners with the power and potential edtech has to improve learning? There are examples to follow if we want to tame the wild west of the web. In the UK, the Information Commissioner’s Office implemented The Children’s Code last year, strengthening regulations on how data could be collected from young people. Similar legislation has been put in place in Ireland. And in Norway, an expert panel commissioned by the government recently outlined the four main dilemmas in balancing data privacy with improving educational outcomes, so that a more informed conversation could take place between all stakeholders.

And it’s a conversation we need to have. Every child has the right to a good education. But we need to make sure they have access to that without compromising the data privacy rights to which they are equally entitled.

Keep learning,

Sarah Cunnane, Director of Content, Learnit