Yes, if you use software to work on some sort of information, this software will have access to this information.
Yes, if you use SAAS software, this information will be processed by remote servers.
Yes, if you use proprietary software, you will not know exactly how is this information processed.
And finally, if you have someone who is willing to work as school clerk, given how much do these jobs pay and how interesting they are, this person will likely not understand the complexity of these issues and will be a little bit lazy with their job, so she probably will not present parents with all the relevant information.
Now, every single one of these facts seem obvious; how is combination of these facts warrant an article in one of the biggest newspapers all of a sudden?
And finally, if you have someone who is willing to work as school clerk, given how much do these jobs pay and how interesting they are, this person will likely not understand the complexity of these issues
I think that is naive -- the general population understands perfectly that Google tracks users and uses that information to display ads. The GAFE apps are covered by different terms of service that restrict the collection of information, but Google draws the line in plain English in their GAFE/GAFW copy:
We do not scan for advertising purposes in Gmail or other Google Apps services. Google does not collect or use data in Google Apps services for advertising purposes. The situation is different for our free offerings and the consumer space.
I think the reason why schools go for GAFE is clear and simple: the choice is between having personnel on staff for maintaining servers, computer labs, and troubleshooting students' devices; or outsource it nearly for free to Google.
This article is actually far less helpful an overview then the earlier article mentioned at the top "Google is tracking students as it sells more products to schools, privacy advocates warn"[0]. It is really only introducing one new angle to the debate which is interesting enough, but I recommend reading the earlier one first.
It raises the far more interesting point that Google's Apps For Education policies are very granular and services such as Google Search and YouTube are allegedly not covered under the primary agreement - they carry completely different T&C's and may be used for advertising and data harvesting. It is highly likely that students logged in to GMail or Google Docs and doing schoolwork will be doing searches and watching (hopefully) educational videos to learn more about a subject. Those activities may not be covered by the educational use privacy policy.
What percentage of parents know this, even among those that bothered to check the T&C's? Did they notice the exception? What percentage of teachers or school administrators take the initiative and disable all non-core Google Apps For Education services like Google Search (which are enabled by default)? This is the conversation parents and school administrators need to be having.
I don't begrudge a advertising giant like Google from relentlessly collecting and data mining users to manipulate them, that's what ad companies do after all. Savvy users and regulators know this and can take appropriate action to guide the less-technical with safe defaults. I do think the defaults here are not safe from a privacy perspective, and I wonder if the time has come to re-examine whether the non-core services not covered by the educational privacy terms should be disabled by default.
Now, every single one of these facts seem obvious; how is combination of these facts warrant an article in one of the biggest newspapers all of a sudden?
Obvious or not, will this combination of circumstances result in what can widely be perceived as improper? Is that not worth note, just because your insight to the mechanisms means you understand the state of affairs?
What I find far more... something than FERPA being described as "an obscure law," is how brazen and obvious Google is about breaking it.
If Google is a "School Official," their FERPA obligations do not stop at any point short of/when operating in that capacity.
Further, the idea that they can somehow "switch hats," and somehow maintain discrete sets of both FERPA and non-FERPA behaviors is at best naive, and at worst a conspiracy to commit various felonies.
The money shot of the article: EPIC didn't have standing when they filed their lawsuit, not that they were wrong with regard to laws being broken. With that, I hope entire school districts of parents with school age children file suit.
The judicial branch's abuse of "standing" to refuse to hear cases is one of the great injustices in USA.
This was a huge deal in the USA PATRIOT domestic spying cases, where courts refused to hear lawsuits about spying, because plaintiffs couldn't prove they were being spied on before they won the right to collect evidence, because it was illegal for libraries/banks/IT companies disclose the spying!
Most privacy-related school laws are "obscure" from the point of view of mainstream press.
The average American does not care to the level of granularity needed to even raise the question of whether Google (a company many people trust with their private email accounts) is a trustworthy steward of private student information.
As a parent with a child entering Kindergarten this upcoming school year, and as an avid privacy and free software advocate, I'm not looking forward to the types of discussions that I'm likely going to have to have with our schools. The reality is that these aren't systems that are easy to roll back---it costs a lot of time and money to implement, and then you have vendor lockin.
So while I can hope for a receptive district, action is probably going to be more difficult. My hope is that they haven't ddone anything too disagreeable yet.
Does anyone else have any personal experiences working with their schools?
I'm as adverse to reinterpretations like this as anyone but what might be more interesting or actionable would be evidence of what data Google are collecting and how Google are using this data.
How is that gonna work? You can't just sniff the traffic between Google and the students(SSL & stuff), and I very much doubt that Google itself will let you take a look in their datacenter.
[+] [-] golergka|10 years ago|reply
Yes, if you use SAAS software, this information will be processed by remote servers.
Yes, if you use proprietary software, you will not know exactly how is this information processed.
And finally, if you have someone who is willing to work as school clerk, given how much do these jobs pay and how interesting they are, this person will likely not understand the complexity of these issues and will be a little bit lazy with their job, so she probably will not present parents with all the relevant information.
Now, every single one of these facts seem obvious; how is combination of these facts warrant an article in one of the biggest newspapers all of a sudden?
[+] [-] microtonal|10 years ago|reply
I think that is naive -- the general population understands perfectly that Google tracks users and uses that information to display ads. The GAFE apps are covered by different terms of service that restrict the collection of information, but Google draws the line in plain English in their GAFE/GAFW copy:
We do not scan for advertising purposes in Gmail or other Google Apps services. Google does not collect or use data in Google Apps services for advertising purposes. The situation is different for our free offerings and the consumer space.
I think the reason why schools go for GAFE is clear and simple: the choice is between having personnel on staff for maintaining servers, computer labs, and troubleshooting students' devices; or outsource it nearly for free to Google.
[+] [-] tombrossman|10 years ago|reply
It raises the far more interesting point that Google's Apps For Education policies are very granular and services such as Google Search and YouTube are allegedly not covered under the primary agreement - they carry completely different T&C's and may be used for advertising and data harvesting. It is highly likely that students logged in to GMail or Google Docs and doing schoolwork will be doing searches and watching (hopefully) educational videos to learn more about a subject. Those activities may not be covered by the educational use privacy policy.
What percentage of parents know this, even among those that bothered to check the T&C's? Did they notice the exception? What percentage of teachers or school administrators take the initiative and disable all non-core Google Apps For Education services like Google Search (which are enabled by default)? This is the conversation parents and school administrators need to be having.
I don't begrudge a advertising giant like Google from relentlessly collecting and data mining users to manipulate them, that's what ad companies do after all. Savvy users and regulators know this and can take appropriate action to guide the less-technical with safe defaults. I do think the defaults here are not safe from a privacy perspective, and I wonder if the time has come to re-examine whether the non-core services not covered by the educational privacy terms should be disabled by default.
[0]https://www.washingtonpost.com/news/the-switch/wp/2015/12/28...
[+] [-] forgottenpass|10 years ago|reply
Obvious or not, will this combination of circumstances result in what can widely be perceived as improper? Is that not worth note, just because your insight to the mechanisms means you understand the state of affairs?
[+] [-] MikeNomad|10 years ago|reply
If Google is a "School Official," their FERPA obligations do not stop at any point short of/when operating in that capacity.
Further, the idea that they can somehow "switch hats," and somehow maintain discrete sets of both FERPA and non-FERPA behaviors is at best naive, and at worst a conspiracy to commit various felonies.
The money shot of the article: EPIC didn't have standing when they filed their lawsuit, not that they were wrong with regard to laws being broken. With that, I hope entire school districts of parents with school age children file suit.
[+] [-] tamana|10 years ago|reply
This was a huge deal in the USA PATRIOT domestic spying cases, where courts refused to hear lawsuits about spying, because plaintiffs couldn't prove they were being spied on before they won the right to collect evidence, because it was illegal for libraries/banks/IT companies disclose the spying!
[+] [-] fixermark|10 years ago|reply
The average American does not care to the level of granularity needed to even raise the question of whether Google (a company many people trust with their private email accounts) is a trustworthy steward of private student information.
[+] [-] mikegerwitz|10 years ago|reply
As a parent with a child entering Kindergarten this upcoming school year, and as an avid privacy and free software advocate, I'm not looking forward to the types of discussions that I'm likely going to have to have with our schools. The reality is that these aren't systems that are easy to roll back---it costs a lot of time and money to implement, and then you have vendor lockin.
So while I can hope for a receptive district, action is probably going to be more difficult. My hope is that they haven't ddone anything too disagreeable yet.
Does anyone else have any personal experiences working with their schools?
[+] [-] analog31|10 years ago|reply
[+] [-] rubyfan|10 years ago|reply
[+] [-] timonovici|10 years ago|reply
[+] [-] cs702|10 years ago|reply
[+] [-] uBlockOrigin|10 years ago|reply
[deleted]
[+] [-] Animats|10 years ago|reply