Technology's in schools, but what about data privacy?

By Pradeep S. Mehta June 3, 2013

It is possible to monitor children’s Internet activity at home, but it’s different when they have access in places like schools
Great that schoolkids can work with the latest technology, but we must question the price our children might have to pay

Technology's in schools, but what about data privacy? DATA security and privacy issues of school-going children are of major concern in almost every country of the world. Most developed countries have already designed and implemented legislative provisions to safeguard the privacy of the most vulnerable section of the society: School-going children.

Alas, the developing world, including Malaysia and India, have yet to act.

While the developing world and its youth are embracing technology in all its forms and moving towards integrating it in all spheres of everyday life, there will always be a downside. Before anyone takes stock of the situation, it has already surpassed controllable limits.

For instance, in most countries, a person below 18 years is not legally capable of entering into a binding contract. Yet many sites ask for user identification and have no procedure to ensure that children under the age of 18 do not enter into any legally binding agreements.

The effect: Social action groups have filed public interest litigation in the courts to ensure that sites incorporate some safeguards to protect children below the age of 18 from entering into legally binding contracts.

While this scenario highlights the aspect of legality involved when children access social networking websites, there is another major issue which needs to be addressed before it is again too late to salvage the situation: The privacy of children.

It is somewhat possible to monitor the activity of children on the Internet when at home, but the situation becomes very different when they are given access to the Internet at places such as schools.

Governments, in their hope to embrace a more holistic and technologically savvy system of teaching and education, are encouraging children’s access to Internet services in schools. We are all familiar with such ‘free’ consumer services as Gmail or Hotmail. Today, many schools – in India, Malaysia and around the world – are contracting with Internet firms for institutional versions of these consumer services. Technology's in schools, but what about data privacy?

For example, Google offers Google Apps for Education, which is based on Gmail; while Microsoft offers Office 365, which relies on that firm’s email server software.

These ‘cloud’ services are very attractive to schools because they are not required to own any computers or software themselves. Instead, everything is handled by the firm providing the service. Furthermore, Google and Microsoft offer these services to schools around the world for little or no charge.

While it is commendable that younger children are able to work with computers and smartphones and sophisticated Internet services such as these, one must take a pause and question the price our children might have to pay for it.

The problem is that some (though not all) of the firms providing these cloud services make their money from advertising. In the consumer versions of their free services, these firms’ computers read the emails of their customers and watch the web pages that their customers visit. Then they create profiles of each user and use the profiles to target the users with online advertisements.

For adults who agree to such an arrangement, perhaps there is no objection. But when children are followed online and targeted in this way, there is a serious concern.

The risks of cloud services are that educational institutions no longer have as much control over the personal data. Prior to engaging in business with a cloud computing provider, an educational institution should conduct due diligence on the provider and make sure that the provider has a good reputation and good privacy and security practices.

The schools must be especially vigilant to ensure that the provider has pledged never to create profiles of what children do online for purposes of advertising or marketing.

In essence, giving data to a cloud service provider should be viewed as akin to sending children to a daycare centre. Great care and vigilance is required both in selecting a provider and in ensuring that the provider meets its obligations and performs well.

If the privacy of children is at stake and their personal information starts being used by reckless third parties purely for their own financial gains, it is time that we take a considered stand against such practices and make sure we afford our children a technological environment which is not only beneficial to their growth, but is also safe and does not encroach their person or right to privacy.

*Pradeep S. Mehta is secretary general of CUTS International (Consumer Unity & Trust Society), a public interest research and advocacy group. CUTS has been instrumental in advising governments to provide research-based capacity-building solutions to public and private sector enterprises, governments and students in the areas of competition policy and law, and economic regulation. He has published over 1,500 articles on issues related to consumerism, competition policy, trade and economics.

Related Stories: