Today’s elementary and high school classrooms are trading in pencil and paper for a more digital solution that comes in the form of Chromebooks and iPads. With this continuing trend, the Electronic Frontier Foundation (EFF) started a campaign called “Spying on Students,” which aims to educate parents and school administrators about the potential dangers of these devices in the classroom. Google has been accused of endangering students’ privacy, and the EFF filed a report against the search giant to the Federal Trade Commission.
The EFF examined two of Google’s products -- the Chromebook and the cloud-based Google Apps for Education. The main issues comes from the Chrome web browser. By default, the Sync feature on Chrome is on when a school-supplied Chromebook is used, and the software doesn’t ask permission from the students or their parents.
According to the EFF, this allows Google to “track, store on its servers, and data mine for non-advertising purposes, records of every Internet site students visit, every search term they use, the results they click on, videos they look for and watch on YouTube, and their saved passwords.” In addition, the administrative settings provided by Google for these school-based Chromebooks allow the information to be shared to third-party sites.
But it doesn’t stop once the Chromebook is turned off. Because they log in to the Chromebook with their Google account, the data gathered can still carry over to any device where the student logs in with his or her Google username.
The EFF said that the alleged intrusion in privacy violates the Student Privacy Pledge, of which Google is a co-signer. The pledge dictates that companies “not collect, maintain, use or share student personal information beyond that needed for authorized educational/school purposes, or as authorized by the parent/student,” as well as prohibiting the sale of student information.
However, the same pledge also allows Google to obtain student personal information that is authorized by the school, teacher, parent or student. Granted, the company must disclose in a contract or privacy policy what types of personal information is collected, the purpose for the collection, and if it’s used by or shared with a third party.
By having the Sync option on by default in each new Chromebook, Google seems to break these rules, by not offering students a choice in the matter and collecting their information from the moment they log in to the device.
However, it’s taking some steps to remedy the problem. Google told the EFF it’s working on disabling the setting on school-provided notebooks that activates the Chrome Sync feature so that information isn’t shared with other Google services. In terms of Google Apps for Education, the company said that the service doesn’t show ads when a user opens one of the apps in the bundle (such as Google Docs, Gmail or Talk). However, a few popular apps, such as YouTube, Google Maps and Blogger, can show ads because they’re not part of Google Apps for Education.
Despite Google’s efforts, the EFF believes that the preventative measure isn’t going far enough in protecting the privacy of students. For now, the group posted two blog posts that teach parents and students how to adjust the privacy settings on their Google accounts and Chromebooks. We contacted Google for comment on the filing, and will update accordingly.
Update, 12/2/2015, 2:42pm PST: Google responded to the EFF's claims with a post by Jonathan Rochelle, the director of Google Apps for Education on the Google for Education blog. The company said it's confident that "our tools comply with both the law and our promises, including the Student Privacy Pledge, which we signed earlier this year," and also pointing out that The Future of Privacy Forum and The Software and Information Industry Association (co-authors of the Student Privacy Pledge) criticized the EFF's claims.
Google also reiterated the function of its classroom services. For Google Apps for Education, specifically its core services such as Gmail, Drive, Docs, and Hangouts, the personal data is used to provide the actual services so that students can communicate through Gmail or collaborate on a project with Google Docs. In addition, there are no ads in any of these services, and student data isn't used for advertising purposes.
In terms of Chrome Sync, Google stated that the feature is used so that students can quickly get to work on any system where they have to log in with their Google account, creating a personalized experience on any device. The company did state that certain data is collected from Chrome Sync, but information regarding individual users is removed before it's analyzed by the company in order to improve its services. Administrators, students and teachers can also disable Chrome Sync entirely, or hand-pick which information to sync with the feature.
Finally, apps that are not part of the Google Apps for Education suite, such as YouTube, Google Maps, and Blogger, can be blocked by schools so that they're inaccessible. Rochelle wrote, "We are committed to ensuring that K-12 student personal information is not used to target ads in these services, and in some cases we show no ads at all," citing Google Search as an example where no ads are shown when a student is logged in.
______________________________________________________________________
Rexly Peñaflorida II is a Contributor at Tom’s Hardware. He writes news on tech and hardware, but mostly focuses on gaming news. As a Chicagoan, he believes that deep dish pizza is real pizza and ketchup should never be on hot dogs. Ever. Also, Portillo’s is amazing.
Follow Rexly Peñaflorida II @Heirdeux. Follow us on Facebook, Google+, RSS, Twitter and YouTube .
