Data harvesting online teaching apps may be breaking the law: Internet Scambusters #1,027
Online teaching and test-sitting became essential educational tools during the pandemic, but it looks like they are continuing to be a part of schooling in the future.
So, parents may be alarmed to discover that the process can involve data harvesting that could eventually end up in the hands of scammers and sales-hungry firms.
This week's issue describes the worrying scale of the problem and what, if anything, you can do about it.
Let's get started…
Are Online Teaching Apps Spying On Your Kids?
Online teaching via education technology apps - EdTech for short - has become a big thing in recent years. But it's not just students who benefit. Providers are learning stuff too - by harvesting data about your kids and using it for who knows what purposes.
New research by the global Human Rights Watch (HRW) organization shows the vast majority of EdTech providers it surveyed were either spying or capable of spying on the kids they were supposed to be helping.
"We think our kids are safe in school online," the group says. "But many of them are being surveilled, and parents have often been kept in the dark. Kids are priceless, not products."
Now, the US Federal Trade Commission (FTC) has stepped in with a warning to providers that they could be breaking the law. If so, they face sanctions, including big fines.
The HRW study found that nearly 90 percent of the remote education tools they investigated were designed to send data about classes and individual students to advertising technology firms, including Google and Facebook. This would enable them to discover students' interests and buying behaviors.
Furthermore, in many cases, parents had no idea this was happening. Often, they gave permission for their children to use the technology without realizing they might also be giving consent to data harvesting when their kids signed in for their online lessons.
According to the Washington Post, one learning app used by 60,000 US schools contained code capable of identifying a student's unique ID from their phone or school-issued device, which could then be used to track them, learn what they were interested in buying, and push ads to them for these products.
Such ads, of course, may not only be for legitimate products but, as with all online commerce, can lead to scams and downloading of malware.
Mostly, it was school districts rather than parents who were at fault by failing to properly check out the privacy elements of learning apps. This was sometimes because they rushed into adopting the apps during the early days of the pandemic.
In a new policy statement, the FTC said: "In today's digital economy, children need to be able to learn to use technology and use technology to learn. Parents and schools, however, are forced to navigate an industry that is dominated by the commercial surveillance business model.
"These services have the capacity to collect a trove of personal information and there are serious concerns that this data may be used to build profiles of kids."
Among these concerns is a focus on the role of so-called test proctoring firms that monitor the behavior of students during exams, supposedly to identify online cheating. According to the nonprofit Electronic Privacy Information Center (EPIC), these companies use biometric monitoring, such as facial and fingerprint recognition, to collect data about students.
The data is then processed via artificial intelligence (AI) to analyze the possibility the user is cheating. EPIC says the AI is unreliable, but its use comes at a high potential cost to students.
"The growth of online test proctoring has all but forced many students to trade away their privacy rights in order to meet their academic obligations…" it says.
"Pointing a camera into a student's home for hours at a time can reveal sensitive details about a student's physical features, behaviors, disabilities, and family members and can induce undue stress on test-takers that undermines the integrity of exam sessions."
Protecting Children from EdTech Data Harvesting
Under current laws, EdTech providers can't require kids and parents to provide anything more than information that's essential to make an app work properly. Any data they do collect can't be used for marketing or advertising and can't be kept for longer than necessary.
Most of the firms identified by HRW and EPIC have denied allegations they are using the data inappropriately.
The FTC will step up its monitoring for abuses but it's up to school districts, other educational organizations, and teachers to ensure, on behalf of parents, that students' privacy rights aren't being signed away legitimately in the first place in the small print of EdTech contracts.
Parents can also play their part by highlighting their concerns, especially in light of the HRW report, and asking school districts what they're doing to protect their kids.
You can also review privacy settings in individual teaching apps. If you don't see any settings, try using the free Blacklight privacy inspector to see what's going on behind the scenes in any website - not just EdTech.
Samuel Levine, Director of the FTC's Bureau of Consumer Protection, said: "Students must be able to do their schoolwork without surveillance by companies looking to harvest their data to pad their bottom line.
"Parents should not have to choose between their children's privacy and their participation in the digital classroom."
This Week's Scam Alerts
Voicemail phishing: Fake voicemail notifications to Microsoft 365 and Outlook users are being used to phish for account sign-on information. Scammers know victims are far more likely to click on an email attachment that seems to be a voicemail rather than regular attachments. To add to their credibility, they also spoof the name of the sender, often pretending to be the victim's employer. Don't click!
No giveaways: Recent publicity for big number lottery prizes has tempted crooks to revive a longstanding scam in which they pretend to be winners wanting to give away some of their winnings to random people. Using SMS texts and emails, they usually spoof the names of actual winners so it looks like their offer is legit.
Recipients are told to call an untraceable number where they're instructed to pay "processing fees," which can run into thousands of dollars. Remember that, while many lottery winners have chosen to donate to worthy causes, there's no record of any of them ever giving away money at random. You're just not going to be that lucky!
That's it for today -- we hope you enjoy your week!