Parent investigates school's learning network, sounds privacy alarm
- When he found out that his childrens' school district in Los Altos, Calif., adopted online learning network Edmodo, parent and Cisco Systems engineer Tony Porterfield decided to check out the site's data security practices and found that it, as well as the learning network Schoology, didn't encrypt user sessions with Secure Sockets Layer protocol.
- Secure Sockets Layer, or SSL, is a standard encryption protocol that protects people logged into sites on open Wi-Fi networks from anyone trying to spy on their activities, and without it, Porterfield says strangers could hypothetically gain access student information and identify or contact those students.
- Edmodo spokeswoman Sara Mandel said that a completely encrypted version of the site has been available to "any school that chooses" since 2011 and that Edmodo is working toward having all users use that version, while Schoology CEO Jeremy Friedman said his company is going to site-wide encryption in the fall.
From the article:
... Although a federal law protecting children’s online privacy requires online services to take reasonable measures to secure personal information — like names and e-mail addresses — collected from children under 13, the law doesn’t specifically require SSL encryption. Yet school districts often issue only general notices about classroom technology, leaving many parents unaware of the practices of the online learning systems their children use. Moreover, schools often require online participation so students can gain access to course assignments or collaborate on projects.
“What we are finding with this type of database is that parents are uninformed,” says Khaliah Barnes, a lawyer at the Electronic Privacy Information Center. “Most don’t understand how the technology works.” ...
- The New York Times Read More
Follow Roger Riddell on Twitter