A user’s GAFE password becomes known another user, the other user can then impersonate them online.

Once notified of such a breach, system administrator(s) can suspend the Google account. The user (student) can then reset the password through the District “School Connect” portal, which will then sync the new password with the district GAFE platform. To determine whether a student has been impersonated online, further investigation by system administrators can find the IP address of a user’s log in, which may be useful in determining the validity of the complaint. The risk is not significantly different from the district’s current use of School Connect or First Class with grade 7-12 students.

Docs or email  with personal information is shared more broadly than intended.

We know that once something is posted to the internet, it is essentially out of our control. We also know that access to any online tool presents the risk of sharing personal or 3rd party information, particularly as students could use any online tool for personal, rather than educational purposes.

This risk is not significantly different with the Delta GAFE as with the current Delta student email system, First Class where students could potentially share personal or 3rd party information. While FirstClass email accounts are hosted within the district, sharing to any external email account would fall under FIPPA, as the majority of email providers (gmail, hotmail, yahoo, etc) are hosted on US servers.

The Delta School district recognizes the inherent risk of shared personal or 3rd party information and is mitigating this risk in a number of ways:

Through training. All staff and students will go through a introductory presentation on the GAFE platform, including what is acceptable and unacceptable data to share.

Through access to information. A district website has been created for staff to use which outlines the privacy issues in using the Delta GAFE platform.

Through privacy settings. The default setting for all Google Docs has been set to private. Therefore a staff or student must decide to make any Doc pubAlso, additional features have been added to disable students in grades 4-7 from sharing any Google Docs beyond the Delta platform.

Through limiting tool access. We have disabled many of the tools that are part of the Google Apps suite, including Google Sites, limiting the number of possible channels for information to be inadvertently shared. Limiting the number of tools also allows the distrit to filter and more closely monitor the types of information being shared within the Delta GAFE platform.

Through named accounts. As students use any online tool there is the potential for sharing personal or 3rd party confidential information. When students use the Delta GAFE platform, all their activity is tied to their account, meaning that the potential for any anonymous sharing is removed. Delta system administrators will be able to identify and possibly suspend any violations.

Using online tools such as Google Apps presents students with advertising, or sells student information to advertisers.

As per the Google Apps for Education Terms of Service, Google does not serve ads nor use customer data for the purpose of advertising.