Embedded Files
Digital Privacy in Education
Breaches in student privacy are real. Let’s take a couple of minutes to explore some real-world experiences that students and their families have encountered:
Student Data Collection
A third-grade student in California was permitted to not have a Google account for using Chromebooks in her class after her father intervened. At the end of the school year, the school district made it clear that there would be no exceptions made the next year. This student’s father assumed, like many other people do, that the law would prevent Google from collecting data on his daughter for advertising purposes. However, it isn’t so straightforward (Reitman, 2015).
University Data Breaches
In 2017, an Ontario university student was able to access the private information of the 2000 students and staff at the school. This included social insurance numbers, tax information and academic records (MacDonald, 2021).
Compromising Youth Data
Millions of current and former students across many school districts in USA experienced a cyberattack on Illuminate Education. This student-tracking software held data such as names, dates of birth, races or ethnicities and test scores of students. In some school districts, the data also included information about student tardiness rates, migrant status, behaviour incidents and descriptions of disabilities (Singer, 2022).
Privacy Laws and Their Application To Education
There are federal and provincial laws that govern personal information. One of the federal privacy laws is the Privacy Act, which applies to information collected by government institutions. All provinces have guidelines to protect information contained by government institutions and agencies of which school divisions belong to. Teachers need to be very careful to protect the personal information of the students and families with whom they work. “Report card data, student and personnel records, student pictures, website information and now computer and cellular phone data must be handled very carefully in order to protect the privacy (and sometimes safety) of those who are connected to the school” (Wallin et al., 2021).
Freedom of Information and Protection of Privacy Act
The Freedom of Information and Protection of Privacy Act (FIPPA) is provincial legislation that came into effect in October of 1993. Post-secondary institutions were added to the list of public bodies that FIPPA applies (University of British Columbia, 2019). The FIPPA serves two main purposes: to make public bodies accountable by allowing the public with access to records and to protect personal information from unauthorized collection, use, or disclosure by public bodies (King’s Printer, 2024).
Teachers and the FIPPA
British Columbia has one of the most rigid privacy laws of personal data in North America. In order to adhere to BC’s FIPPA regulation, teachers must implement three principles when faced with situations about privacy of student information:
“1. Give notice to students when they are sending/requiring them to send their data to a location outside of Canada
2. Provide knowledge of why they are doing this, and if required
3. Obtain written consent from students for doing so. You can apply these principles to almost any privacy situation to show you have done your due diligence”
(North Island College Teaching & Learning Supports, 2024)
Written consent is best practice when classroom work involves the use of social media, or when a faculty member or student uses web email services, like Gmail, and when a course demands the use of online textbooks or textbook websites for activities and knowledge testing. Each faculty member is responsible for making sure they are compliant with FIPPA regulations. FIPPA should be considered any time students’ personal, identifiable information (for example first name, student grades, etc.) is stored on a server outside of Canada, or the parent company that owns the server is situated outside of Canada. Students must be provided with notice, knowledge, and consent. (North Island College Teaching & Learning Supports, 2024).
Tools for Educators
Digital Citizenship Lessons
Digital Citizenship lesson plans for teachers to inform students from K-12 about relevant topics and help students take control over their digital lives.
Teaching Students about Privacy
A Guide to Privacy and Access to Information in Ontario schools is available that focuses on the privacy obligations of schools and school boards.
Khan Acadamy Online Data Security Unit
This unit teaches students about Personally Identifiable Information (PII) and how PII and other data can be tracked online (for example cookies). Students learn how attackers can get their hands on data and devices and how they can protect themselves.
Privacy Tips for College Students (Spirion, 2024)
Use a Virtual Private Network (VPN)
Avoid unsecured networks
Limit backups of devices
Use of strong and unique passwords
Do not click on suspicious links or download files from unknown sources.
Tools for Organizations
Watch this video to learn about the NINJIO cybersecurity awareness training that reduces human-based cybersecurity risk.
Google Sites
Report abuse