Ask Slashdot: Explaining Cloud Privacy Risks To K-12 Teachers? 168
hyperorbiter writes "With the advent of Google Apps for Education, there has been a massive uptake by the K12 schools I deal with on signing students up with their own Google powered email address under the school domain. In addition, the students' work when using Google Apps is stored offshore and out of our control — with no explicit comeback if TOS are breached by Google. It seems to me that the school cannot with integrity maintain it has control over the data and its use. I have expressed a concern that it is unethical to use these services without informing the students' parents of what is at stake e.g. the students are getting a digital footprint from the age of seven and are unaware of the implications this may have later in life. The response has often been that I'm over-reacting and that the benefits of the services far outweigh the concerns, so rather than risk knee jerk reactions by parents (a valid concern) and thereby hampering 'education', it's better to not bring this stuff up. My immediate issue isn't so much about the use of the cloud services now, but the ethics over lack of disclosure in the parental consent process. Does anyone have ideas about defining the parameters of 'informed consent' where we inform of risks without bringing about paranoia? (Google Apps is just an example here, I think it applies to many cloud services.)"
What *are* the implications? (Score:5, Interesting)
This question needs a bit more detail. What *are* the implications of using these Google services? Is Google using the same boilerplate contract? Does it sweep emails for words and phrases to show advertising? Is it collecting anonymous data?
I think you probably need some school-specific clauses to address the particular privacy and safeguards but you haven't articulated any specific examples of areas where you think Google is falling short or why this might become a problem. Kids are going to have digital footprints as children. I might not like that very much, and as a parent I may try to limit it, but you can't stop it.
HOW do you teach the implications? (Score:4, Interesting)
Obviously there are valid issues. The question is not IF we should teach them, but HOW.
Right now there are few ways to articulate the risk. There is the vague handwaving education of "bad guys will steal it".
Even when doing this professionally it is difficult to fully understand what the risks are, who exactly the "bad guys" includes, the kind of stuff they want to take, and the reasons they want it. The bad guys may include governments, vandals, corporate espionage, advertisers, news agencies, and more. The stuff they want may include not just credit card numbers, but also patterns of what you like, where you go, and who you are with. That stupid-looking photo may be cute today, but it may destroy your bid for public office two decades later. The fact that your facebook friends have some overlap with a suspected terrorist may put you on a watch list. Knowing the bad guys, and knowing the data they are looking for, is hard.
Then you have the difficulty of explaining it clearly. It is hard enough to explain to a teenager that their quick goofy photos (or much worse, sexting) might, twenty years from now, prevent them from getting their dreams fulfilled. Sometimes it is easier to point out that public stupidity can prevent them from getting a job in three years, but even that seems difficult to teach.
Since that wasn't quite asked, here's the evolved question:
HOW do you teach K12 students about the risks in the digital world?
Re: (Score:2)
Even when doing this professionally it is difficult to fully understand what the risks are, who exactly the "bad guys" includes, the kind of stuff they want to take, and the reasons they want it
To that, you have to add, "Who gives a rip about little Johnny's 5th grade book report".
No company, not even Google themself, is going to dig through Johnny's school papers and test reports, because privacy violations would be financially devastating, as would the legal ramifications if it were found out, and what there is to gain is minimal to non-existent. What any kid does on the detail assignment level in school is of exactly zero value when evaluating employment opportunities or digging up dirt on pot
Re: (Score:3)
"Who gives a rip about little Johnny's 5th grade book report".
No company, not even Google themself, is going to dig through Johnny's school papers and test reports, because privacy violations would be financially devastating, as would the legal ramifications if it were found out
Who, exactly, would prosecute them if it is found that they have looked at the school papers of some kid in another country? Or made use of them in any way they wished? Hell, the TOS probably let them do that no matter where the kid is.
Not to speak of which, the secret police have a very long view. No, they're unlikely to be interested in a 12-year-old, but maybe they're interested in the kids parents or relatives. Anything in there that might be useful for blackmail? To target someone for kidnapping?
Re: (Score:3)
The MegaUpload case shows that it doesn't matter where the data resides. If the US wants it or wants it gone they will take it no matter what.
Re: (Score:2)
"Hi Johnny, I hear you like trains, I have been told you are constantly writing book reports about trains. I like trains too. I wrote a bunch of book reports about them when I was in school too. I have a lot of trains set up in my basement, would you like to come over and play with them some time? We can order some pizza from that place you like (that you wrote about going to for the summer vacation report in 6th grade). Oh and don't tell you mom
Re: (Score:2)
What privacy violations? According to TFA and several responses, the data is only nebulated[1] when the parents have given consent.
Imagine you hire someone who later does $BAD_THING that is loosely connected with something that he did at s
Re: (Score:2)
HOW do you teach K12 students about the risks in the digital world?
What ist thou going on about, English?
Re: (Score:3)
" it is difficult to fully understand what the risks are, who exactly the "bad guys" includes, "
To complicate things yet further, the identity of the good guys and bad guys aren't cast in stone for all eternity. Life happens, and sometimes good guys go bad, and sometimes bad guys go good. The fact that you were trustworthy a year ago doesn't necessarily mean that you are trustworthy today.
Re: (Score:2)
unless you end up on the sex offender list... like many teenagers... for posting pictures... It is a REAL problem.
Comment removed (Score:5, Interesting)
Re: (Score:2)
Which brings up what I was going to say -- people don't understand how computers work.
Re: (Score:2)
It is too late now... (Score:2)
You've brought the issue to light, and then documented publicly that it was aired.
My 1st concern, who agreed to the TOS for the wee ones, and were the parents aware that such a contract was being entered into ? Not sure what state or what In loco parentis http://en.wikipedia.org/wiki/In_loco_parentis [wikipedia.org]
status is in that particular area.
Re: (Score:2)
well... here's a potential implication.
the kids want to joke around and start sending emails to each other with subject lines of "lol let's shoot up!" when they mean that they'll meet in the cafeteria for some coke(coca cola).
somehow one of them has a pen pal(email pal) in Iran through some diversity program - and that has put him on the filters lists(because, doh, that's how you get on the list) - and then boom one day they get raided by the feds for either being part of a drug smuggling ring or in worse c
Re: (Score:2)
Is Google using the same boilerplate contract?
No, it isn't. It very specifically states that the advertising is turned off for Google Education accounts (thought, it isn't turned off for Google Non-profit accounts).
The only potential problem I see with a Google Education account is that the school owns all the content of the kid, and that the kid has absolutely no privacy from the school if he/she uses the gmail address provided by the school (Google Postini for instance allows a school administrator to archive indefinitely all the incoming/outgoing em
Re: (Score:2)
So people will have to learn early to treat their work/school accounts as non-private. That's a burden to put on school kids, I agree. And parents should be aware of it. But I don't think it's a five-alarm issue if discussed properly.
Re: (Score:2)
Why bother? It's not like the education types give a damn what happens to IT. We've been their 'enemy' for years.
You want to tell them the truth? Fine, tell them to sit down and shutup. IT, aka the people who actually went the extra mile for other people and gave a damn about the hardware / software that people were running has been officially taken around to the rear of the building, and double-tapped to the back of the end. Yeah, they cost money, they didn't always do things the way you wanted, or let you
Re:What *are* the implications? (Score:4, Informative)
"Send you child to a different school, speak with the school board, whatever it takes; you the parent have complete control..."
You're assuming a level of income and engagement that only exists at the high level. 1). The parents have to be educated on these issues *specifically*. 2). The parents need to have the money to make the changes you suggest.
You can't just change school districts. Generally, you're assigned a school based on where you live. Sending your kid to a different school means paying a penalty, at minimum, or paying for private school, where tuition can approach college-level. Can you afford to lay out $8,000 - $12,000 a year for your kid to go to a different school, while still paying property taxes to support the local ones? Keep in mind, you have to handle transportation to and from the school as well, which again, assumes you're rich enough to do so .
Of course there's home schooling -- provided, again, that you're rich enough to be able to afford not to work or have a spouse who can support your family on a single income. And it's a lot harder to be as engaged as a parent if you're the only one earning an income, leaving the house at 7 AM, and getting home 12 hours later to young kids who still need dinner made and homework checked.
All of *this* assumes that the school district itself properly understands the programs in question well enough to communicate them and that the programs are administered appropriately.
Re: (Score:2)
While I am not a parent myself,
You could have saved us a lot of reading if you had started with that line.
You are clearly out of touch with what happens (legally) in Public schools, including tagging [wired.com] and computer access.
Raising a kid to be ignorant of the wealth of information on the internet is probably a from of child abuse.
State curriculum mandates many things that the parents do not have control of.
And the idea that your children are your property is quickly vanishing from western civilization (and not a moment too soon).
Re: (Score:2)
You are taking many of my points to the extreme, in an attempt to extract hyperbole. While it is a valid strategy, in this case I don't see it working. I was not suggesting that one raises a child to be ignorant, but there is a difference between fostering ignorance and saying "go play on the internet" whenever the child asks
Pot. Kettle.
But besides that, I was replying to Dputiger, and it had nothing to do with anything posted by AC.
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
Mod parent up (Score:2)
I don't usually mod up ACs, but this is informative and well presented.
We've wrestled with this Google Apps for Education issue as well for a small non-profit I am a trustee of. Is it worth it for the privacy issues? Of course, if the NSA spies on everyone, maybe that is a moot point?
See also John Taylor Gatto on why the system is so hard to change. From:
https://www.johntaylorgatto.com/chapters/17b.htm [johntaylorgatto.com]
------
Power à 22
PLAYERS IN THE SCHOOL GAME
FIRST CATEGORY: Government Agencies
1) State legislatures, pa
Re: (Score:2)
In other words your statements are as useful as a nun's advice on blowjobs.
I can well believe that.
Re: (Score:2)
I seriously doubt the government mines the Internet accounts of seven year olds. Nevertheless, if it chooses to do so, not having school accounts won't stop it.
Re: (Score:2)
I seriously doubt the government mines the Internet accounts of seven year olds. Nevertheless, if it chooses to do so, not having school accounts won't stop it.
Well, evidently, they mine the metadata from cell phones of 7 year olds, so why not their internet accounts? Besides, how would the government know the account belonged to a 7 year old in the first place?
A bigger concern, however, would be whether these accounts are considered school records. If so, that could be a problem because in most states school records of minors are confidential. Putting them on a public server, might be problematic, particularly if there is a data breach or if Google mines the data
Re: (Score:2, Insightful)
Ethics be damned. It's our job to indoctrinate - errr, EDUCATE - these kids, as efficiently as possible, while wasting as much money as possible.
If we start warning parents and children that there may be consequences involved in our indoctrination courses, they may very well start questioning authority.
Where would THAT get us?
Re: (Score:2)
Re: (Score:2)
What "life skills" are being taught in schools today?
"Children, the big test next month will have THESE QUESTIONS on it! Let's start memorizing the answers now! Remember, the questions will be mixed, so none of you will see ALL of these questions, but all of you will see SOME of these questions. Sally, can you name three alternative lifestyles that might be more appealing that heterosexual married couples?"
Re: (Score:2)
Re: (Score:2)
In what schools are they teaching this science, math, and common sense?
Perhaps you are completely unaware of the percentages of high school "graduates" who are illiterate. If these graduates can't even read or write, how in hell cay you expect them to know science, math, OR common sense?
Data May Be *Safer* Overseas (Score:3, Insightful)
Re: (Score:2)
It's cloud data. You don't know where it is, and if you did it might not stay there. That's half the point of the cloud: Abstraction of services from physical equipment.
Even if you confirm it's hosted in the US for now, perhaps in a couple of months it'll be reclassified from 'active use' to 'inactive but required' and transferred from the US to a datacenter somewhere in northern Europe where the operator has more spare low-cost storage. Some major cloud operators like Amazon will even move virtual machines
Re: (Score:2)
It depends on the nature of the data and that of the entity seeking the data.
The EU, for example, has stringent privacy laws that relate to personal data stored by private organizations (e.g. corporations) -- such organizations are restricted on what information they can collect, disclose to others, how they use the data, etc. However, for things like email, providers are required to store metadata about emails for 6-24 months (depending on the member state) in case the authorities with to investigate somet
Re: (Score:2)
Hmm, fairly certain there was an article earlier about European countries handing data over en mass to the US.
So, safer overseas perhaps not.
Yup (Score:2)
>The response has often been that I'm over-reacting
Because you are.
Re: (Score:3)
>The response has often been that I'm over-reacting
Because you are.
Allowing children under 13 to disclose identifying information online, without parental consent, is not only a bad idea, it is illegal. Read up on the Children's Online Privacy Protection Act [wikipedia.org]. If these kids are using their real names, their photographs, or their email addresses online without written parental consent, then the school may find themselves in legal trouble. COPPA lays out some pretty specific rules, so if you are using the internet with kids under 13, you need to be familiar with that law.
Re: (Score:3)
And where did you get that any of this was being done without the parent's permission?
From the summary.
Re: (Score:2)
No. In the summary, OP said that this was being done 'without informing the students' parents of what is at stake'. That is, in the opinion of OP, the parents don't really understand this 'cause if they did they'd be as alarmist as he is.
OP is stirring the pot.
Re: (Score:2)
No. In the summary, OP said that this was being done 'without informing the students' parents of what is at stake'.
The summary also says there is a "lack of disclosure in the parental consent process." Just getting parental consent to "use the internet" or "use Google Apps" is not enough. Unless the parents are explicitly giving their consent to the disclosure of identifying information, then this school is breaking the law.
Maybe the OP is being alarmist, and he certainly doesn't appear to be very competent, but the obvious solution is to read the applicable law (which is COPPA), go down the legal checklist, and make
Technically incorrect (Score:2)
No. In the summary, OP said that this was being done 'without informing the students' parents of what is at stake'.
The summary also says there is a "lack of disclosure in the parental consent process." Just getting parental consent to "use the internet" or "use Google Apps" is not enough. Unless the parents are explicitly giving their consent to the disclosure of identifying information, then this school is breaking the law.
Maybe the OP is being alarmist, and he certainly doesn't appear to be very competent, but the obvious solution is to read the applicable law (which is COPPA), go down the legal checklist, and make sure his school complies.
Just because a child is enrolled in Google's "Apps for Education" as a matter of allowing their coursework to be monitored, have analytics applied to it by a teacher or their parents, and have the progress tracked by a teacher or parent in a uniform and API transparent way, doesn't meant that their schoolwork is being posted to reddit. You can search your ass off, and you will not find the kids work online, or even their name, unless they put it some place else, like Facebook or Slashdot, where the informa
Re: (Score:2)
Just getting parental consent to "use the internet" or "use Google Apps" is not enough.
I suspect that it is. This is incredibly specific really. If the school tells the parents that the student will be using Google Apps, the parents can research what the service does in detail if they wish.
Unless the parents are explicitly giving their consent to the disclosure of identifying information
What does that mean though? Every school consent form I've seen in the past few years includes 'may lead to the disclosure of personal information' someplace in the body text. What level of consent is needed in your view?
Re: (Score:2)
the parents can research what the service does in detail if they wish.
If you are claiming that COPPA allows "implied consent", you are flat out wrong. Parental consent must be explicit.
Every school consent form I've seen in the past few years includes 'may lead to the disclosure of personal information' someplace in the body text.
If their disclosure says that, they should be fine.
What level of consent is needed in your view?
My view is utterly irrelevant. All that matters is the view of the judge your lawyer is trying to convince that your organization was COPPA compliant after a parent sues you.
Look, this is not complicated. Google for "COPPA checklist", click on the first link, then read it. If you are compliant, fine. If not, fix the issues to get in compli
Re: (Score:2)
>The response has often been that I'm over-reacting
Because you are.
No he isn't.
See http://gawker.com/5637234/gcreep-google-engineer-stalked-teens-spied-on-chats [gawker.com]
in at least four cases, Barksdale spied on minors' Google accounts without their consent, according to a source close to the incidents. In an incident this spring involving a 15-year-old boy who he'd befriended, Barksdale tapped into call logs from Google Voice, Google's Internet phone service, after the boy refused to tell him the name of his new girlfriend, according to our source. After accessing the kid's account to retrieve her name and phone number, Barksdale then taunted the boy and threatened to call her.
In other cases involving teens of both sexes, Barksdale exhibited a similar pattern of aggressively violating others' privacy, according to our source. He accessed contact lists and chat transcripts, and in one case quoted from an IM that he'd looked up behind the person's back. (He later apologized to one for retrieving the information without her knowledge.) In another incident, Barksdale unblocked himself from a Gtalk buddy list even though the teen in question had taken steps to cut communications with the Google engineer.
First, make sure *you* understand the implications (Score:5, Insightful)
If you can't articulate what the implications are of using Google Apps for Education, then at least one of the following is true.
1) You don't actually have sufficient understanding of the situation
2) You're the wrong person to attempt being the spokesperson for the "opposition"
You need to be able to articulate your specific concerns regarding use of the service - not just make hand waving statements. If its bad that students have a "digital footprint" from age seven, explain *why*. And, even then, be aware that others may not share your concern (or may have adopted a fatalistic attitude about the situation).
Re: (Score:3)
If you can't articulate what the implications are then at least one of the following is true.
1) You don't actually have sufficient understanding of the situation 2) You're the wrong person to attempt being the spokesperson for the "opposition"
I very much agree with this. Unlike the IT worker in the headline I can articulate many of those implications. Unfortunately getting it through a child's view is difficult. Even communicating it to an ADULT is difficult.
We see these things on /. all the time:
* Goofy pictures as a teen, but as 47 year old fired from executive job due to bad public response.
* Seemingly innocent banter about being insane, Texas teenager in jail.
* Picture of children in a bathtub, ten years in prison for child porn.
* "Wh
Re:First, make sure *you* understand the implicati (Score:5, Insightful)
Don't forget the bit about posting comments insulting religious or political views, and then potential employers not hireing you over it. The annoying thing is it can't be proven: If an employer looks you up and finds you've been insulting his religion, he isn't going to give that as the reason in your rejection letter - you'll just get a generic form rejection saying 'your application has not been successful on this occasion.' It probably happens all the time.
Re: (Score:2)
Don't forget the bit about posting comments insulting religious or political views, and then potential employers not hireing you over it. The annoying thing is it can't be proven: If an employer looks you up and finds you've been insulting his religion, he isn't going to give that as the reason in your rejection letter
He doesn't have to, because that's not the only reason a rational adult wouldn't hire an internet warrior. He might choose not to hire you because you've made it clear that the majority of the people in your own culture are beneath contempt in your mind. That may not be a desirable quality in an employee, even if the potential employer doesn't disagree with your anti-religious views.
Re: (Score:2)
People change their appearances a lot as they grow up. Teenagers, especially girls, look so much alike that 10 years later it's virtually impossible to say "here, it's Jody Smith my coworker, taken 10 years ago when she was 16".
Re: (Score:3)
You also need to be able to explain why "their cloud" is less secure than "your cloud". The data / work is being stored on servers somewhere, and if students can access it there is ALWAYS the chance for some misconfiguration or breach that exposes their information. So with that understanding, you need to justify why storing stuff in house would be more secure than with google-- and the truth is, a lot of the time, its not.
Just how would you explain the risks? (Score:3)
We already have groups of people afraid of wifi, vaccines, and a host of other things that are non-issues. They are also disproportionately afraid that their child will be abducted (by strangers, or even by aliens).
Pretty much whatever you say will either be misunderstood by some subgroup, or deliberately misconstrued by another - and then a school faces the problem of providing a special exception* for some group of students that have been opted out.
* Note that I'm generally in favour of special exceptions in schools because children do have different learning styles and paces - but this would be a crazy addition
Re: (Score:3)
non-issue? people die and are sickened from vaccines (allergic reactions, bad batch of not totally deactivated virus, etc.)....but that's ok with you until your child flops over dead, right?
Re: (Score:3)
The number of lives lost as a result of vaccine reactions is far, far less than the number of lives saved by the elimination of what would otherwise be endemic and often fatal diseases. Overall, the vaccines are saver. People just percieve them as dangerous because their danger is obvious, while all the times their child *didn't* get polio are not so easily apparant.
Re: (Score:2)
I'm not an anti-vaccine person, but I think it makes sense to space them out a bit more. When I was a kid, I think I had under 10 things I was vaccinated for, and that was over multiple shots.
Nowadays, they shove cocktails into kids that have upwards of 60 pathogens in them. Why not give them a shot a month over a course of time, to give the body a chance to deal with things?
Vaccination is fine. The delivery seems kind of iffy to me, but I'm not a medical professional.
Re: (Score:2)
Nowadays, they shove cocktails into kids that have upwards of 60 pathogens in them. Why not give them a shot a month over a course of time, to give the body a chance to deal with things?
Vaccination is fine. The delivery seems kind of iffy to me, but I'm not a medical professional.
Yep, and a lot of them seem pretty useless to me. Illnesses that are as bad as getting a cold, ohhh we must vaccinate for that. Sexually transmitted diseases for 3 month olds, ohhh better protect those sexually active infants. I say get the serious ones and leave the other crap for the ill-informed lemmings to support the medical-industrial complex.
Re: (Score:2)
sure more people benefit than are harmed, but you made silly statement about "non-issues". there are indeed issues, another being that in the real world vaccine don't always work, and sometimes are made of the wrong strain of virus. vaccines have all manner of issues.
Re: (Score:2)
The seasonal flu vaccine is pretty useless in healthy people [chron.com], can have significant to serous side effect, and probably is not worth the risk in the general population.
We can get flu shots for free at work. I used to get mine every year, but the day after I got mine last year, I came down with the worst flu I can ever recall having, and it lasted about twice as long as usual. No warning signs, either. I have a hard time believing that it was just a coincidence, and I think I'll just go without the shot, next flu season.
That being said, I resent people who apparently can't do basic maths getting in a lather and telling me that I shouldn't protect my kid from serious childh
Re: (Score:2)
Protip: Human life's worth is not infinite. It's not worth saving at a possibly overwhelming cost to others. Stop being so selfish. People die, kids included, get over it. There's only so much you can reasonably do. Avoiding vaccines is not one of the reasonable things to do. I am a parent. Would I be heartbroken if my child died? Sure. This doesn't make me go apeshit crazy about minimizing risk to my children at all costs.
Re: (Score:2)
oh don't worry, we don't give a shit if you die. nor if your children die. avoiding a particular vaccine is a right a parent has, it is not your place to say what is reasonable for someone else to avoid. for example, last flu season wrong viruses used in making vaccines, the vaccine was largely useless. vaccines batches have been made that weren't deactivated, had wrong virus targeted, some caused neurological damage (famous pertrussis case in 1990s with over a thousand known victims), were useless or
Re: (Score:2)
People die and are horribly disfigured from house fires. I certainly hope you're keeping your child in a cave.
You sound just like the people from my parents' generation who refused to wear seat belts. They were convinced that they'd die in a fiery crash or drown in a sinking car, because the seat belt would prevent them from being "thrown to safety".
Re: (Score:2)
I only was pointing out it's foolish to say vaccines only have "non-issues".
So basically... (Score:3)
Re: (Score:2)
What bogeyman? If I was working for Google, I'd be very worried about not doing my job if I didn't go as far as possible at monetizing the data. Google is not in the business of wasting money offering free email accounts. I'm pretty damn sure they get full return on their investment, even if it's not something as obvious as showing targeted ads. Language corpuses of the size that Google has access to are not exactly something you can just buy on a street corner.
It's not paranoia. (Score:2)
In the cloud, or any other computer network, you have no privacy. What is there to explain, other than you voted for this?
what *are* the risks? (Score:3)
And what precisely are the implications and risks according to you?
What precisely do you think isn't being disclosed?
Re: (Score:2)
I don't see how that is "obvious" at all. How do potential employers screen you based on your cloud-based Google documents that will have been deleted decades ago? You need to take off your tinfoil hat.
Express your specific concerns in writing... (Score:5, Interesting)
It is an interesting point...
Sugget you do some research, (look into the big G's T&Cs), and write down exactly what you think the issue may be.
Try and be balanced, then fire it off to yor boss.
Your duty is then done, and your ass covered.
Re: (Score:2)
Ahem, "your"...touchpad too complex for old fart...
Overseas? (Score:2)
Re: (Score:2)
Re: (Score:2)
Perhaps the submitter is in a country where there are no Google datacenters.
Re: (Score:2)
Disaster recovery common sense says all the data of any importance at all is going to be stored at two datacenters in case of natural disaster. So one copy near the user for performance, and the other just goes wherever storage is cheapest. At a guess.
Paranoia is a problem? Why? (Score:4, Interesting)
Why is "bringing about paranoia" a problem? Where security is concerned, I generally consider paranoia to be a good default reaction to any situation until I understand it well enough to relax.
Explain the situation well and allow the parents and others to be as paranoid as they consider prudent. Don't try to manipulate them into being more or less paranoid just because you or the system think they should adopt a different mindset. You provide facts then it's their choice to make.
If, OTOH, you're excessively concerned about and wish to avoid creating paranoia you'll hamstring your efforts to be intellectually honest and technically accurate when you "define the parameters of informed consent."
Re: (Score:3)
'Why is "bringing about paranoia" a problem?'
Seriously. I do research with human subjects. If I don't have at least some people choose to decline participation at the point of informed consent, then I assume my consent isn't good enough - participating in any given research project is *always* not a good choice for at least one person.
Then again, you have the interesting situation that formal school-based education is not the correct solution for every single human; using google apps (or whatever cloud-ba
Easy to explain: (Score:4, Interesting)
It's easy to explain cloud privacy issues. We'll do it in terms of purses and wallets as those are common items of value that people understand can contain very private information:
Someone is doing the digital equivalent of asking you to keep your purse (or wallet) securely and have it available at all times for you. They won't try to steal the money or credit cards, etc in it (or whatever else of value if you choose to store it). Yes, there may be a security breach, but it's less likely than you dropping or forgetting your purse or wallet.
On the other hand, it means that if you put them in your purse (or wallet) they know how many birth control pills or condoms you kept in it and by when you used them what part of your menstrual cycle you're on or when you had a hot date that turned into an all night.
Now, extend that to your son or daughter that will have records on them from the time they enter grade school until, well... forever.
(In some ways it's not a big deal, but in some ways it is, and that rather graphic example gets across the level of info that can be mined from long term records.)
Software as a service, not cloud (Score:2)
Re: (Score:2)
It's several married females?
Mod whole article (Score:2)
Re: (Score:2)
That's what tagging is for.
Find the hot-button issue and drive it home (Score:2)
Every group of common people (in this case, teachers and/or school administrators in your particular area) tends to have one or two "hot button" issues; things that, when they hear, alarm bells go off in their head and they cannot be swayed otherwise due to past experience or ingrained culture.
Home in on whatever that hot-button is for these particular teachers and find a way to press it hard. Figure out how gmail and cloud services could be exploited against them in that context.
I know it's kind of a dirt
Only ethical option: Embrace it (Score:2)
Create a policy to let students know that everything they do on their account should be assumed to be readable by anyone, so treat it as if you are writing on the classroom blackboard.
In that proper context, it is still a wonderful tool, if used properly. I am sure any school would also su
Re: (Score:2)
Should we get rid of blackboards, too, because anyone can read what a student writes on it?
Blackboards typically can't be seen outside the classroom.
Blackboards are typically erased every hour or two.
Blackboards typically are not identically copied and archived.
Re: (Score:2)
No body cares.... (Score:2)
...except you, me, some other people that realise the full implications and the paranoid.
I work at a Further Education College (14 years upwards) with some Higher ed students (mature) and everyone's all very interested in my opinions about privacy and footprints in exactly the way any educated, engaged person might be about any interesting and important topic but they don't think it applies in their case.
I also stand up at my desk to work. If anyone asks, I'll tell them why. Everyone is interested and t
What are the school's alternatives? (Score:1)
If you're thinking that the schools could just offer their own email systems, have you figured out how much that will cost?
It sounds like you work as the school's email administrator. Since it sounds like you have a financial interest in the outcome of this, you should ju
While you're talking to them... (Score:2)
Maybe you could ask one of them to teach you how to write. Combined by" my arse.
Using vs. Storing (Score:2)
I think the OP would like some help articulating the problem and that's why he posted here. Beating him to death asking him to articulate is a waste of time. If he could articulate it reasonably at all he wouldn't be HERE!
My $0.02 on the cloud and the reason why I will never store information there, encrypted, overseas, or not. However, I do see things like SaaS via the cloud as a boon. Allow me to explain with the comparison of using the cloud for services and storing information in the cloud.
I have a fund
I worked in K12 for 15 years (Score:2)
About all you can do if you can't get someone to listen (and I'll bet you can't, and I'll tell you why) is to refuse to give your permission for your child to use the Internet as school. So why won't they listen?
Money.
When I left, there was a ~4 million dollar budget to renew and expand the email system (All teachers and staff, all kids, plus all parents, maybe e-mail for life like some colleges do, mail boxes that hold more than 512 megabytes and anti-virus). Google came in and moved everything to Google f
Informed consent would be good (Score:2)
The concern is "My immediate issue isn't so much about the use of the cloud services now, but the ethics over lack of disclosure in the parental consent process. Does anyone have ideas about defining the parameters of 'informed consent' where we inform of risks without bringing about paranoia? (Google Apps is just an example here, I think it applies to many cloud services.)"
I think transparency is a good thing. If the school system provides information to the parents about what kind of information will a
I did my master's thesis on elearning. (Score:2)
So, questions like this are interesting, but what I feel is more important is how effective is it going to be in the classroom? What most teachers and students are really concerned about is how can this better the student's learning and save the teacher time. Administrators care about the bottom line- the budget. If this, or any, technology meets those needs, questions about cloud privacy, and a lot of other things, go out the door.
But a very big thing to focus on is making sure the teachers know how to use
They're calling you paranoid? (Score:2)
There is a real issue here (Score:2)
There is a real issue here. Minors cannot enter into contracts in most states, so they cannot technically agree to the TOS for Google. The school is requiring the minors to use the accounts as part of the enrollment. That in and of itself is not a problem, but in most states, school records are confidential and these accounts are a type of school record. Therefore, if Google or anyone else does mine the data, then the school is in violation of state statutes and could be held liable. Now, it is quite possib
Check the regulations already in place (Score:2)
There are already laws and regulations in many states about what data can be stored where. Bringing up those rules, and pointing out how the work can be done more safely and follow those rules, can be far more useful than merely saying "we're at risk". The risks are very real, and your concerns well founded.
However, compare it to the security of most academic environments. The passwords are too often kept in the front office desks for easy access. The backup and recovery systems are often a sad joke, and th
Wrong country.. (Score:2)
I gather from your use of the "K-12" term that you're in the US (keep that in mind when you ask such questions).
Your challenge is that you're up against several decades of brainwashing to make you (and parents) believe that your privacy isn't worth anything that that it's somehow bad to insist that the state and companies respect the rights they signed up to when they accepted the Universal Declaration of Human Rights in 1948 (actually there's also such a thing as the right of the child, but both Somalia an
Re: (Score:2)
The poster is not in the US. ... He didn't say which non-US location he was in
Wild ass guess: New Zealand [slashdot.org]
Re: (Score:2)
It's pretty common in education to put your name on your homework.
It would be trivial for a big data analyst to figure out which alias is which student.
Re: (Score:2)
We do that quite often at the school I work at to identify the owner of lost USB sticks handed in to lost property. They sit in a box for a few days, and if no-one claims them then IT is asked to have a quick glance at the contents to identify the owner so they can be returned.
Re:Fight for your rights (which ones?) (Score:2)
I agree with our points as far as they go, and your effort is something to be proud of, but here are some other things to consider which others have raised, plus my own spin.
Most schools do not have the IT staff needed to run secure networks. Neither do many big companies, judging by news reports of various cyber breakins that show up on slashdot regularly. It is not easy to keep on top of every emerging threat from outside or inside. So from a liability perspective, on might argue the school is safer with