Last week we discussed tech in the home and how it relates to keeping your family safe. We looked at how YouTube was fined $170 million for violating the Children’s Online Privacy Protection Act (COPPA), the law that protects children by limiting what user information can be taken from children.
This week we’re looking at a few more examples of how big tech might be tracking children — and possibly violating COPPA.
Location-Based Tracking: Making Kids the Customer
Location-tracking apps are a double-edged sword. On the one hand, parents can breathe a little easier knowing their kids’ location. On the other hand, these apps can be dangerous.
Advertisers also love location-sharing apps because they help companies understand your kids’ habits and interests. But the apps’ data tracking threatens childrens personal privacy, and possibly run afoul of COPPA, as these companies aren’t always transparent about what they’re collecting and how they use the information.
Plus, they work by gathering precise location information on your children, and that tracking information is later sold to other companies. But what happens if that data is shared with the wrong people, or if that information is hacked? It could put your child at risk.
In its 2019 State of Kids’ Privacy Report, Common Sense Media evaluated hundreds of technology-related applications and services, 150 privacy policies from the most popular edtech applications and services, and the total App Store downloads during the past 12 months.
It recommends that if families choose to use these apps, parents should at least set ground rules: have strict privacy settings, avoid public location-sharing, and consider requiring that you follow your children on social media.
Remote Learning Privacy: ACLU Seeks Clarity
Remote learning during the COVID-19 pandemic has become riddled with threats to students’ online privacy. Many think there are insufficient measures to protect students’ online privacy.
Earlier this year, the American Civil Liberties Union of Massachusetts sought more information about how state education agencies are working to protect the privacy of both K-12 and college students due to remote education.
The ACLUM claims that the state’s education departments lack sufficient privacy protections to ensure students are not being improperly monitored or tracked by corporations and the government.
That’s why it submitted a public records request to understand what policies, guidelines, and training the Massachusetts Department of Education has in place related to remote learning and student privacy.
The ACLUM also requested access to records from the state about how school and federal agencies collect and share students’ health data and contact tracing information.
“Health privacy must be central to the government’s COVID-19 response, but at present, the public has not been privy to the government’s plans to ensure school-based testing data remains confidential. We seek records that we hope will provide transparency into how state government is handling critical student privacy matters related to remote learning and COVID-19,” the ACLUM wrote in a statement.
Kids and Chromebooks: Google Sued for Spying
Earlier this year, New Mexico’s Attorney General sued Google for tracking students’ personal information on education-focused Chromebooks without obtaining parental consent — thus, violating COPPA.
Google offers both G Suite for Education products (including Gmail, Calendar, Drive, Docs, Sheets, and other services) and Google Chromebook laptops to school districts across New Mexico at no cost.
Tracking student data without parental consent is illegal. The lawsuit claims that Google never obtained parental consent from the children under 13 using those Chromebooks. The types of information collected include geolocation information, websites visited, terms searched for on Google and YouTube, contact lists, voice recordings, and more.
In a letter to Google, Attorney General Hector Balderas demanded that the company immediately cease the practice, arguing that Google has been collecting “massive quantities of data from young children not to benefit the schools you have contracted with, but to benefit Google’s own commercial interests.”
Balderas also said this “partnership must be compliant with the law and put the safety of our children first, and so I demand that this conduct cease immediately.”
A Google spokesperson said that G Suite for Education “allows schools to control account access and requires that schools obtain parental consent when necessary. We do not use personal information from users in primary and secondary schools to target ads.”
On November 27, 2020, the U.S. District Court of New Mexico granted Google’s motion to dismiss, after the company claimed it had complied with COPPA by using schools as “intermediaries” and as parents’ agents for parental notice and consent.
The case is not over yet, as the New Mexico Attorney General’s office has filed a notice of appeal in the privacy case against children.
For more information on Chromebooks and privacy practices, check out Google’s page here.