Amidst mounting public awareness about risks to digital privacy, delegates at the 2017 B.C. Teachers’ Federation (BCTF) Annual General Meeting approved a six-part recommendation on Saturday about student-data protection.
It states “employer-mandated digital programs for reporting and communication with parents should only be used when privacy impact assessments have been developed and district, school, and classroom policies have been defined and are followed.
It also says district, school, and classroom policies should include definitions of how the data will be used during the time that it is being collected (e.g., a school year), whether it will be saved and accessible after the current use, and if so, who has access to that data, and a plan for how and when the data will be destroyed.
It adds that students and parents should have access to all privacy impact assessments and technology-use policies and that “all data created by a student should be recognized as belonging to the student and not to the provider of the program, nor should it be used for any commercial purpose nor linked to other education, government, or commercial databases.”
It also says school districts must provide teachers with relevant training, technical support and legal indemnification.
Data privacy’s a hot topic in these Trumpian times and teachers are right to raise these issues.
With reports that Canada’s privacy commissioner is investigating Canada Border Services for searching travellers’ electronic devices and concerns they may be downloading their contents, professionals in many fields are rethinking how they protect client or patient data when they cross borders — especially into the US.
This is adding to growing concerns about how school boards can protect student data during what is being described as a period of cultural lag.
The BCTF’s Research and Technology Director, Larry Kuehn, says that while B.C. privacy legislation requires a privacy impact assessment on any of the digital tools being used that collect data, they may not be easily or publicly available for parents to see.
“Any parent should be entitled to see it for any technology that their child is expected to use, as well as district, school and classroom policies on the use of the technology,” adds Kuehn.
He says “enthusiasts” will often jump on something that seems to have promise without looking into the implications and that while raising questions can be a pain for those who just want to get on with using these tools, it’s important to make people think about the implications.
Indeed. With student records and reporting going increasingly digital with programs like MyEducation BC and FreshGrade, educators face new challenges to ensure they’re complying with privacy legislation and keeping student information out of the wrong hands.
In 2015 B.C.’s information and privacy commissioner investigated the Ministry of Education’s massive data breach after it lost an unencrypted hard drive containing the personal information of 3.4 million students and staff members.
While I hope they’re now making student-data security a priority, my multiple requests for information about what they’re doing to support teachers, schools and school districts to secure student data went unanswered (if I get a response after this column is posted I will update it).
Despite the Education Ministry’s apparent complacency, others are raising the alarm and warning more needs to be done to ensure student privacy and intellectual property is protected.
Perpetual arms race with hackers
Vancouver-based technology expert Alexandra Samuel says “We are in a perpetual arms race with every hacker on the planet. Almost every system is going to have some kind of vulnerability, and often that vulnerability is the human beings who use a system every day.”