SRVUSD strengthens cybersecurity in an effort to protect student privacy
October 27, 2022
During the 2020-2021 school year, students and teachers started using more online education applications due to remote learning. As many of these applications have become more prevalent even with the transition into in-person learning, the safety of these apps and the privacy of students remain in question.
Education Apps Privacy Concerns
The International Digital Accountability Council tested 123 educational apps and discovered that 79 were sharing student information with third parties. Information, such as names, email addresses, phone numbers and locations of students, was compromised.
The San Ramon Valley Unified School District (SRVUSD) goes through an extensive process to decide which education apps will be used in the classroom. The technology department is vigilant about the data security of students, which is protected by state law.
The district technology department requires educational software companies to sign the Student Data Privacy Alliance, a privacy contract, to ensure the safety of the students who use those apps. What is done to make sure that student data given to education apps aren’t being misused?
The Student Data Privacy Alliance
Greg Pitzer, the Director of Technology at SRVUSD, discusses the privacy contract that education apps sign upon making a deal with the district.
“The Student Data Privacy Alliance is a student data privacy contract that has been vetted by lawyers as they comply with all the California state laws around data privacy,” Pitzer explains.
The district is careful that companies sign the contract.
“We require that all software companies sign that contract. I don’t negotiate that. The contracts have been vetted by people who know what they’re doing,” Pitzer said.
The Addition of New Apps
The applications that teachers and students respond well to in the past often return to the classroom. New apps are added based on the needs of the schools.
“We are always looking for new apps that we think might fit the types of activities teachers are trying to do. We try to bring a couple of new applications each year to our library here and see how they resonate with teachers. Then they become part of the ongoing library of apps,” Pitzer said.
There is a protocol teachers use when they want to request a new app for the use of their classroom. As mentioned before, the contract is an important step of authentication. If the company refuses to sign the contract, students cannot be required to use that app in class. Although the contract protects student privacy, most data privacy laws only apply to students under the age of 13.
Who is actually protected by state law?
High School students’ privacy
“As a high school student you’re deemed qualified to determine whether you think it’s worth creating a digital footprint with that app. If you decide that you don’t feel that, you have the right to abstain from that and teachers should acknowledge that. But if there is a student data privacy contract in place, then there shouldn’t be any issues at all, ” Pitzer explained.
SRVUSD hopes to increase transparency between students and districts over student data privacy.
“We’re going to put that list of apps that have signed the contract on our technology website. You can go to the Student Privacy Alliance website and look up San Ramon Valley School District and see what we’ve approved. We also embedded that list on our website so it’s easier for anyone to find,” Pitzer said.
Cybersecurity threats
Although cybersecurity is a big issue, there are ways for students to protect their information online. On school devices, the most efficient way is to turn on Two-Factor Authentication. This form of authentication is extremely secure as it requires the user to confirm their identity through their secure school email address.
The largest cyber threats students face aren’t viruses or hackers — it’s social engineering for online threats or damage.
“Social media is always a big threat. Using social media to affect each other, creating fake accounts, kind of the catfishing type of behavior as well as pretending to be someone else. I think those are constant dangers that definitely affect one’s emotional welfare and sometimes even physical welfare, ”Pitzer said.
However, the district and professionals are working hard to overcome the evolving threats.
“This is kind of a constant challenge and something that we’re trying to do. We try to stay on top of it. The cybersecurity world is constantly changing and what kinds of threats we need to be aware of are too,” Pitzer said.