More students are learning online today than ever before, providing schools with an opportunity to track and measure data that can be used to personalise, and improve, young people’s outcomes in the classroom.
But while the volume of personal data generated by students offers some important opportunities for teachers and leaders, it also raises questions over the ownership, and management, of this data.
In 2015, US digital rights group Electronic Frontier Foundation (EFF) filed a complaint with the Federal Trade Commission (FTC) claiming that Google's use of data collected through the Google for Education program breached Section 5 of the Federal Communications Act.
“Despite publicly promising not to, Google mines students’ browsing data and other information, and uses it for the company’s own purposes," the EFF said in a statement.
There have also been exposés in recent years, such as The Social Dilemma and The Great Hack, which look at how the trust we put in ‘Big Tech’ can be breached for nefarious purposes.
In 2018, researchers from Deakin University and Monash University developed a smartphone app called ‘PDQ’ to show young people the ways their personal information is harvested by social media.
The feedback from the 27 participants, all of whom were aged 13-17 years, ranged from “surprising” and “unsettling” to “creepy” and “worrying”.
Dr Anantha Duraiappah is the director of the UNESCO Mahatma Gandhi Institute of Education for Peace and Sustainable Development. He says the scope of Big Tech’s influence and power to access our personal data presents some worrying implications for student privacy.
“The ownership of the data must rest with the learner. For young kids, this means that the ownership must rest under the trusteeship of the young kids’ parents or legal guardians until they turn 18,” Dr Duraiappah told The Educator.
“However, till then, their information cannot be released to anyone and that includes to authorities.”
Dr Duraiappah said the management of this data must rest with an “intergovernmental organisation” which has a hybrid mix of stakeholders ranging from countries, and industries – from private sector to Human Right organisations.
“The running of the data overseeing, its access and use, and misuse, would be governed by this intergovernmental organisation's technical body,” he said.
“This organisation must not be politicised, and the governance must be enshrined in the organisation’s charter when established”.
Dr Duraiappah and Dr Dan Shefet, a lawyer at the Paris Court of Appeal in France, recently proposed the creation of an international treaty designating custodian of personal data.
“This provides the details and blueprint of the management of the data. The treaty will lay out the responsibilities of the members, including their accountability,” Dr Duraiappah said.
“The treaty will also spell out dispute and conflict resolution mechanisms but more importantly the privacy of the learner and their data and how it can never be misused by anyone person, state or any other entity.”
Duraiappah said a treaty’s main strength is that it is legally binding and therefore ensures strict compliance to the goals, objectives and targets set out in the treaty.
“A special feature of any treaty overseeing the management of the common pool of data must be equity, fairness and accessibility to all learners across the world.”