Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Ask Slashdot: Explaining Cloud Privacy Risks To K-12 Teachers?

timothy posted about a year ago | from the use-a-car-and-donut-analogy dept.

Privacy 168

hyperorbiter writes "With the advent of Google Apps for Education, there has been a massive uptake by the K12 schools I deal with on signing students up with their own Google powered email address under the school domain. In addition, the students' work when using Google Apps is stored offshore and out of our control — with no explicit comeback if TOS are breached by Google. It seems to me that the school cannot with integrity maintain it has control over the data and its use. I have expressed a concern that it is unethical to use these services without informing the students' parents of what is at stake e.g. the students are getting a digital footprint from the age of seven and are unaware of the implications this may have later in life. The response has often been that I'm over-reacting and that the benefits of the services far outweigh the concerns, so rather than risk knee jerk reactions by parents (a valid concern) and thereby hampering 'education', it's better to not bring this stuff up. My immediate issue isn't so much about the use of the cloud services now, but the ethics over lack of disclosure in the parental consent process. Does anyone have ideas about defining the parameters of 'informed consent' where we inform of risks without bringing about paranoia? (Google Apps is just an example here, I think it applies to many cloud services.)"

cancel ×

168 comments

What *are* the implications? (5, Interesting)

Dputiger (561114) | about a year ago | (#44143223)

This question needs a bit more detail. What *are* the implications of using these Google services? Is Google using the same boilerplate contract? Does it sweep emails for words and phrases to show advertising? Is it collecting anonymous data?

I think you probably need some school-specific clauses to address the particular privacy and safeguards but you haven't articulated any specific examples of areas where you think Google is falling short or why this might become a problem. Kids are going to have digital footprints as children. I might not like that very much, and as a parent I may try to limit it, but you can't stop it.

Re:What *are* the implications? (-1)

Anonymous Coward | about a year ago | (#44143239)

The implications are severe, and may include malaria, rabies, and complete lunacy.

HOW do you teach the implications? (3, Interesting)

Frobnicator (565869) | about a year ago | (#44143345)

Obviously there are valid issues. The question is not IF we should teach them, but HOW.

Right now there are few ways to articulate the risk. There is the vague handwaving education of "bad guys will steal it".

Even when doing this professionally it is difficult to fully understand what the risks are, who exactly the "bad guys" includes, the kind of stuff they want to take, and the reasons they want it. The bad guys may include governments, vandals, corporate espionage, advertisers, news agencies, and more. The stuff they want may include not just credit card numbers, but also patterns of what you like, where you go, and who you are with. That stupid-looking photo may be cute today, but it may destroy your bid for public office two decades later. The fact that your facebook friends have some overlap with a suspected terrorist may put you on a watch list. Knowing the bad guys, and knowing the data they are looking for, is hard.

Then you have the difficulty of explaining it clearly. It is hard enough to explain to a teenager that their quick goofy photos (or much worse, sexting) might, twenty years from now, prevent them from getting their dreams fulfilled. Sometimes it is easier to point out that public stupidity can prevent them from getting a job in three years, but even that seems difficult to teach.

Since that wasn't quite asked, here's the evolved question:

HOW do you teach K12 students about the risks in the digital world?

Re: HOW do you teach the implications? (1)

hopelessliar (575886) | about a year ago | (#44143881)

I think this gets closer to the 'important' issues. Student data security, digital identities, privacy... And on we go. In terms of cloud based (or SaaS) I tend to believe that no sensitive information should be stored on a server that you don't physically control. It may not be more secure but hopefully it won't be mined and publicly available in 10 years. On the other hand, if you keep everything in house, you ignore the fact that even young kids may have a nascent digital identity that they need to be able to take with them when they leave your institution. It may be useful to have continuing access to their portfolio of work too. So sometimes informed trade offs have to be made. We approach this by publishing a set of student entitlements - total transparency aimed at defining what we will and won't do with their data (we try to protect their interests as best we can based on our own philosophy). Beyond this, there are 2 central tenets. 1) Each year, every student completes an age-appropriate e-safety course. 2) we insist they're able to come to us and leave with their own digital identity. So we don't force institutional email accounts on them and make every effort to ensure they can take their work with them when they leave. It's not a perfect world and everything we'd like to do isn't always possible. However, rather than reacting, 'aargh - google bad!' ; a policy that enshrines the students' entitlements might be a better way forward. Wrt email, both google and MS education would likely fall foul of our entitlements because they're essentially outsourced institutional accounts so the content can't be migrated when the student leaves. Solves your problem in a more positive way?? The truth is, most people don't care about this stuff so they will think you're overreacting. Maybe you are missing the more important points?We do what we do because we care about both privacy and portability. So step 1 is always education of the issues involved - hopefully leading to informed choices (& better privacy). Then we try to offer a balance of safe, portable and useful services. Some people still won't care, others will ignore all institutional services and use their own anyway. There's only so much one can do.

Re:HOW do you teach the implications? (1)

Anonymous Coward | about a year ago | (#44143901)

Then you have the difficulty of explaining it clearly. It is hard enough to explain to a teenager that their quick goofy photos (or much worse, sexting) might, twenty years from now, prevent them from getting their dreams fulfilled.

Honestly, if you ever apply for a job, or take on a public role, and something like that "haunts" you,

You need to move on with your life, and get the hell away from whatever you were applying for.

Nobody cares that you got drunk when you were 16. Nobody cares that there's a photo of you hitting yourself in the head with a pool noodle while naked from three summers ago. If anyone in a hiring department turns down an engineer because they "didn't like the guy's facebook profile" that person should be fired. No more questions asked, that is the stupidest hiring method I think I've ever even heard of.

Re:HOW do you teach the implications? (0)

Anonymous Coward | about a year ago | (#44144257)

Believe it or not, FB profiles get you hired or fired. They are constantly scanned by groups and reputation agencies, and one post that happens to get set to public permissions bellyaching about "please press 1 for English" will make someone be cataloged as a racist for life, and likely unhirable by businesses using any form of background checking. A post about financial difficulties can be just as devastating as a poor credit rating.

Lets now look at the competition. The floodgates have been opened by Congress for H-1B workers. Who is a hiring manager going to choose, a person with a full Cisco CCIE who is more than happy to work at $30,000 a year (and yes, I mean people with upper level certifications that are valid, who will work for $30,000 a year because there is a good chance they will get US citizenship, and will obey every order from an employer to get this.)

Those H-1Bs don't have the jangling can of Facebook accounts or public knowledge of all Bollywood works they have seen, or pictures on the Internet being seen with a lesser caste on a photo.

So, who will the manager choose? A US person who has all this stupid stuff on FB that a competitor could use as blackmail, and said US worker has to earn $60,000/year to pay student loans, or someone offshore that is easily obtainable that doesn't have anything that could be used as something to cause a company to lose face, is dirt cheap, is 100% loyal, and will put in far more hours in a week than the American?

Choice is obvious here.

This is what our kids are facing. People willing to work for dirt at any white collar job, and are willing to live five to a single room apartment to do so, just for the chance at getting a green card. People who will have full MCSM, MC-ITP, CCIE, RHCA, CISSP, and endgame certificates, as well as full college educations without student loan debt.

Schools need to think how much their students have against them. Storing stuff in the cloud is just as bad as not bothering teaching. Schools need to be cognizant of student privacy, and maybe a bit tolerant. If a student acts up, don't immediately haul them off to jail, perhaps assign detention? That way, one fuck-up won't cost a kid their future.

There is also FERPA laws, but what is ironic is that that and other corporate regs get ignored by educational institutions. There are other regulations that prevent schools from just handing their data out to anyone who might have a server farm in their basement to store data (equivalent to FISMA rules or Sarbanes-Oxley). However, those are usually set aside in the name of cost, and when something happens, the school district ends up paying more to rectify the problem than they ever saved.

But the educational industry in the US is a sham, with decades of failed and corrupted schools (NYC didn't even bother turning on air conditioners during finals week.) It is time to copy European countries which actually value education, and move to a voucher system. This way, if parents lose faith in the school system, there is a charter school ready and able to take students at no cost to them, and teachers might be able to teach. However, vouchers are a verboten topic because they might make fat, lazy, and incompetent middle admins in a public school district actually might have to do something.

Re:HOW do you teach the implications? (1)

icebike (68054) | about a year ago | (#44143903)

Even when doing this professionally it is difficult to fully understand what the risks are, who exactly the "bad guys" includes, the kind of stuff they want to take, and the reasons they want it

To that, you have to add, "Who gives a rip about little Johnny's 5th grade book report".
No company, not even Google themself, is going to dig through Johnny's school papers and test reports, because privacy violations would be financially devastating, as would the legal ramifications if it were found out, and what there is to gain is minimal to non-existent. What any kid does on the detail assignment level in school is of exactly zero value when evaluating employment opportunities or digging up dirt on potential candidates for public office.

Now if Johnny develops a 85mph fastball and a devastating curveball that he can control while on the high school baseball team, and that information becomes public, there may be ramifications. Oh, wait, that info is already public.

What a kid does in their google managed school email is probably more if interest to the School Administration while performing their job than anyone else. But it hardly matters because unless you go back to written assignments, ANY school support platform would be subject to the same scrutiny. Even one controlled strictly by the individual school.

Without knowing the writer's location, how can they state for sure that the data is stored off-shore, and if the writer was in the US, wouldn't having it off shore be better?

Re:HOW do you teach the implications? (2)

number11 (129686) | about a year ago | (#44144093)

"Who gives a rip about little Johnny's 5th grade book report".
No company, not even Google themself, is going to dig through Johnny's school papers and test reports, because privacy violations would be financially devastating, as would the legal ramifications if it were found out

Who, exactly, would prosecute them if it is found that they have looked at the school papers of some kid in another country? Or made use of them in any way they wished? Hell, the TOS probably let them do that no matter where the kid is.

Not to speak of which, the secret police have a very long view. No, they're unlikely to be interested in a 12-year-old, but maybe they're interested in the kids parents or relatives. Anything in there that might be useful for blackmail? To target someone for kidnapping? And down the road, if that 12-year-old becomes the country's leader, you don't think that it would be valuable for the secret police to have all his school work since he was a child? I'd think that would be very useful, especially if that country has something the US wants, or perhaps is not on good terms with the US (either now, or 30 years from now).

Without knowing the writer's location, how can they state for sure that the data is stored off-shore, and if the writer was in the US, wouldn't having it off shore be better?

The reasonable explanation is that the writer is not in the US. And we have made it clear that such people have no rights in the eyes of the US.

For a US citizen, having it offshore might be better. There's a lot of potential failure points, either way.

Re:HOW do you teach the implications? (2)

tsa (15680) | about a year ago | (#44144209)

The MegaUpload case shows that it doesn't matter where the data resides. If the US wants it or wants it gone they will take it no matter what.

Re:HOW do you teach the implications? (1)

tlambert (566799) | about a year ago | (#44144071)

HOW do you teach K12 students about the risks in the digital world?

What ist thou going on about, English?

Re:What *are* the implications? (0)

Anonymous Coward | about a year ago | (#44143397)

The "as a parent I can't stop it" argument rather bothers me. Why can't you stop it, they are your child, right? Unless it is something like getting a passport for international travel, it seems to me that it should be your choice what your child does and where they appear in the digital world. Don't allow them access to a computer that connects to the internet, for a start. Ask the teachers to limit your child's access to internet at school to the minimum. If you think that tagging student (an I use that term loosely) at a public school is wrong, you can stop it, at least for your child. Send you child to a different school, speak with the school board, whatever it takes; you the parent have complete control, the question is rather if you bother to use it.

While I am not a parent myself, I have parent who are educators in public schools (though I did not go to one) and thus have thought quite a lot about education and upbringing. I am not sure what in particular you are referring to here, but there seems to be an attitude among some parents that they have to get stuff or allow their child to have stuff they want, just to make sure the child "happy" all the time, or to allow them to "fit in," or any other excuse. This is simply not true. In many cases is it laziness on the parents' part.

I realize that at some point it is inevitable (and necessary) that a child grows up enough to use email and the internet. True, but it seems eerily early at six or seven to be signing a child up for email...

Re:What *are* the implications? (3, Informative)

Dputiger (561114) | about a year ago | (#44143617)

"Send you child to a different school, speak with the school board, whatever it takes; you the parent have complete control..."

You're assuming a level of income and engagement that only exists at the high level. 1). The parents have to be educated on these issues *specifically*. 2). The parents need to have the money to make the changes you suggest.

You can't just change school districts. Generally, you're assigned a school based on where you live. Sending your kid to a different school means paying a penalty, at minimum, or paying for private school, where tuition can approach college-level. Can you afford to lay out $8,000 - $12,000 a year for your kid to go to a different school, while still paying property taxes to support the local ones? Keep in mind, you have to handle transportation to and from the school as well, which again, assumes you're rich enough to do so .

Of course there's home schooling -- provided, again, that you're rich enough to be able to afford not to work or have a spouse who can support your family on a single income. And it's a lot harder to be as engaged as a parent if you're the only one earning an income, leaving the house at 7 AM, and getting home 12 hours later to young kids who still need dinner made and homework checked.

All of *this* assumes that the school district itself properly understands the programs in question well enough to communicate them and that the programs are administered appropriately.

Re:What *are* the implications? (1)

icebike (68054) | about a year ago | (#44143925)

While I am not a parent myself,

You could have saved us a lot of reading if you had started with that line.

You are clearly out of touch with what happens (legally) in Public schools, including tagging [wired.com] and computer access.

Raising a kid to be ignorant of the wealth of information on the internet is probably a from of child abuse.
State curriculum mandates many things that the parents do not have control of.
And the idea that your children are your property is quickly vanishing from western civilization (and not a moment too soon).

Re:What *are* the implications? (0)

Anonymous Coward | about a year ago | (#44144333)

Not to burst your bubble of superiority, but I do keep up with these developments. Both my parents are educators at the K-12 levels, and it is an issue that I am personally interested in as well.

You are taking many of my points to the extreme, in an attempt to extract hyperbole. While it is a valid strategy, in this case I don't see it working. I was not suggesting that one raises a child to be ignorant, but there is a difference between fostering ignorance and saying "go play on the internet" whenever the child asks.

Teach the child how something works, when it is useful, when it is not useful, and what are appropriate uses for it has been the parents' responsibility for the history of human kind. I don't see how it is different now that that thing is the internet. You wouldn't just give a child or teenager a rifle or a car and say "have fun," but it would be entirely reasonable to teach them the proper uses, under your instruction. (I had to slip a car analogy in somewhere).

Furthermore, I was not trying to imply that children are property, so much as the most important responsibility a person can have. It is the parents' responsibility that this child have the best they can. State curriculum policy is a good example: if you feel that the state or district is not providing as best it can, and you make an effort to know what the best practices are, you can try to effect change. If not enough parent are worried about it, you can always home-schooled or you move to a different state or county (assuming you have the means, which may not be a valid assumption).

Homeschooling is not outside the means of the majority of people, but it might imply a sacrifice for the parent. Giving up a $4 per day latte, or cable TV, or shiny new cars, expensive toys, or large house (etc.); and certainly a lot of time. To me, the sacrifice is something that one is willing to take if one decides to have children. While there is still state regulations, it is much easier to control the local environment to your liking (often this is an argument against homeschooling, but in this case it is a benefit).

Re:What *are* the implications? (4, Interesting)

hairyfeet (841228) | about a year ago | (#44143619)

Dude I've found what the meat of the matter is and its MUCH deeper than that...folks don't understand how the Internet WORKS, and THAT is a serious problem!

I work with ordinary folks 6 days a week and you'd be shocked how many truly believe the net is this big ball of blackness where things just disappear,never to be seen again, that these websites only know they are there when they are there, its a serious problem man. i had a customer just the other day set him up a Yahoo Chat (Boy MSFT shot themselves in the foot by killing Live Messenger, been a LOT of folks jumping ship lately) and he was shocked! shocked i tell you! That Yahoo had names showing up under his friends that he hadn't spoken to in like half a decade. he honestly thought that once he had stopped talking to people that was it, that just went poof and it was like it never existed.

So I think even before we talk about this specific case we really need to figure out how to explain how this thing we call the net REALLY works, because frankly its this misconception that the corps are using to gather all this info and data on us. Folks just don't understand that once something reaches the net it NEVER goes away, delete means nothing, its ALWAYS on a server somewhere.

Re:What *are* the implications? (1)

turkeydance (1266624) | about a year ago | (#44144143)

try this: "the cloud is just somebody else's computer." in other words...they've got your stuff.

Re: What *are* the implications? (0)

Anonymous Coward | about a year ago | (#44143819)

prism?

Here is the detail... (0)

Anonymous Coward | about a year ago | (#44144249)

My school uses Google Apps for Education and I was the first to question FERPA compliance. There is a contract involved with guarantees:

http://www.google.com/enterprise/apps/education/benefits.html

At this point, I am perfectly comfortable using Google with my students, but have other sites like Facebook blocked by my proxy (Untangle). As long as the cloud hosting company bears the burden of liability and has procedures for the handling, access, and destruction of data, in full compliance with FERPA, I am OK with it.

If you are wondering, I teach routing and switching (Cisco), and understand the technology well.

It is too late now... (1)

Archfeld (6757) | about a year ago | (#44144379)

You've brought the issue to light, and then documented publicly that it was aired.
My 1st concern, who agreed to the TOS for the wee ones, and were the parents aware that such a contract was being entered into ? Not sure what state or what In loco parentis http://en.wikipedia.org/wiki/In_loco_parentis [wikipedia.org]
status is in that particular area.

Re:What *are* the implications? (1)

gl4ss (559668) | about a year ago | (#44144417)

well... here's a potential implication.
the kids want to joke around and start sending emails to each other with subject lines of "lol let's shoot up!" when they mean that they'll meet in the cafeteria for some coke(coca cola).

somehow one of them has a pen pal(email pal) in Iran through some diversity program - and that has put him on the filters lists(because, doh, that's how you get on the list) - and then boom one day they get raided by the feds for either being part of a drug smuggling ring or in worse case for planning a terrorist attack.

the potential for them to get raped by a janitor who knows where they are is higher if the server is inside the janitors closet, but the potential for them getting raided and scarred by the feds for nothing are higher if the mails are part of some autoalert system nobody knows the keywords for and the kids aren't aware that such a system exists in the states. of course, how do you explain to them that while trying to explain them in civics class how china is a bad place because they monitor your network activity and stamp on your freedom in private circles is another big problem I suppose...

Re:What *are* the implications? (1)

stephanruby (542433) | about a year ago | (#44144425)

Is Google using the same boilerplate contract?

No, it isn't. It very specifically states that the advertising is turned off for Google Education accounts (thought, it isn't turned off for Google Non-profit accounts).

The only potential problem I see with a Google Education account is that the school owns all the content of the kid, and that the kid has absolutely no privacy from the school if he/she uses the gmail address provided by the school (Google Postini for instance allows a school administrator to archive indefinitely all the incoming/outgoing emails from a gmail account under the control of its own domain).

Since when is using paranoia unethical in USA (0, Offtopic)

maliqua (1316471) | about a year ago | (#44143231)

Fear mongering is what the rest of your country runs on why not education

Re:Since when is using paranoia unethical in USA (0)

Anonymous Coward | about a year ago | (#44143353)

The poster is not in the US. He said as much when he said that Google stores the data offshore. He didn't say which non-US location he was in, but hey - at least read the summary before posting some snarky comment. (I read the summary, so I can be snarky)

Re:Since when is using paranoia unethical in USA (1)

egcagrac0 (1410377) | about a year ago | (#44143533)

The poster is not in the US. ... He didn't say which non-US location he was in

Wild ass guess: New Zealand [slashdot.org]

THINK OF THE CHILDREN !! (-1)

Anonymous Coward | about a year ago | (#44143243)

And then forget about them !! Bigger things to deal with !!

Data May Be *Safer* Overseas (3, Insightful)

BuildMonkey (585376) | about a year ago | (#44143263)

What gives you the idea that data is safer stored within the US? In reality, I think it is less likely to fall into the 'wrong hands' (someone who wants to embarrass or blackmail your child later in life) stored overseas.

Re:Data May Be *Safer* Overseas (1)

SuricouRaven (1897204) | about a year ago | (#44143689)

It's cloud data. You don't know where it is, and if you did it might not stay there. That's half the point of the cloud: Abstraction of services from physical equipment.

Even if you confirm it's hosted in the US for now, perhaps in a couple of months it'll be reclassified from 'active use' to 'inactive but required' and transferred from the US to a datacenter somewhere in northern Europe where the operator has more spare low-cost storage. Some major cloud operators like Amazon will even move virtual machines between datacenters across timezones to follow the night and the lower electricity bills nighttime brings.

Re:Data May Be *Safer* Overseas (1)

heypete (60671) | about a year ago | (#44143893)

It depends on the nature of the data and that of the entity seeking the data.

The EU, for example, has stringent privacy laws that relate to personal data stored by private organizations (e.g. corporations) -- such organizations are restricted on what information they can collect, disclose to others, how they use the data, etc. However, for things like email, providers are required to store metadata about emails for 6-24 months (depending on the member state) in case the authorities with to investigate something.

With a few industry-specific exceptions, providers in the US are not compelled to retain user data for any period of time. An email host is perfectly able, legally speaking, to send all logs to /dev/null and keep no records whatsoever. They can, like any provider in most places in the world, be compelled by authorities to turn over user information they do keep, but they're under no obligation to retain that data at all beforehand. On the other hand, the US has very few regulations (again, there are some specific exceptions) that prevent providers from collecting lots of information or sharing it with other organizations for whatever purpose they wish.

Re:Data May Be *Safer* Overseas (0)

Anonymous Coward | about a year ago | (#44144017)

I assumed he was from outside the US.

If in the US, then the school's IT dept. (most likely outsourced) is an even bigger threat.

K-12 districts, in the US, *commonly* run appliances that provide a man in the middle for SSL traffic (using a CA certificate that they install on all the client devices at the school).

Unfortunately, the attitude of the K-12 IT creeps and school administrators that thought it was OK to snoop on kids in their bedrooms using the camera's on school provided laptops, is the rule for US K-12 IT staff, not the exception.

Yup (1)

Ultra64 (318705) | about a year ago | (#44143289)

>The response has often been that I'm over-reacting

Because you are.

Re:Yup (2)

ShanghaiBill (739463) | about a year ago | (#44143569)

>The response has often been that I'm over-reacting

Because you are.

Allowing children under 13 to disclose identifying information online, without parental consent, is not only a bad idea, it is illegal. Read up on the Children's Online Privacy Protection Act [wikipedia.org] . If these kids are using their real names, their photographs, or their email addresses online without written parental consent, then the school may find themselves in legal trouble. COPPA lays out some pretty specific rules, so if you are using the internet with kids under 13, you need to be familiar with that law.

Re:Yup (0)

Anonymous Coward | about a year ago | (#44143603)

And where did you get that any of this was being done without the parent's permission? You seem to have invented that out of whole cloth.

Re:Yup (2)

ShanghaiBill (739463) | about a year ago | (#44143705)

And where did you get that any of this was being done without the parent's permission?

From the summary.

Re:Yup (1)

starcraftsicko (647070) | about a year ago | (#44143755)

No. In the summary, OP said that this was being done 'without informing the students' parents of what is at stake'. That is, in the opinion of OP, the parents don't really understand this 'cause if they did they'd be as alarmist as he is.

OP is stirring the pot.

Re:Yup (1)

ShanghaiBill (739463) | about a year ago | (#44143883)

No. In the summary, OP said that this was being done 'without informing the students' parents of what is at stake'.

The summary also says there is a "lack of disclosure in the parental consent process." Just getting parental consent to "use the internet" or "use Google Apps" is not enough. Unless the parents are explicitly giving their consent to the disclosure of identifying information, then this school is breaking the law.

Maybe the OP is being alarmist, and he certainly doesn't appear to be very competent, but the obvious solution is to read the applicable law (which is COPPA), go down the legal checklist, and make sure his school complies.

Technically incorrect (1)

tlambert (566799) | about a year ago | (#44144181)

No. In the summary, OP said that this was being done 'without informing the students' parents of what is at stake'.

The summary also says there is a "lack of disclosure in the parental consent process." Just getting parental consent to "use the internet" or "use Google Apps" is not enough. Unless the parents are explicitly giving their consent to the disclosure of identifying information, then this school is breaking the law.

Maybe the OP is being alarmist, and he certainly doesn't appear to be very competent, but the obvious solution is to read the applicable law (which is COPPA), go down the legal checklist, and make sure his school complies.

Just because a child is enrolled in Google's "Apps for Education" as a matter of allowing their coursework to be monitored, have analytics applied to it by a teacher or their parents, and have the progress tracked by a teacher or parent in a uniform and API transparent way, doesn't meant that their schoolwork is being posted to reddit. You can search your ass off, and you will not find the kids work online, or even their name, unless they put it some place else, like Facebook or Slashdot, where the information *is* public.

The OP is being asinine and alarmist in the extreme: "Oh noes! The clouds, the clouds are going to eat you! All parents should be informed that the clouds are about to eat their children so that we can get a reasonable backlash going, and continue to sell copies of Office on heavyweight, brandy-new Windows 8.1 PCs! 'Case a bad guy has never yet compromised a Windows PC!".

And yeah, maybe an external audit by a competent domain expert might be a good idea, but as long as we are auditing, I;d like to know why we can afford to house the school administration in a new building in the expensive real estate part of tow, but supposedly can't afford to fix the roof in the place where tyhe students are actually being educated. That's an audit I could get behind.

Typically, outsourcing saves money, whether that's sending IT jobs to places where the workers are willing to take less money, or building PCs in places where the labor costs are relatively low and the environmental laws effectively non-existant - or not buying a metric buttload of Microsoft software because it happens to be tied to a particular machine, rather than a person who has to access their data in multiple locations from multiple machines (home, library, multiple classrooms).

Re-buying software to be able to access it on another device makes about as much sense as rebying an eBook to access it from another device, or rebuying an mp3 because you want to listen to it on the home stero, when you're out jogging, and in your car.

Put another way: licensing software to a machine instead of a person is another form of DRM.

Re:Yup (1)

starcraftsicko (647070) | about a year ago | (#44144185)

Just getting parental consent to "use the internet" or "use Google Apps" is not enough.

I suspect that it is. This is incredibly specific really. If the school tells the parents that the student will be using Google Apps, the parents can research what the service does in detail if they wish.

Unless the parents are explicitly giving their consent to the disclosure of identifying information

What does that mean though? Every school consent form I've seen in the past few years includes 'may lead to the disclosure of personal information' someplace in the body text. What level of consent is needed in your view?

Re:Yup (1)

ShanghaiBill (739463) | about a year ago | (#44144275)

the parents can research what the service does in detail if they wish.

If you are claiming that COPPA allows "implied consent", you are flat out wrong. Parental consent must be explicit.

Every school consent form I've seen in the past few years includes 'may lead to the disclosure of personal information' someplace in the body text.

If their disclosure says that, they should be fine.

What level of consent is needed in your view?

My view is utterly irrelevant. All that matters is the view of the judge your lawyer is trying to convince that your organization was COPPA compliant after a parent sues you.

Look, this is not complicated. Google for "COPPA checklist", click on the first link, then read it. If you are compliant, fine. If not, fix the issues to get in compliance. That is all.

Re:Yup (0)

Anonymous Coward | about a year ago | (#44143629)

Privacy advocates are not overreacting. Having your name plastered all over the Internet for no good reason is something only an imbecile would want.

Re:Yup (0)

Anonymous Coward | about a year ago | (#44143827)

>The response has often been that I'm over-reacting

Because you are.

Really?

Then prove it. Come back to me in 10 years (or 2) and tell me again how we're all "overreacting" to data collection services going on today.

For fucks sake, wake up already. Why the hell do you think Google is targeting K-12 schools for a new customer base? For fun?

Re:Yup (2)

recoiledsnake (879048) | about a year ago | (#44143897)

>The response has often been that I'm over-reacting

Because you are.

No he isn't.

See http://gawker.com/5637234/gcreep-google-engineer-stalked-teens-spied-on-chats [gawker.com]

in at least four cases, Barksdale spied on minors' Google accounts without their consent, according to a source close to the incidents. In an incident this spring involving a 15-year-old boy who he'd befriended, Barksdale tapped into call logs from Google Voice, Google's Internet phone service, after the boy refused to tell him the name of his new girlfriend, according to our source. After accessing the kid's account to retrieve her name and phone number, Barksdale then taunted the boy and threatened to call her.

In other cases involving teens of both sexes, Barksdale exhibited a similar pattern of aggressively violating others' privacy, according to our source. He accessed contact lists and chat transcripts, and in one case quoted from an IM that he'd looked up behind the person's back. (He later apologized to one for retrieving the information without her knowledge.) In another incident, Barksdale unblocked himself from a Gtalk buddy list even though the teen in question had taken steps to cut communications with the Google engineer.

First, make sure *you* understand the implications (5, Insightful)

93 Escort Wagon (326346) | about a year ago | (#44143293)

If you can't articulate what the implications are of using Google Apps for Education, then at least one of the following is true.

1) You don't actually have sufficient understanding of the situation
2) You're the wrong person to attempt being the spokesperson for the "opposition"

You need to be able to articulate your specific concerns regarding use of the service - not just make hand waving statements. If its bad that students have a "digital footprint" from age seven, explain *why*. And, even then, be aware that others may not share your concern (or may have adopted a fatalistic attitude about the situation).

Re:First, make sure *you* understand the implicati (2)

Frobnicator (565869) | about a year ago | (#44143577)

If you can't articulate what the implications are then at least one of the following is true.

1) You don't actually have sufficient understanding of the situation 2) You're the wrong person to attempt being the spokesperson for the "opposition"

I very much agree with this. Unlike the IT worker in the headline I can articulate many of those implications. Unfortunately getting it through a child's view is difficult. Even communicating it to an ADULT is difficult.

We see these things on /. all the time:
* Goofy pictures as a teen, but as 47 year old fired from executive job due to bad public response.
* Seemingly innocent banter about being insane, Texas teenager in jail.
* Picture of children in a bathtub, ten years in prison for child porn.
* "Why would I want to live there?" to your friends, fired from Microsoft.
* Sexting images go public, lives ruined.

And those are the EASY cases.

On their surface none of them seem like threatening issues. I post pictures of myself, friends and, family. I publicly chat with friends. I hope that they never come back and bite me, but in this world even the smallest innocent thing can be taken out of context and destroy lives.

How exactly do you communicate rational responses (not just fear) for these actual risks that we read about daily without sounding crazy?

Re:First, make sure *you* understand the implicati (4, Insightful)

SuricouRaven (1897204) | about a year ago | (#44143711)

Don't forget the bit about posting comments insulting religious or political views, and then potential employers not hireing you over it. The annoying thing is it can't be proven: If an employer looks you up and finds you've been insulting his religion, he isn't going to give that as the reason in your rejection letter - you'll just get a generic form rejection saying 'your application has not been successful on this occasion.' It probably happens all the time.

Re:First, make sure *you* understand the implicati (1)

anyaristow (1448609) | about a year ago | (#44143913)

Don't forget the bit about posting comments insulting religious or political views, and then potential employers not hireing you over it. The annoying thing is it can't be proven: If an employer looks you up and finds you've been insulting his religion, he isn't going to give that as the reason in your rejection letter

He doesn't have to, because that's not the only reason a rational adult wouldn't hire an internet warrior. He might choose not to hire you because you've made it clear that the majority of the people in your own culture are beneath contempt in your mind. That may not be a desirable quality in an employee, even if the potential employer doesn't disagree with your anti-religious views.

Re:First, make sure *you* understand the implicati (1)

tibit (1762298) | about a year ago | (#44143823)

People change their appearances a lot as they grow up. Teenagers, especially girls, look so much alike that 10 years later it's virtually impossible to say "here, it's Jody Smith my coworker, taken 10 years ago when she was 16".

Re:First, make sure *you* understand the implicati (2)

LordLimecat (1103839) | about a year ago | (#44143613)

You also need to be able to explain why "their cloud" is less secure than "your cloud". The data / work is being stored on servers somewhere, and if students can access it there is ALWAYS the chance for some misconfiguration or breach that exposes their information. So with that understanding, you need to justify why storing stuff in house would be more secure than with google-- and the truth is, a lot of the time, its not.

Just how would you explain the risks? (2)

aegl (1041528) | about a year ago | (#44143311)

We already have groups of people afraid of wifi, vaccines, and a host of other things that are non-issues. They are also disproportionately afraid that their child will be abducted (by strangers, or even by aliens).

Pretty much whatever you say will either be misunderstood by some subgroup, or deliberately misconstrued by another - and then a school faces the problem of providing a special exception* for some group of students that have been opted out.

* Note that I'm generally in favour of special exceptions in schools because children do have different learning styles and paces - but this would be a crazy addition

Re:Just how would you explain the risks? (2)

rubycodez (864176) | about a year ago | (#44143599)

non-issue? people die and are sickened from vaccines (allergic reactions, bad batch of not totally deactivated virus, etc.)....but that's ok with you until your child flops over dead, right?

Re:Just how would you explain the risks? (2)

SuricouRaven (1897204) | about a year ago | (#44143719)

The number of lives lost as a result of vaccine reactions is far, far less than the number of lives saved by the elimination of what would otherwise be endemic and often fatal diseases. Overall, the vaccines are saver. People just percieve them as dangerous because their danger is obvious, while all the times their child *didn't* get polio are not so easily apparant.

Re:Just how would you explain the risks? (1)

Mr. Slippery (47854) | about a year ago | (#44143837)

Overall, the vaccines are saver.

It depends on the vaccine, the disease and the patient.

The seasonal flu vaccine is pretty useless in healthy people [chron.com] , can have significant to serous side effect, and probably is not worth the risk in the general population. OTOH vaccines for polio, measles, and whooping cough are certainly safer for most folks than going unvaccinated.

Re:Just how would you explain the risks? (1)

Zontar The Mindless (9002) | about a year ago | (#44144129)

The seasonal flu vaccine is pretty useless in healthy people [chron.com] , can have significant to serous side effect, and probably is not worth the risk in the general population.

We can get flu shots for free at work. I used to get mine every year, but the day after I got mine last year, I came down with the worst flu I can ever recall having, and it lasted about twice as long as usual. No warning signs, either. I have a hard time believing that it was just a coincidence, and I think I'll just go without the shot, next flu season.

That being said, I resent people who apparently can't do basic maths getting in a lather and telling me that I shouldn't protect my kid from serious childhood diseases on account of a comparatively negligible risk of side effects, and--even worse--try to persuade the parents of my kids' friends not to get them vaccinated, either.

Re:Just how would you explain the risks? (0)

Anonymous Coward | about a year ago | (#44144427)

The incubation period is longer then 12 hours.
So you probably already had the flu and happened, by coincidence, to get the vaccine just the day before it broke out.

Re:Just how would you explain the risks? (1)

tibit (1762298) | about a year ago | (#44143845)

Protip: Human life's worth is not infinite. It's not worth saving at a possibly overwhelming cost to others. Stop being so selfish. People die, kids included, get over it. There's only so much you can reasonably do. Avoiding vaccines is not one of the reasonable things to do. I am a parent. Would I be heartbroken if my child died? Sure. This doesn't make me go apeshit crazy about minimizing risk to my children at all costs.

Don't use their real information (0)

Anonymous Coward | about a year ago | (#44143339)

If you're worried about it, why not have the kids use an alias instead of their real names. That way there is nothing to link it back to them

Re:Don't use their real information (1)

egcagrac0 (1410377) | about a year ago | (#44143571)

It's pretty common in education to put your name on your homework.

It would be trivial for a big data analyst to figure out which alias is which student.

Re:Don't use their real information (1)

SuricouRaven (1897204) | about a year ago | (#44143721)

We do that quite often at the school I work at to identify the owner of lost USB sticks handed in to lost property. They sit in a box for a few days, and if no-one claims them then IT is asked to have a quick glance at the contents to identify the owner so they can be returned.

So basically... (2)

sunking2 (521698) | about a year ago | (#44143363)

You have this belief of a boogieman in the closet, but have nothing that actually backs it up. But because you think you are so smart you can't possibly imagine that your beliefs aren't true and you are over reacting you expect us to back you up as surely everyone with half a brain must believe what you do.

Re:So basically... (1)

tibit (1762298) | about a year ago | (#44143859)

What bogeyman? If I was working for Google, I'd be very worried about not doing my job if I didn't go as far as possible at monetizing the data. Google is not in the business of wasting money offering free email accounts. I'm pretty damn sure they get full return on their investment, even if it's not something as obvious as showing targeted ads. Language corpuses of the size that Google has access to are not exactly something you can just buy on a street corner.

Re:So basically... (1)

rea1l1 (903073) | about a year ago | (#44144045)

No, I have a book called 1984 and I'm watching our nation slide ever deeper into the same state.

Just because the boogiemen haven't made an appearance doesn't mean they won't.

It's not paranoia. (2)

fustakrakich (1673220) | about a year ago | (#44143377)

In the cloud, or any other computer network, you have no privacy. What is there to explain, other than you voted for this?

what *are* the risks? (2)

stenvar (2789879) | about a year ago | (#44143391)

I have expressed a concern that it is unethical to use these services without informing the students' parents of what is at stake e.g. the students are getting a digital footprint from the age of seven and are unaware of the implications this may have later in life.

And what precisely are the implications and risks according to you?

but the ethics over lack of disclosure in the parental consent process

What precisely do you think isn't being disclosed?

Re:what *are* the risks? (2)

rea1l1 (903073) | about a year ago | (#44144065)

The obvious implication and risk is that we shall be screened and judged in future processes based on every single minute thing we have ever said, typed, and done, because 100% of our lives will be accessible, as opposed to being judged from across a table.

People change. You and I do not deserve to be discriminated against based on who we were, but on who we are.

Express your specific concerns in writing... (4, Interesting)

Bearhouse (1034238) | about a year ago | (#44143413)

It is an interesting point...
Sugget you do some research, (look into the big G's T&Cs), and write down exactly what you think the issue may be.
Try and be balanced, then fire it off to yor boss.
Your duty is then done, and your ass covered.

Re:Express your specific concerns in writing... (1)

Bearhouse (1034238) | about a year ago | (#44143425)

Ahem, "your"...touchpad too complex for old fart...

Overseas? (1)

cashman73 (855518) | about a year ago | (#44143419)

Why the quick assumption that students' data is stored overseas? Six of Google's data centers [google.com] are in the USA, one is in South America (not exactly "overseas", but still out of the country), three are in Europe and three are in Asia. I would think that most data in North America is stored on North American servers, which is probably best for speed and access.

Re:Overseas? (1)

GPLHost-Thomas (1330431) | about a year ago | (#44143491)

At Google, data is most of the time stored in more than one continent.

Re:Overseas? (1)

egcagrac0 (1410377) | about a year ago | (#44143585)

Perhaps the submitter is in a country where there are no Google datacenters.

Re:Overseas? (1)

SuricouRaven (1897204) | about a year ago | (#44143737)

Disaster recovery common sense says all the data of any importance at all is going to be stored at two datacenters in case of natural disaster. So one copy near the user for performance, and the other just goes wherever storage is cheapest. At a guess.

Paranoia is a problem? Why? (3, Interesting)

BenEnglishAtHome (449670) | about a year ago | (#44143437)

Does anyone have ideas about defining the parameters of 'informed consent' where we inform of risks without bringing about paranoia?

Why is "bringing about paranoia" a problem? Where security is concerned, I generally consider paranoia to be a good default reaction to any situation until I understand it well enough to relax.

Explain the situation well and allow the parents and others to be as paranoid as they consider prudent. Don't try to manipulate them into being more or less paranoid just because you or the system think they should adopt a different mindset. You provide facts then it's their choice to make.

If, OTOH, you're excessively concerned about and wish to avoid creating paranoia you'll hamstring your efforts to be intellectually honest and technically accurate when you "define the parameters of informed consent."

Re:Paranoia is a problem? Why? (0)

Anonymous Coward | about a year ago | (#44143551)

You provide facts then it's their choice to make.

Given OP's original tone, I'm highly skeptical of the chances that facts will be the only thing provided. Perhaps OP could get somebody who doesn't have a tinfoil hat collection to write up some information...

Re:Paranoia is a problem? Why? (2)

spasm (79260) | about a year ago | (#44144051)

'Why is "bringing about paranoia" a problem?'

Seriously. I do research with human subjects. If I don't have at least some people choose to decline participation at the point of informed consent, then I assume my consent isn't good enough - participating in any given research project is *always* not a good choice for at least one person.

Then again, you have the interesting situation that formal school-based education is not the correct solution for every single human; using google apps (or whatever cloud-based system a school is considering) is not the correct situation for every child, yet in both cases the benefits to society (shared childhood experience, guaranteed minimum education level; cheaper infrastructure) may wildly outweigh the relatively minor risks for the individuals.

Re:Paranoia is a problem? Why? (0)

Anonymous Coward | about a year ago | (#44144373)

No matter how paranoid you are, it's not paranoid enough.

A quick google search reveals various versions. One of my old friends used this 30 some years ago about living in modern society.

Not a matter of explaining (0)

Anonymous Coward | about a year ago | (#44143451)

It's not a matter of explaining the privacy risks. It's a matter of trying to convince them to weigh each bit of the moral and causative puzzle more like you do. At least, that is a clearer rephrasing of the question you really are asking.

They know that when data is stored somewhere else there there is a non-zero possibility that it's lost, which compares with a non-zero possibility that someone hacks into your network or steals a server. They just don't care that much.

Easy to explain: (3, Interesting)

Hartree (191324) | about a year ago | (#44143471)

It's easy to explain cloud privacy issues. We'll do it in terms of purses and wallets as those are common items of value that people understand can contain very private information:

Someone is doing the digital equivalent of asking you to keep your purse (or wallet) securely and have it available at all times for you. They won't try to steal the money or credit cards, etc in it (or whatever else of value if you choose to store it). Yes, there may be a security breach, but it's less likely than you dropping or forgetting your purse or wallet.

On the other hand, it means that if you put them in your purse (or wallet) they know how many birth control pills or condoms you kept in it and by when you used them what part of your menstrual cycle you're on or when you had a hot date that turned into an all night.

Now, extend that to your son or daughter that will have records on them from the time they enter grade school until, well... forever.

(In some ways it's not a big deal, but in some ways it is, and that rather graphic example gets across the level of info that can be mined from long term records.)

Re:Easy to explain: (0)

Anonymous Coward | about a year ago | (#44143749)

Add in the fact that not only are they collecting this information, they are using it to try and sell you products. Here Timmy, you're going on a date, Wanna buy these condoms, liquor, Porsche car rental, Viagra, Cialis, rufees, etc. They'll tell anyone that buys the information, where you're going, and what time you'll be there so they can join in on the act or take advantage of it. Oops Timmy give us $100 or we'll tell your parents that you took her to a BDSM club, (or worse yet, tell her parents).

Software as a service, not cloud (1)

GPLHost-Thomas (1330431) | about a year ago | (#44143489)

Like on many occasion, the word cloud is missuses here. It really is software as a service (or SaaS) that we are talking about.

Mod whole article (1)

Pop69 (700500) | about a year ago | (#44143513)

Can I mod the article as a troll ?

Re:Mod whole article (1)

starcraftsicko (647070) | about a year ago | (#44143773)

That's what tagging is for.

Check legal (0)

Anonymous Coward | about a year ago | (#44143625)

This may vary depending on where you are, but in some places it is not legal to put information on students (or photographs of students) on-line or on third-party servers. In other places it's government policy to not upload student data (or photos) to a place where that data can be viewed by people not directly connected to school. So, depending on your local laws and the policy of the education department in your region the school board may be breaking the law by using cloud services for things like e-mail and documents. Might want to bring this up with the school board's legal team.

I don't like this; please give me some ammo to use (0)

Anonymous Coward | about a year ago | (#44143653)

There may be valid concerns, of course: people should know who has access to the information, whether real names are being used with those gmail accounts, what, if, any filtering is being done, etc. But you haven't been forthcoming with who you actually are in relationship to these multiple organizations: are you a school board member, a concerned community leader, or...?

Speaking of paranoia, this sounds just a little like astroturfing by someone else, to get people to brainstorm negative things. Are you a person who's trying to sell competing services, like discrete servers and software?

I do see someone using that same "hyperorbiter" username in New Zealand, a Stu McGregor [technorati.com] , associated with http://www.definitive.co.nz/ [definitive.co.nz] , which is "is a support company for Mac/Linux oriented schools and businesses. We offer comprehensive support at competitive rates and we are committed to your interests being met."

Coincidence, or?

Find the hot-button issue and drive it home (1)

FuzzNugget (2840687) | about a year ago | (#44143693)

Every group of common people (in this case, teachers and/or school administrators in your particular area) tends to have one or two "hot button" issues; things that, when they hear, alarm bells go off in their head and they cannot be swayed otherwise due to past experience or ingrained culture.

Home in on whatever that hot-button is for these particular teachers and find a way to press it hard. Figure out how gmail and cloud services could be exploited against them in that context.

I know it's kind of a dirty political tactic -- and we Slashdorks believe ourselves above such means, preferring to generalize, establishing rationality and understanding -- but sometimes people incapable of unwilling to consider such foresight need to be jerked around for their own good. Otherwise, you'll just come off sounding paranoid and delusional, which is amazing considering recent revelations.

In other words, find out how to be on their side; to align this issue align with the issues in which they already collectively believe.

Only ethical option: Embrace it (1)

Idou (572394) | about a year ago | (#44143759)

Should we get rid of blackboards, too, because anyone can read what a student writes on it? This is the current reality. You cannot protect students from this type of technology. However, you can prepare them for it.

Create a policy to let students know that everything they do on their account should be assumed to be readable by anyone, so treat it as if you are writing on the classroom blackboard.

In that proper context, it is still a wonderful tool, if used properly. I am sure any school would also support such a policy to avoid unwanted incidents.

Re:Only ethical option: Embrace it (1)

Zontar The Mindless (9002) | about a year ago | (#44144187)

Should we get rid of blackboards, too, because anyone can read what a student writes on it?

Blackboards typically can't be seen outside the classroom.

Blackboards are typically erased every hour or two.

Blackboards typically are not identically copied and archived.

No body cares.... (1)

rizole (666389) | about a year ago | (#44143785)

...except you, me, some other people that realise the full implications and the paranoid.

I work at a Further Education College (14 years upwards) with some Higher ed students (mature) and everyone's all very interested in my opinions about privacy and footprints in exactly the way any educated, engaged person might be about any interesting and important topic but they don't think it applies in their case.

I also stand up at my desk to work. If anyone asks, I'll tell them why. Everyone is interested and thinks it's a good idea but I'm still the only person in the whole college that stands up at my desk.

Read the TOS...filter out the specifics that people need to be aware of...write a report...move on.

What are the school's alternatives? (1)

Haydn (592455) | about a year ago | (#44143795)

My university (U of Hawaii) uses Google's email, but I prefer it to using HotMail, Yahoo Mail, Facebook, or my ISP's email! I never use my hawaii.edu email account, but instead set it to forward everything to my personal email account.

If you're thinking that the schools could just offer their own email systems, have you figured out how much that will cost?
It sounds like you work as the school's email administrator. Since it sounds like you have a financial interest in the outcome of this, you should just be honest and up front about that.

Google has a remarkably good track record regarding security. They may be the best company (of Apple, Microsoft, Facebook and Yahoo) in their industry, and if they aren't #1, then they aren't far behind.

One of the issues you raise is that you are assuming that students will use Gmail for their personal and private use.

In fact, they are free to use whatever they want for their personal email, and simply configure their Gmail account to forward and delete after forwarding. I've investigated quite a few other email providers, and this is rarely a feature they're willing to offer, so in this respect Gmail is way ahead of the competition.

BTW, do you think the schools should also have to disclose that they're using Microsoft software, that it has a such a long and poor security history?

Re:What are the school's alternatives? (1)

recoiledsnake (879048) | about a year ago | (#44143875)

Google has a remarkably good track record regarding security. They may be the best company (of Apple, Microsoft, Facebook and Yahoo) in their industry, and if they aren't #1, then they aren't far behind.

Did anything like this happen at the other companies?

http://gawker.com/5637234/gcreep-google-engineer-stalked-teens-spied-on-chats [gawker.com]

Re:What are the school's alternatives? (0)

Anonymous Coward | about a year ago | (#44143987)

This sounds like a rogue sysadmin abusing his access. This can happen at any company, or even within the IT department at a school. You keep posting that link over and over, as if Google condoned the behavior or something, nevermind the fact that he was fired. What exactly is it you are trying to say here?

While you're talking to them... (1)

Hognoxious (631665) | about a year ago | (#44143797)

Maybe you could ask one of them to teach you how to write. Combined by" my arse.

Once upon a time (0)

Anonymous Coward | about a year ago | (#44143821)

there was a magic cloud. It was mostly hype and a stupid idea, but hype and stupidity are the cash cows of IT.

Then the big bad NSA, created a big nasty evil monster called PRISM that chased away all the pretty little clouds.

The clouds were scared and did not want to be eaten by the big bad PRISM monster.

Moral: Don't get eaten. Don't be a cloud.

As if... (0)

Anonymous Coward | about a year ago | (#44143933)

...the average elementary school IT admin (er...assuming it even has one) can put together services even remotely as useful, reliable, and secure as Gmail. Not to say that Gmail is by any means ironclad, but honestly, most IT (mil, gov, com, edu, take your pick) departments have absolutely no meaningful grip on security at all!! If Slimey Joe wants to get at little Polly's schoolwork, he's certain to have an easier time at it through a slipshod school network than Google's infrastructure. Sure, be paranoid about security, but have some practical solutions, too. While I do think that cloud services fielded in schools should remove direct marketing (similar to M$ofts recent no-add version of Bing) for schools,Google (or Microsoft, I grudgingly suppose) will provide better security than virtually every lone heroic admin is likely to field on a public school budget.

Sad really (0)

Anonymous Coward | about a year ago | (#44144033)

Unfortunately majority of people don't know damn thing about technology or information security for that matter... Most school teachers fall into this category. Sad thing is they are teaching our next generation. We should have brightest minds teaching our children, not these dim minds..

I have found healthy level of paranoia is good when it comes to internet and its workings. On data storage in cloud services, problem is you have no control where data is. If its not encrypted there, even worse.

Why no mention of Bill Gates (0)

Anonymous Coward | about a year ago | (#44144035)

Why have the owners of Slashdot repeatedly ignored the biggest schoolchild privacy scandal- namely the collecting of intimate data about EVERY child in the US public school system by Bill Gates, using a software system especially developed for the purpose by Tony Blair's chief propagandist, Rupert Murdoch.

The depraved Gates, an active proponent of old school eugenics, has used his incredible wealth, political influence, and the power of his foundation to craft a Stasi spy project for Team Obama that dwarfs any previously attempted. Every school within the public sector is to track, monitor and interrogate every school child on as regular a basis as possible, and enter this data into Gate's database system. The information even includes the current sexual development of the child. Teachers are paid fees for all extra information they collect on their own initiative.

Bill Gates has promised the database will be available to any third party (that pays the requisite amount and has Team Obama's approval).

At the moment, Bill gates is rolling out this project in selected (which means politically subservient) States and cities, including New York, of course. The intention is to have the system running on a nationwide basis within 5 years (when Team Obama will become the different-in-name-only Team Bush or Team Clinton or whatever). It will be illegal for parents to withhold information, encourage non-cooperation by their children, or to challenge the school over the data collection.

Let me make this clear for you dim bulbs. In those states that allow sexual abuse of 18-year-old women in the name of school corporal punishment, teachers are given complete immunity in law for any school beatings they dish out. Parents who even attempt a prosecution of a teacher are heavily fined in court for doing so. Bill Gates already has the agreement of US law-makers to implement a similar legal protection for his school-children database. Your child's teacher (or nurse or any other member of staff) can extract and record ANY information about your child, or his/her family that they desire, including their medical records AND your medical records.

Stalin was a monster, but his real power came from the expert monsters who served him in various capacities. Bill Gates is a deeply disturbed psychopath who craves to be a monster in the vein of those who served Stalin so well. He knows that the key to societal control is winning control of the nation's children, and humiliating the parents when the parents discover they have no ability to protect their kids.

In those US schools that beat the kids, mothers who suffered the most appalling abuse from male teachers frequently find their daughters are going to have to attend the same school and suffer the same abuse (often even from the same teachers). You can imaging what that does to the will of such communities. Bill Gates isn't going to beat your kids into submission. Sophisticated psychopaths know that psychological abuse is vastly more effective and long lasting.

How many of you Yank parents have gone to your child's school and demanded that your Child will NEVER appear on Bill Gate's database? What's your excuse? That the vast majority of you are so dumb that you've never heard of the project?

QUOTE
inBloom is receiving $50 million for their services from the New York Education Department through a contract awarded last fall. Data analyzing firms, educational software designers and other third-party venders, both for and not-for-profit, will be granted access to student information.

GOOGLE inBloom, Bill Gates, Rupert Murdoch. Anyway, time for Slashdot's owners to moderate this comment down to -1 so as few of you as possible read it.

Using vs. Storing (1)

multimediavt (965608) | about a year ago | (#44144083)

I think the OP would like some help articulating the problem and that's why he posted here. Beating him to death asking him to articulate is a waste of time. If he could articulate it reasonably at all he wouldn't be HERE!

My $0.02 on the cloud and the reason why I will never store information there, encrypted, overseas, or not. However, I do see things like SaaS via the cloud as a boon. Allow me to explain with the comparison of using the cloud for services and storing information in the cloud.

I have a fundamental belief that our individual intellectual property should be protected as much as our freedom. I believe that our individual digital data should reside with us, be our individual responsibility to safeguard, and be ours to share with whomever we wish, whenever we wish.

I do not believe that your data is ever safe in the hands of someone else, especially, if that someone else is a for-profit business. I do not see encryption being a viable option for data that is stored for long periods of time. Why? Well the people storing your data and that of thousands if not millions of others will most likely have the compute ability to break that encryption. Plus, all encryption does is draw more attention to your data in a for-profit environment. "What are they hiding?"

I do believe that software as a services, e.g., Office365, Google Apps, et al, are a good thing if implemented well. Tools to use in the cloud are good because data is not stored for long periods of time, and if the terms of service are good your data remains private while it is being manipulated in the cloud.

I do believe that storing items in the cloud temporarily because you are sharing them with someone is ok, again, terms of service become the deciding factor. If the data is with you and you have a machine attached to the Internet it's really silly to use an external service to share things, but it may be more secure as you are not compelled to run a service on your home machine where the whole of your data resides. That all depends on your level of server admin competency. Regular home users should probably use a service.

It is difficult to ride the line between privacy and having a life in the modern digital society. If you choose the way of privacy in today's world you will most likely alienate a major group of friends. The drive for young adults to belong and form peer groups is not easily bounded. I think the best the OP could hope to do is to try to educate the parents of the privacy and future implications and hope that gets passed onto their children at home. The teachers and administration will also need to be educated about the possible issues. The bottom line here is educate people so they can make an informed decision on their own. I did say that freedom was also equally important to protect. If people still choose to be reckless after knowing the dangers then they will have to live with the consequences of that choice. I do believe there will be a large segment of our population that will deeply regret how reckless they have been with their privacy.

Think Of the Kid's Futures (0)

Anonymous Coward | about a year ago | (#44144183)

I won't hire someone if they think they have a cavalier attitude about privacy. I don't want my company's internal documents being uploaded to Google, whose primary revenue stream is essentially charging for the accurate targeting of our competitor's advertisements. Similar concerns exist for any other cloud service; their IT employees haven't signed my company's employee agreement.

You are not overreacting in the slightest. A school district that doesn't do everything in its power to protect children's privacy and to teach them the importance of doing the same for themselves is doing those students a great disservice.

Don't put it on the parents (0)

Anonymous Coward | about a year ago | (#44144197)

You have no business letting a private advertising company operate school functionality. You have no business putting parents in a position of needing to decide. That just amounts to shirking responsibility by essentially having them sign a disclaimer. Unfortunately, most parents and teachers don't understand the situation. And just like most people agreeing to sleazy TOS, they won't want to "make waves". You might not be able to do anything about that. But don't help everyone to stick their heads in the sand by settling for "informed consent".

turnitin.com - same problem (0)

Anonymous Coward | about a year ago | (#44144247)

When I objected to my daughters' high school's use of turnitin.com, I came in with their full TOS printed out (all 40 odd pages), and asked if any of the teachers and administrators had read the contract to which they were asking their students to agree to. And if they had read it, were they aware of what it meant and what they were giving up.

Crickets..

(leaving aside the enforceability or value of contracts entered into by minors, clickwrap or not)

I worked in K12 for 15 years (1)

buss_error (142273) | about a year ago | (#44144313)

About all you can do if you can't get someone to listen (and I'll bet you can't, and I'll tell you why) is to refuse to give your permission for your child to use the Internet as school. So why won't they listen?

Money.

When I left, there was a ~4 million dollar budget to renew and expand the email system (All teachers and staff, all kids, plus all parents, maybe e-mail for life like some colleges do, mail boxes that hold more than 512 megabytes and anti-virus). Google came in and moved everything to Google for under $200,000, expanded coverage of users as we'd wanted, and freed up 3 staff members that were doing nothing but email for other tasks. Hard to argue that $3.8 million bucks that suddenly pops up for other uses isn't a good thing, especially when a lot of other money was cut off. What's going through the superintendents head goes something like this: "Someone worried about privacy -something I don't understand but sound like it's not that important- for kids versus like, 3.8 million I can put toward fixing X, or maybe keeping those 1,000 classroom teachers I was going to have to lay off..."

Is 2013 the year? (0)

Anonymous Coward | about a year ago | (#44144337)

I am surprised by the response of the "slashdot crowd". I wouldn't have expected that the common opinion would be one that accepts data gathering by corporations (and the government) as a fact of life. I know that the catch phrase "privacy is dead" has been used a lot the last year, but I wouldn't have expected everyone to actively work towards that "goal". It should be obvious to everyone that the ramifications of all this data gathering will be in the future. I think we have only started to see the first results of their use (and abuse).

It all starts with data gathering. After that, only laws/regulations and adherence to it can protect you from abuse. Adult do a lot of crazy stuff that they are not proud of, that is not intended for the entire world, and that they would rather want the world to forget. For children this is much more the case. Children are still learning, and they are expected to make mistakes and act inappropriately at times.

From what I hear, the laws and regulations in the US to protect people's privacy concerning data gathering is at best a joke and at worst nonexistent. When you choose a cloud provider without a contract to protect your (children's) privacy, you are putting an unknown but unnecessary burden on your children's future.

A good contract would state that only the specified data is collected and used for the specified purpose (make sure to check both whether they are all essential) and will be destroyed once they are no longer needed to serve the specified purpose, that the provider is responsible for the confidentiality of any collected data and will inform the parents promptly of any breach of this confidentiality, and that the parents have the right to view all collected data of their child and the right to correct any faults in the data.

If the provider does not offer such contract, or has nonessential data collection of purposes, then I think a discussion on the pro's and con's of such a solution is in order.

Why not give them a Digital Certificate as well? (0)

Anonymous Coward | about a year ago | (#44144443)

That expires when they are 18, and uses the schools "Root Authority" as the issuer? Then they can live in the digital world, can even "sign" their online homework, and when they turn 18, they can let it expire. All the school has to do is issue a cert, and require encryption with the keys they issue and control.

If you are going to push technology to people that young, please do not insulot them by thinking they are stupid. Most of the ones I have met are way smarter than their teachers....

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...