In early 2020, everyday life as we knew it was flipped as governments worldwide forced the closure of most things we take for granted, including businesses, sporting and cultural events, travel and schools. Parents had to stay home with their children, while educators were pushed to move their teaching programs to the online world.
In Australia, educators were expected to move swiftly towards digital transformation and adopt the ‘new norm’ in designing synchronous and asynchronous student learning programs in online platforms. This brought with it an exponential growth in demand for education technology (“EdTech”), streamlining educational practices with a view to enhance the learning experience for students and educators.
Of extreme importance in these changing environments is the obligation of the school and the EdTech providers to be fully prepared for data breaches. Sophisticated cyber-attacks have become more prevalent with a recent example of this being the attack on Garmin – a company that provides wearable devices that tracks and captures customer health and location data. While the company states that customer data was not compromised, it makes you question the safety and security of your personal data within such applications or systems.
Across the global EdTech marketplace, there is rapid growth of what is referred to as the “Educational Data Economy”, appropriately named due to the huge amounts of data that are collected, stored and shared within this data ecosystem. With the increasing growth of EdTech vendors, and with this the huge increase of student data being collected, stored and communicated within these online platforms, creates a sensitive intersection of educational data and student privacy.
People have little understanding or knowledge about the type, volume and use of information that is potentially being shared about them. With reliance on technology, be it for work, school or leisure, the control an individual has about the use, sharing and storage of personal information is becoming more difficult to manage than ever before. This means our own privacy is threatened in ways that were not possible in the past.
For schools, it is critical to increase understanding about keeping student data safe, including clear insight into what data is being collected, stored and shared by EdTech vendors. Vendors are not new to the educational sector. Schools have worked with suppliers, outsourcers, service providers and the like for many years. What has changed is the frequency and scale at which vendors’ applications are being used in the classroom/online learning.
The decision to adopt technology is generally made on the benefit it will bring to the classroom/online learning, and not on how student data is handled in a secure and safe manner. With innovation within educational technology moving at such a rapid pace – even more so in the face of COVID-19, it can be assumed that today’s educators have had to upskill themselves with digital technology, however they may not be as across the cyber security and privacy issues.
It is critical for our schools to fully appreciate that risk management means leading, being proactive and not simply responding when a breach occurs. Teachers and schools can’t navigate this all alone. They need to do it together, on a consistent basis and make changes where necessary. Navigating digital privacy and safety systems can be a complex and challenging task, but it is important to understand what roles and responsibilities school staff have towards collecting, accessing, sharing and storing student data.
To assist schools with interpreting the confusing landscape of digital safety and data privacy compliance and accountability, RTG have designed a series of workshops that guide participants through insights that will help them appreciate the ethical challenges unique to the digital environment including privacy, confidentiality and data protection. If you feel your school needs some help please send me an email mgillies@rtg.com.au.