A group of metropolitan school districts are teaming up with nonprofit Common Sense Media to publicly rate more than 1,000 K-12 education apps based on how well they protect the privacy and safety of student data.
The new initiative is an extension of Graphite, an online guide that helps educators discover useful apps, games, and websites for the classroom. The new rating service represents an ambitious effort to help teachers, parents and students more readily distinguish between applications that handle student data safely on mobile devices or over the Internet versus those that capture user engagement data for commercial or other purposes.
“It’s an arduous task to see how data is used on software,” said Mike Lorion, education general manager of Common Sense Media, speaking at a Consortium for School Networking, or CoSN, conference in Atlanta Tuesday.
That task is made harder by the lack of national standards on student data privacy protection and the difficulty of making sense of disclosure terms buried in the fine print of software makers’ user agreements, Lorion said. “We know teachers can’t look at some of these terms and know whether they’re safe.”
The privacy rating initiative comes at a time when 138 student data privacy bills are pending in 39 states, he said. The lack of existing privacy standards and a common checklist for data privacy protections remains a big stumbling block for states and their schools, he said.
It also complicates efforts by school technology officials to reach contract agreements with education technology vendors, said Kecia Ray, executive director of learning technology for the Metropolitan Nashville School District.
“We were shocked at how some of the companies and ‘freemium’ vendors used student data. We can’t have that,” she said at a CoSN forum, explaining the strict privacy terms vendors must now agree to before their software can be used in Nashville schools.
Nevada lawmakers, meanwhile, are now weighing a data governance bill that spells out stricter requirements for education contracts involving the disclosure of personally identifiable information, said Jhone Ebert, chief innovation and productivity officer for the Clark County School District in Las Vegas.
But assessing how software companies and developers ultimately use or protect student data has been a challenge for school administrators.
Graphite hopes to make those answers more transparent by developing a data privacy and security rating system, using a combination of evaluations by participating school districts and self-reporting by software makers, Lorion said. Nashville and Clark County are among a pilot group of school districts helping to develop evaluation standards that will focus on privacy, security, social media safety, advertising and compliance with privacy laws.
A group of 20 software vendors, including Apple, Google, and Microsoft got an initial introduction to the initiative during a conference call March 13 hosted by the Software and Information Industry Association, Lorion said. But it’s typically smaller, independent vendors which “haven’t thought everything through” concerning data privacy that stand to benefit most from the rating system.
Lorion said school districts and developers will hammer out the standards and evaluation methods over the next few months, and the organization will begin evaluating as many as 1,000 software apps during the third and fourth quarters of 2015. The initial ratings are slated to be released publicly in the first quarter of 2016.