Montgomery MD parents ask, is our children’s privacy safe when they use Google classroom?

Many districts are now using Google classroom and Chromebooks for remote instruction while schools are closed.  Below is a sample letter for Montgomery County (MD) Safe Tech Subcommittee of MCCPTA’s Health and Safety Committee, that they are encouraging parents  to send to their district to ensure their children’s privacy while using this program.

As MCPS diligently works on distribution of Chromebooks for remote learning should school be closed longer than two weeks, I, along with the MCCPTA Safe Technology subcommittee, urge MCPS to take important precautions to protect our children’s personally identifying information as part of the roll-out. Here’s why:

As you know, we’ve been trying for over half a year to secure verification from Google that our student’s data has been deleted in accordance with the Data Deletion Day policy we worked with MCPS to develop. Without any visibility into the contracts between MCPS and Google, we have no idea what Google’s obligations are with regard to our student’s data: whether, how, and when they share and use this data.

Further, the New Mexico Attorney General’s Office filed a lawsuit against Google for deceptive trade practices in terms of how it collects, shares and uses student’s personal data. The suit alleges that “children are being monitored by one of the largest data mining companies in the world [Google], at school, at home, on mobile devices, without their knowledge and without the permission of their parents.” The New Mexico AG finds that once Google accumulates student data, it shares it across all of its business segments “for its own commercial purposes” despite having promised to use it only for educational purposes.

Up until last week, kids currently only used Chromebooks in school for limited periods of time, thus exposing only a limited amount of information to Google. Once we allow students to use Chromebooks at home, they’re likely to use them for school work for exponentially more time — given social distancing, no teacher oversight, etc. This will turn the small spigot of information that currently flows to Google into a virtual fire hose.

Prior to rolling out the Chromebooks for home-based learning, MCPS must require a written promise from Google stating that they segregate student usage information from all of their other lines of business; do not share, or otherwise utilize this data for any other purpose other than to provide the educational services; will delete all student data collected during this national crisis at the end of the current school year.

Google is required to protect our children’s data under their current contract with MCPS. They would be negligent to deny this request, and ‘crisis capitalists,’ as well.

We look forward to working with you on this. As you know, my experience in the cybersecurity arena is long and deep. I have additional experience as a first responder and know the value of being prepared and staying ahead of potential damage and threats to communities. I feel strongly that we do this now, and offer my continued assistance.

Sincerely, [sign here]