社区黑料

Vast student data collection by education technology companies and school districts could put children at risk, the Federal Bureau of Investigation said Thursday in a public service announcement. Following several high-profile cyber attacks, the memo offered steps families can take to protect their children鈥檚 online information.

鈥淢alicious use of this sensitive data could result in social engineering, bullying, tracking, identity theft, or other means for targeting children,鈥� .

Student privacy groups cheered the FBI鈥檚 release but added that Congress should take steps to update federal student privacy laws they described as antiquated.

The memo highlighted that targeted school districts across the country and used education data to send students death threats. Hackers also to school districts, demanding money in exchange for not releasing student information. In separate episodes, the FBI memo noted that two large education technology companies faced cybersecurity issues in 2017. One company exposed student data by storing it on a public-facing server, and another faced a data breach in which student information was later 鈥減osted for sale on the dark web.鈥�

Although the FBI memo didn鈥檛 specify the education technology companies by name, it likely referred to Edmodo and Schoolzilla. Last year, hackers stole 77 million user accounts from Edmodo and sold the data to a 鈥渄ark web鈥� marketplace. Meanwhile, a security researcher found that Schoolzilla , exposing data on an estimated 1.3 million children.

A range of school technology, from laptops to surveillance cameras, could expose students to cybersecurity threats. To address the risk, the law enforcement agency said parents should conduct credit and identity theft checks to ensure student data aren鈥檛 being used fraudulently. Parents should also perform regular web searches of student information to ensure it hasn鈥檛 been exposed online. Student data at risk of exposure include personally identifiable information, disciplinary records, medical records, web browsing history, and classroom activities, among other information, the FBI said.

The Future of Privacy Forum, a Washington-based think tank, in a blog post Thursday but said school districts often lack financial resources to adequately address such concerns. The group said policymakers need to invest more in security programs that protect student data. To address student privacy, since 2013 to better protect information, according to a Future of Privacy Forum tally.

Rachael Stickland, co-founder and co-chair of the Parent Coalition for Student Privacy, said in an interview with 社区黑料 that the FBI memo highlights a need for Congress to update federal student privacy laws. She said the memo offers crucial visibility to the issue as schools increasingly are adopting services offered by education technology companies at a time when 鈥渁ntiquated laws鈥� don鈥檛 outline what student information districts can share with third-party vendors. A patchwork of state laws is inadequate, she said. The Family Educational Rights and Privacy Act, the main federal law safeguarding student data privacy, should be updated, she said, to address how districts can share data with education technology companies.

鈥淲hat we need is a comprehensive approach at the federal level to address these outdated federal laws,鈥� she said. 鈥淲e really need these modernized to address not only the cybersecurity threats but also the potential misuse of this data.鈥�

Did you use this article in your work?

We鈥檇 love to hear how 社区黑料鈥檚 reporting is helping educators, researchers, and policymakers.