Privacy & Security Q&A

What Educators Need to Know About Ed-Tech Companies’ Data Privacy Policies

By Lauraine Langreo — February 01, 2023 4 min read
Low angle view of a blue padlock made to resemble a circuit board and placed on binary computer code background
  • Save to favorites
  • Print

Parents’ and educators’ concerns about data privacy have increased as K-12 districts rely more on digital tools for logistics, management, and teaching and learning.

The increased use of technology has opened doors for cyber criminals to infiltrate districts’ computer networks and access private student and staff data.

Now that cyberattacks are a daily threat for districts, it’s even more important that they ensure all their data is secure and that any new or existing digital tools they use have good privacy policies.

In a video call with Education Week, Kevin Lewis, the data privacy officer for nonprofit 1EdTech, outlines what district leaders should look for in a privacy policy.

This interview has been edited for brevity and clarity.

Kevin Lewis, data privacy officer for 1EdTech.

What are the most important features a privacy policy should have?

Companies should always include who they are. One of the biggest issues is not knowing who owns the application, because there’s always different parent companies and then there’s affiliates and subordinate companies that fall under that parent umbrella, so you never know who you’re really working with. A lot of times in the policy, they will mention they don’t sell or share their information with third parties, but they do share it with all of their affiliates. If you’re that person to want to go down that rabbit hole and research every single one of these companies, there’s a long rabbit hole you can go down and figure out ‘OK, my data is being openly shared with this company, this company, this company,’ and now you have to research all of them.

A privacy policy should also include definitions. In a lot of state regulations, even though we all have sort of the same basic elements, it’s the interpretations and the meaning of the different words and how they apply to different organizations that muddies it up.

What should district leaders look for when they review a privacy policy?

I would first start with what data is being collected. How is it being collected? District leaders need to know what type of controls the user has over that data, like data deletion requests or data retention requests. If districts ask an organization to delete the data, how long does it take to fulfill that request? District leaders also need to know how that data is being secured. Once an organization has collected the data, how are they securing it?

And who is that data being shared with? Districts should know who the third parties are. What data do third parties have access to? Are there any advertisements at all? Do districts have control to opt out of these advertisements? What do those advertisements look like?

See Also

Data security and privacy concept. Visualization of personal or business information safety.
iStock/Getty Images Plus

What concerns are you hearing from district leaders regarding privacy policies?

I would say their biggest challenge is just an overwhelming amount of requests [from teachers] or just having so many applications available. They have to monitor what’s happening on the district’s network, see what applications are being used, and keep that number small. A lot of these departments that vet these applications have maybe one or two people who wear multiple hats and do not have the time to give a policy a thorough and accurate review.

Do you have advice for how district leaders should tackle that challenge?

I would say they can be proactive. They should categorize different types of applications for all the subjects: math, art, science, whatever the category is. And then find five tools for each category that meet the district’s criteria. It should go through the curriculum department, as well as the educational technology or instructional technology department to vet those tools. Find five tools and stick with those five, making sure that the tools have everything that a teacher or student needs. When someone submits a request for another random application that does the exact same thing, you already have one in your back pocket that you can send to them or even have that as a list that they can readily access.

Another big challenge is teachers using free digital tools without looking into the privacy policies first. How do you deal with that?

I know we struggled with this in Houston [where I was an education technology specialist]. We found that the free web tools were being used more than the district-purchased tools. It’s really hard to get in front of that, because most schools have a process, and these processes are long, drawn-out flowcharts of what has to happen if a teacher needs a tool.

Teachers don’t have time to go through that process. Most of the time, if they see an application, they’re going to use it right then and there. If they are a teacher that follows the rules, they will send that tool off to someone in the department to vet it, and hopefully, it comes back in a timely manner—most of the time it does not. They need those tools almost immediately, so they’ll just go ahead and use them.

I haven’t seen a real solution for it yet, other than schools just blocking everything, which isn’t the answer. Blocking everything and slowly letting things in as they are requested, I think that’s the only solution that I’ve seen so far.

See Also

Illustration of numerous computer windows overlapping with creepy eyeballs inside the close, open, and minimize circles within the various window screens.
Daniel Hertzberg for Education Week


This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Reading & Literacy Webinar
Your Questions on the Science of Reading, Answered
Dive into the Science of Reading with K-12 leaders. Discover strategies, policy insights, and more in our webinar.
Content provided by Otus
Mathematics Live Online Discussion A Seat at the Table: Breaking the Cycle: How Districts are Turning around Dismal Math Scores
Math myth: Students just aren't good at it? Join us & learn how districts are boosting math scores.
This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Student Achievement Webinar
How To Tackle The Biggest Hurdles To Effective Tutoring
Learn how districts overcome the three biggest challenges to implementing high-impact tutoring with fidelity: time, talent, and funding.
Content provided by Saga Education

EdWeek Top School Jobs

Teacher Jobs
Search over ten thousand teaching jobs nationwide — elementary, middle, high school and more.
View Jobs
Principal Jobs
Find hundreds of jobs for principals, assistant principals, and other school leadership roles.
View Jobs
Administrator Jobs
Over a thousand district-level jobs: superintendents, directors, more.
View Jobs
Support Staff Jobs
Search thousands of jobs, from paraprofessionals to counselors and more.
View Jobs

Read Next

Privacy & Security Q&A Why One Tech Leader Prioritizes Explaining Student Data Privacy to Teachers
Jun Kim, the director of technology for an Oklahoma school district, helped build a statewide database of vetted learning platforms.
3 min read
Jun Kim, Director of Technology for Moore Public Schools, poses for a portrait outside the Center for Technology on Dec. 13, 2023 in Moore, Okla.
Jun Kim, is the director of technology for the Moore school district in Moore, Okla., He has made securing student data a priority for the district and the state.
Brett Deering for Education Week
Privacy & Security A Massive Data Leak Exposed School Lockdown Plans. What Districts Need to Know
More than 4 million records held by school safety software company Raptor Technologies were left inadvertently exposed online.
5 min read
Concept image of security breach, system hacked alert with red broken padlock icon showing vulnerable access.
Nicolas Herrbach/iStock/Getty
Privacy & Security As Cyberattacks Mount, Lawmakers Double Their Efforts to Protect Schools
But the legislative push is not matched by funds to build better cyber defenses.
2 min read
Conceptual illustration of computer with a pixelated lock on screen.
Nanzeeba Ibnat/iStock/Getty Images Plus
Privacy & Security 3 Superintendents Share Cybersecurity Best Practices
Cyberattacks cause major disruptions to learning, but school districts are still struggling to put in place effective protections.
3 min read
Image of a red glowing caution sign over a dark field of data.