Privacy & Security Q&A

What Educators Need to Know About Ed-Tech Companies’ Data Privacy Policies

By Lauraine Langreo — February 01, 2023 4 min read
Low angle view of a blue padlock made to resemble a circuit board and placed on binary computer code background
  • Save to favorites
  • Print

Parents’ and educators’ concerns about data privacy have increased as K-12 districts rely more on digital tools for logistics, management, and teaching and learning.

The increased use of technology has opened doors for cyber criminals to infiltrate districts’ computer networks and access private student and staff data.

Now that cyberattacks are a daily threat for districts, it’s even more important that they ensure all their data is secure and that any new or existing digital tools they use have good privacy policies.

In a video call with Education Week, Kevin Lewis, the data privacy officer for nonprofit 1EdTech, outlines what district leaders should look for in a privacy policy.

This interview has been edited for brevity and clarity.

Kevin Lewis, data privacy officer for 1EdTech.

What are the most important features a privacy policy should have?

Companies should always include who they are. One of the biggest issues is not knowing who owns the application, because there’s always different parent companies and then there’s affiliates and subordinate companies that fall under that parent umbrella, so you never know who you’re really working with. A lot of times in the policy, they will mention they don’t sell or share their information with third parties, but they do share it with all of their affiliates. If you’re that person to want to go down that rabbit hole and research every single one of these companies, there’s a long rabbit hole you can go down and figure out ‘OK, my data is being openly shared with this company, this company, this company,’ and now you have to research all of them.

A privacy policy should also include definitions. In a lot of state regulations, even though we all have sort of the same basic elements, it’s the interpretations and the meaning of the different words and how they apply to different organizations that muddies it up.

What should district leaders look for when they review a privacy policy?

I would first start with what data is being collected. How is it being collected? District leaders need to know what type of controls the user has over that data, like data deletion requests or data retention requests. If districts ask an organization to delete the data, how long does it take to fulfill that request? District leaders also need to know how that data is being secured. Once an organization has collected the data, how are they securing it?

And who is that data being shared with? Districts should know who the third parties are. What data do third parties have access to? Are there any advertisements at all? Do districts have control to opt out of these advertisements? What do those advertisements look like?

See Also

Data security and privacy concept. Visualization of personal or business information safety.
iStock/Getty Images Plus

What concerns are you hearing from district leaders regarding privacy policies?

I would say their biggest challenge is just an overwhelming amount of requests [from teachers] or just having so many applications available. They have to monitor what’s happening on the district’s network, see what applications are being used, and keep that number small. A lot of these departments that vet these applications have maybe one or two people who wear multiple hats and do not have the time to give a policy a thorough and accurate review.

Do you have advice for how district leaders should tackle that challenge?

I would say they can be proactive. They should categorize different types of applications for all the subjects: math, art, science, whatever the category is. And then find five tools for each category that meet the district’s criteria. It should go through the curriculum department, as well as the educational technology or instructional technology department to vet those tools. Find five tools and stick with those five, making sure that the tools have everything that a teacher or student needs. When someone submits a request for another random application that does the exact same thing, you already have one in your back pocket that you can send to them or even have that as a list that they can readily access.

Another big challenge is teachers using free digital tools without looking into the privacy policies first. How do you deal with that?

I know we struggled with this in Houston [where I was an education technology specialist]. We found that the free web tools were being used more than the district-purchased tools. It’s really hard to get in front of that, because most schools have a process, and these processes are long, drawn-out flowcharts of what has to happen if a teacher needs a tool.

Teachers don’t have time to go through that process. Most of the time, if they see an application, they’re going to use it right then and there. If they are a teacher that follows the rules, they will send that tool off to someone in the department to vet it, and hopefully, it comes back in a timely manner—most of the time it does not. They need those tools almost immediately, so they’ll just go ahead and use them.

I haven’t seen a real solution for it yet, other than schools just blocking everything, which isn’t the answer. Blocking everything and slowly letting things in as they are requested, I think that’s the only solution that I’ve seen so far.

See Also

Illustration of numerous computer windows overlapping with creepy eyeballs inside the close, open, and minimize circles within the various window screens.
Daniel Hertzberg for Education Week


This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Reimagining Grading in K-12 Schools: A Conversation on the Value of Standards-Based Grading
Hear from K-12 educational leaders and explore standards-based grading benefits and implementation strategies and challenges
Content provided by Otus
Reading & Literacy Webinar How Background Knowledge Fits Into the ‘Science of Reading’ 
Join our webinar to learn research-backed strategies for enhancing reading comprehension and building cultural responsiveness in the classroom.
This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Assessment Webinar
Innovative Strategies for Data & Assessments
Join our webinar to learn strategies for actionable instruction using assessment & analysis.
Content provided by Edulastic

EdWeek Top School Jobs

Teacher Jobs
Search over ten thousand teaching jobs nationwide — elementary, middle, high school and more.
View Jobs
Principal Jobs
Find hundreds of jobs for principals, assistant principals, and other school leadership roles.
View Jobs
Administrator Jobs
Over a thousand district-level jobs: superintendents, directors, more.
View Jobs
Support Staff Jobs
Search thousands of jobs, from paraprofessionals to counselors and more.
View Jobs

Read Next

Privacy & Security It Takes an Entire District to Prevent a Cyberattack: 5 Tips
One of the biggest challenges in making cybersecurity policies work is getting everyone engaged.
3 min read
underground cyber security hologram with digital shield 3D rendering
iStock/Getty Images
Privacy & Security Four Countries Want Students to Help Their Schools Fight Cyber Threats
Australia, India, Japan, and the United States are teaming up to shine a spotlight on cybersecurity.
1 min read
Gloved hand reaching into a laptop screen hacking someone's account.
iStock/Getty Images Plus
Privacy & Security 3 Ways Schools Can Reduce Cybersecurity Risks
A new federal report outlines steps schools can take to protect against cybersecurity threats.
4 min read
Illustration of Internet network data computer laptop security shield and lock symbol.
DigitalVision Vectors/Getty
Privacy & Security Most Teachers Think Cyberattacks Won't Affect Schools. District Leaders Disagree
Teachers and district leaders perceive cybersecurity vulnerabilities differently, according to a survey.
3 min read
Illustration of cloud computing and lock.
iStock / Getty Images Plus