What is the effect of training kids to submit to surveillance all day? China does it—and then uses the surveillance to social credit score citizens and limit freedom. What is the psychological impact on kids from cameras in classrooms? Will it inhibit kids from asking questions to learn or increase anxiety?
The motivations and interest in classroom cameras are understandable but in short: it is a CAN OF WORMS and a SLIPPERLY SLOPE that drags along unintended consequences.
1/ FERPA is an outdated federal law “protecting” student privacy. It was weakened (not strengthened) many years ago. Schools can now designate vendors as “school officials” and then share your kids’ data with those vendors and they can do it without parental consent.
2/ FERPA is supposed to protect privacy, but IMO it doesn’t work well at all. There are serious student data privacy issues with EdTech and surveillance that continue to go unaddressed by school districts and legislators around the country, including Florida.
3/ Despite Florida’s Parental Rights Law, data we don’t want collected will still be collected even though it really serves no educational purpose.
4/ If cameras in classrooms were allowed under Florida statutes via HB1055, and school districts went on to approve implementation: would cameras actually be implemented according to the limited protections in the bill?
5/ The surveillance proposal, HB1055, requires in class audio recordings, BUT last year Florida passed a Parental Rights Law that states: “The right to consent in writing before the state or any of its political subdivisions makes a video or voice recording of his or her minor child”.
It appears that HB1055 is proposing to remove that parental right to consent!
HB1055 proposes: “Each video camera…must be…capable of all of the following: 1. Visually monitoring and recording all areas of the classroom. 2. Recording audio from all areas of the classroom.”
6/ Even if an opt-in or opt-out of surveillance did exist, will the school district ask? If they ask, how are they going to implement an opt-out for just a subset of children in every class and elective?
7/ The Parental Rights Law passed last year states parents have “The right to consent in writing before a biometric scan of his or her minor child is made, shared, or stored.”
As well, Florida Statute 1002.222 states: Schools may not “Collect, obtain, or retain information on the…biometric information of a student…Examples of biometric information include…a fingerprint or hand scan, a retina or iris scan, a voice print, or a facial geometry scan [facial recognition].”
8/ How do legislators expect school districts to “Conceal the identity of any student who appears in a video recording, but is not involved in the alleged incident…” without facial geometry scanning (facial recognition) or voice prints?!! How are they doing this now on their existing cameras?
9/ Our Florida district can’t or won’t give parents: vendor data dictionaries (list of data collected), metadata that vendors have collected on children, or a list of the vendors who have received or collected data on the students. Does the district not know what data is collected?
10/ Under FERPA, school districts must be in direct control of the vendor (school official) with respect to maintenance and use of student data: but are they?
11/ FERPA creates limitations; there is a limit to what school officials can do with data and what data they access. Yet, if school districts don’t know what is collected or everything vendor software and algorithms do then how can the district ensure the limitation is enforced?
How does the school district know a vendor isn’t running facial recognition or training AI using camera footage if they don’t maintain direct control of data or don’t know what is collected or created by a vendor? Who would ever know?
13/ Classroom camera footage is probably not going to an offline server in the front office. It will likely be transmitted and stored in the BIGTECH cloud online. This would mean your school district is sharing that footage of your child with third parties.
14/ When a vendor says data is not 100% secure, could that also mean 80% secure, or 50%, or 25%?
16/ Who inspects vendor hardware and software for vulnerabilities that might open the door to unapproved access or leaking of footage? Who inspects the transmission of data to ensure it is only going where it is supposed to go and that it is encrypted as advertised?
17/ Are those cameras manufactured in the U.S. or China? Federal law banned Chinese cameras in U.S. government for a reason.
Why isn’t this kind of attention focused on protecting the privacy of our children in schools from companies, government, and foreign countries?
18/ Who controls the data shared with and collected by third party companies under FERPA? The school district is supposed to have direct control, but do they really? Again, our district can’t/won’t tell us all specific data collected by these third party companies.
19/ Who oversees what student data is shared with a vendor’s (“school official”) partners? If companies use partners (other companies) for performing some of their functions, then when the data goes to a vendor (or “school official”) is it really being shared with many vendors?
20/ Under FERPA, would parents actually be able to get access to the camera footage, or will it be a battle to obtain if schools use FERPA to block access to footage? Either way you lose privacy and the possibility is that no benefit materializes but plenty of unintended consequences could arise.
21/ Dangers: Hacking, leaking, tracking, dossier creation, use of incorrect data in dossiers that you cannot see (ahem: district refuses to hand it ALL over) that could damage college or career opportunities, data used against students maliciously (FBI EdTech warning),…
So, could camera footage be used against students in unexpected ways?
22/ Do vendors sell the data: Eh, no? But most policies I have read indicate the company can transfer the data in a merger or acquisition. Is this what happened when Chinese NetDragon bought the EdTech company Edmodo that held data on U.S. schoolchildren? Might that be a national security issue?
23/ The education sector is a common target for cyberattacks due to the prolific amount of data stored on children. One big company reportedly boasted about how much data they hold on students. Some companies might use anonymized data for training their Artificial Intelligence (AI).
24/ Are companies able to effectively “anonymize” data? Does anyone contact you when the data (anonymized or not) is researched, used in analytics, or artificial intelligence?
What if anonymized data can be re-identified? Some say it is hard to truly anonymize data; so how well are companies performing this task? How would you know?
25/ BOTTOMLINE: If they are collecting student data and storing it online, there are risks. Just do some searches on the ransomware that has targeted schools. Florida Virtual Schools reportedly leaked student data years ago.
26/ Yes, there are more issues: proper configuration of the cameras, maintenance of firmware and thus ongoing security, and data retention policies: SPECIFIC maximum periods that data can be held (not just minimums) so data isn’t held indefinitely.
27/ Does anyone at the school district verify data retention policies are carried out on an ongoing basis? Do you trust your school district to validate that data was deleted? Are they permitted access to vendor servers/backups to validate data was deleted? Do you trust the vendor?
Was data properly deleted? Does the school district know all locations where the data is stored, distributed, backed up, and archived for every vendor? How do districts verify if all copies held by vendors were deleted and what do school districts define as “deleted” – is it wiped or just deleted?
Lifewire explains: “when you delete something…you don’t remove it from existence, you just hide it from yourself. The actual data that makes up whatever you deleted is still there,…”
HB1055 instructs the data “shall be deleted or otherwise made unretrievable”. Why “shall” instead of “must” and why the use of OR? How does the statute define “deleted”? Does this language mean there is an obligation to completely eliminate the data from all electronic storage locations?
28/ What if the child just doesn’t want to be surveilled all day? Do they have to give up their constitutional right to privacy in order to receive a public education?
29/ Kids cannot pick another public school system; will schools have surveilled and unsurveilled classrooms? How will that work with teacher shortages? A student cannot change schools—they have one school system to pick from…unless their parents move. Kind of like how people are leaving California for Florida.
30/ Lastly: PRIVACY is a human right and essential to FREEDOM.
After all this, it sure seems easier and safer to just stop collecting so much data. So, why are they collecting so much data?