Digital technology has taken on an increasingly prominent role in the education sector over the years, changing the way students learn and teachers teach. Today, both students and teachers have a wide range of innovative technologies at their disposal in the classroom, such as tablets, laptops, or virtual reality headsets, as well as all sorts of digital apps that help streamline various school-related processes and activities. According to a recent study, as many as 79 per cent of teachers now use technology in almost every lesson, which represents a 300 per cent increase compared to a decade ago. This is further reflected in the staggering growth of the ed-tech industry, which is expected to grow from 106 billion in 2021 to 378 billion in 2028.
Cyber attacks on the rise
There is no doubt that increased use of technology has transformed the educational experience for the better in many ways. However, it’s also made schools more vulnerable to cyber attacks, which have become increasingly common and sophisticated in recent years. A 2020 study conducted by Comparitech reveals that educational institutions in the United States experienced more than 1,300 data breaches since 2005, with more than 24.5 million records impacted. Understandably, the number of cybersecurity incidents only increased once schools switched to remote learning. In 2020 alone, a total of 408 school incidents were reported, an increase of 18 per cent compared to the previous year, according to the non-profit K-12 Cybersecurity Resource Center and the K12 Security Information Exchange (K12 SIX). The most common type of attack recorded during this period were data breaches and leaks, which accounted for 36 per cent of all incidents in 2020. Ransomware attacks were next on the list, accounting for 12 per cent of all incidents, followed by DoS attacks with 5 per cent and phishing with 2 per cent.
Part of the reason why schools have become such a tempting target for hackers is that they now store massive amounts of data, ranging from gradebooks to salary information. What complicates the matter even further is that schools often lack the funds to invest in proper cybersecurity measures and train students and staff how to recognise and deal with cyber attacks. The consequences of a cyber attack can be devastating for a school, ranging from a couple of days lost to severe financial losses that can reach millions of dollars. As schools increase their reliance on technology going forward and start to gather even more sensitive data from students, they will also have to address growing concerns about privacy and ethical use of technology.
Are self-harm monitoring technologies worth it?
The transition to remote learning may have ensured the continuity of education but it also had a very negative impact on students’ mental health. To address this issue and keep their students safe as they learn from home, many schools decided to implement self-harm monitoring systems, which monitor students’ online activity to identify those who may be at a higher risk of self-harm or suicide. Once they identify at-risk students, these systems send alerts to school officials and may even notify law enforcement agencies in certain cases. While the intention behind the implementation of this technology was certainly good, there are a number of concerns related to the use of self-harm monitoring systems in schools.
No matter how sophisticated they are, their ability to understand context is still rather limited, which can result in a large number of mistakenly flagged students. There is also the risk that schools will start to disproportionately rely on such systems and neglect to develop a robust support strategy that would include other forms of mental health support as well. Without other support in place, self-harm monitoring systems could end up doing more harm than good by inaccurately flagging students or having them exposed to excess scrutiny or unfair treatment. They could also violate a student’s privacy by revealing their sensitive personal information, such as their gender identity, sexual orientation, religious beliefs, or mental health details, or sharing them with social services or law enforcement agencies. As a result, even those students who are experiencing mental health issues may be reluctant to seek help for fear of being reported. To prevent this from happening, schools need to make sure to develop a comprehensive mental health response plan and take the necessary steps to protect student information before they actually introduce self-harm monitoring systems into the school environment.
Facial recognition technology streamlines lunch payments
In Scotland, several schools located in the North Ayrshire region recently announced that they had implemented a facial recognition system developed by CRB Cunninghams, which would enable students to pay for their lunches using their faces. In addition to significantly accelerating the transactions and reducing queues at lunchtime, the system would also provide a more hygienic alternative to card payments and fingerprints. “It’s the fastest way of recognising someone at the till,” explains David Swanston, the managing director of CRB Cunninghams. “In a secondary school you have about a 25-minute period to serve potentially 1,000 pupils. So we need fast throughput at the point of sale.”
However, the announcement was met with a fair degree of opposition, with numerous parents and campaigners voicing their concerns regarding student privacy. “No child should have to go through border style identity checks just to get a school meal,” says Silkie Carlo, the head of civil liberties campaign group Big Brother Watch. “We are supposed to live in a democracy, not a security state. This is highly sensitive, personal data that children should be taught to protect, not to give away on a whim.” The North Ayrshire council dismissed the concerns, saying that 97 per cent of children or their parents have already given their consent to the use of facial recognition technology. This, however, didn’t do much to persuade the campaigners. “Facial recognition technology typically suffers from inaccuracy, particularly for females and people of colour, and we’re extremely concerned about how this invasive and discriminatory system will impact children,” adds Carlo.
Police given access to confidential student data
Recent events have shown that the privacy concerns outlined above were not entirely unwarranted. The Tampa Bay Times recently stirred a great deal of controversy when their investigation revealed that the Pasco County School District shared some confidential student data, including grades, attendance, and disciplinary records, with the county sheriff’s department. To make matters worse, the sheriff’s department then reportedly used the data to make a list of students who could go on to become future criminals. This prompted the US representative Robert C. Scott to call on the federal government to review the arrangement and determine whether the school district violated any privacy laws by doing so. “Evidence shows that schools disproportionately suspend or expel Black and Latino students more frequently than their white peers for similar offences,” says Scott, who leads the House Committee on Education and Labor. “Therefore, any law enforcement system that uses school discipline data to identify children as potential criminals would not only be illegal, but also racially biassed.”
While the school district denied allegations outlined in the report, they failed to discuss specifics or provide evidence to the contrary. Similarly, the sheriff’s department denied that the programme is used to designate children as potential criminals, although they admitted that some of their deputies do have access to student grades. Following the announcement, a group of local, state and national organisations formed a coalition to ask the school district to stop sharing confidential information with law enforcement. “Especially because the research that’s listed in the Pasco County sheriff’s manual includes risk factors such as antisocial parents and siblings, socioeconomically deprived. This is a series of risk factors that could apply to a number of students that are never going to commit a crime,” says Amelia Vance, who is with the nonprofit Future of Privacy Forum. “To take all of those students, label them at-risk and then have that information shared with law enforcement is just a recipe for stigmatisation of those students and pushing them further towards that school-to-prison pipeline.”
How schools can protect themselves
Unfortunately, it’s impossible to completely eliminate the risks associated with increased use of technology in the classroom. “It is a bit of a cat-and-mouse game, meaning that as people learn how to protect themselves from attacks, the bad actors change their tactics and get more sophisticated,” explains Doug Levin, the national director of K12 SIX and one of the top cybersecurity experts in the US. There are, however, certain steps educational institutions can take to minimise those risks. By conducting a thorough risk assessment, for instance, schools will get a much better idea of what they have and how valuable it might be for potential attackers. They should also develop a robust technology and communications strategy that will outline a proper response to different types of cyber attacks. They also need to make sure to back everything up and keep all of the software they use updated at all times. Another good idea is to implement multi-factor authentication, which will add an additional authentication layer and make it more difficult for hackers to gain access to their systems.
Just as importantly, schools need to foster a culture of cyber hygiene and teach both students and staff about the responsible use of digital tools and how to protect themselves online. They need to be able to recognise different types of attacks and notify their IT departments as soon as they detect any suspicious activity. “You can invest billions of dollars in all of the highest-level, most sophisticated firewalls and detection mechanisms. And invariably, a phishing email is going to get through,” says Rod Russeau, the director of technology and information services for Community High School District 99. “And if a staff member doesn’t recognise it, and opens the attachment or clicks on the link, all of a sudden you’ve got someone in the payroll department sending copies of everyone’s W-2 to someone they think is the superintendent but isn’t.”
Our classrooms have become increasingly connected over the years. While the increased use of technology in the classroom provides students and teachers alike with a wide range of benefits, it also raises numerous privacy and ethical concerns. How much student data is being collected? How is it stored? Who has access to it? How can we keep it safe? These are just some of the questions that need to be answered for us to be able to take full advantage of what digital technology can offer and transform the educational experience for everyone involved.