Remote Learning Software Tracked Kids’ Data to Sell to Brokers

Remote Learning Software Tracked Kids’ Data to Sell to Brokers
Remote Learning Software Tracked Kids’ Data to Sell to Brokers

Two young girls sit at a dining room table working on their computers for remote learning during a lockdown.

Photo: Ethan Miller (Getty Images)

The kids are not alright, and tech companies know it thanks to the data they’ve been lapping up like mosquitos in a blood bank. Programs that students were using to learn from home during the worst days of the pandemic were also tracking their data and analyzing their habits, which was used to build profiles that could bombard kids with targeted ads.

An immense and detailed report released Tuesday by the nonprofit advocacy group Human Rights Watch says that in 49 countries it studied, 146 of the 164 “EdTech” products that governments sometimes recommended engaged in data harvesting or otherwise monitored children’s activities. These platforms used tracker technology that monitored their activities outside the classroom, often tracking their whereabouts, identifying their friends and family, and otherwise harvesting data that they sold to advertising companies.

The report, according to lead researcher Hye Jung Han, focused on apps or sites working on Google Android between, where researchers downloaded the products and created user accounts when necessary in order to track how their data was used.

The report notes that programs Zoom, Microsoft Teams, Google Meet and Cisco Webex were variously used for remote classwork by districts in California and Texas, despite them not being explicitly designed for children’s use. Some of those programs are known for tracking user data. Zoom has had its feet held to the coals over its planned face-reading AI tech for students.

But other programs were advertised for kid’s use. Texas used the website ST Math which HRW researchers said used key logging tracking technology to send childrens’ data to third party companies, including Facebook, Google, Twitter, and Shopify. Trackers were found not only on the site’s home page but on pages offering math games for pre-kindergarteners and first graders. The report further noted Texas districts used education programs like Schoology and Seesaw that embedded software development kits on students’ devices, which could be used to track data for the sake of advertising.

The Washington Post reported that the PowerSchool, which developed Schoology, denied it was tracking students, referencing the company’s privacy policy, though the company does use third party tools to show targeted ads.

Some researchers and teachers were blowing the data privacy whistle long before this report was released. Researchers quoted Texas Algebra teacher Abby Rufer who told them she was concerned that 60% to 70% of her schools’ students had a family member either deported by or were in the custody of U.S. Immigration and Customs Enforcement (ICE), making it an “unacceptable” and “dangerous situation to put these kids in.”

This isn’t nearly the first time companies have come under fire for harvesting data from users. Everyone from mammoth-sized companies like TikTok and Facebook to small developers like those who make Muslim prayer apps have proved they are not squeamish over tracking user data. But in EdTech’s case, HRW said their products pieced together data they got from children “to deduce each child’s characteristics, behaviors, and interests” for the sake of targeted advertising.

The advocacy group analyzed these products between March and August 2021, and the report’s authors acknowledged that the programs’ practices may have changed in the year since. Some companies denied they were tracking children’s data or claimed they were not intended for use by children. Some school districts defended using the products saying that the study included homepages for these products compared to the program pages that contained less trackers. Researchers rebutted that in order to access the programs, students first had to go through the homepages.

But Human Rights Watch put the onus on governments for promoting software to schools “that handled children’s personal data in ways that risked or infringed on their rights” by making use compulsory.

The report recommends governments conduct data privacy audits for the EdTech it endorsed, and force them to delete children’s data they collected during the months of remote learning during the pandemic. Companies, researchers said, should delete kids’ user data and restrict any data tracking on any pages accessed by students.