Edtech Strategies, "a boutique consultancy focused on providing strategic research and counsel on issues at the intersection of education, public policy, technology, and innovation" has published a report detailing the dismal state of America's state education agencies web-practices, where encrypted connections are hard to find and adtech trackers are everywhere.
The real headline finding is this: "Virtually every state and local education agency has partnered with online advertising companies" (a whole raft of them, not just Google Analytics) and "the vast majority of local education agency websites do not disclose the presence and nature of this ad tracking and user surveillance."
What's worse, when they do make these disclosures, they "often do so in misleading ways, including by making demonstrably false statements about their privacy practices."
Members of state boards of education and state education agency staff should:
Ensure their state education agency website is in compliance with all applicable federal and state laws and the terms of service of third-parties with whom they have partnered.
Re-evaluate the need for and use of propriety third-party ad trackers and online surveillance tools on their state agency website. If a need for the functionality provided by these tools is identified, assess whether there are more privacy-respecting options available.
Regularly evaluate the sufficiency of their agency's website security features (e.g., by using Observatory) – and implement a plan to improve them.
Develop and disseminate guidance on school websites to local education agencies on how they can comply with applicable laws and the terms of service of third-parties, including by setting expectations for minimum privacy and security features.
Education Agency Website Security and Privacy Practices [Doug Levin/Edtech Strategies]
School Websites are Bad, Just Not How You Think [Doug Levin/Edtech Strategies]
(Image: Surian Soosay, CC-BY)