The Finnish system is built on Trust and a non-competitive philosophy, while that of the US et al, is based on doubt using a competitive, commercial/corporate, model. Doubt is rebadged as 'Accountability', but 'Accountability' isn't needed if you trust your highly Educated Teachers to do their job. According the the former Director-General of Finnish Education, Accountability is part of an 'infection' afflicting the US-UK Educational paradigm.
Data-driven Education is only needed when Administrators and not Teachers are controlling the Education. This only happens when the Teachers can't be trusted. Data is simply an abstraction of what is right in front of the Teacher. As a Teacher myself, I don't need data in an App to tell me which student is doing poorly and which is not.
But data is required and hopefully this new App will make meeting that requirement as quick and easy as possible, so that more time can actually be devoted to teaching.
I had a fight awhile back with my kids school over Gmail and Google Drive. Students were creating accounts (as directed by teachers) to use without even asking parents permission. Last thing I want is my kids to start getting data mined from grade school. Even worse, some kids had their account for years and were using it as their actual personal account and using their real names (or partial real names). Way to get the kids early, Google.
After much complaining and discussions with other parents and the school they changed their policy. They still use Gmail and Google Drive, but now the teachers have a set of Gmail accounts for each class, with a unique Gmail ID to identify the class/teacher. Student Gmail accounts are the master teacher ID plus a two digit number.
So for my daughter the teacher Gmail account might be: SchoolNameTeacherName@gmail.com and my daughters Gmail account would be: SchoolNameTeacherName_06@gmail.com. At the end of the year the contents of each account are deleted and next year a different student would end up with the the same gmail account my daughter had.
The student accounts have restrictions on them so they can only send/receive to other students in the same class or their teacher. This way they don't use school accounts for personal stuff. Funny thing is on Googles own page about restrictions they use this example of students/faculty. Schools are just too lazy, it seems, to think before implementing.
Would you mind telling me what school district/city you're in? PM me, if you'd rather not post publicly.
I'm very much interested in these issues, and am active in our city/district, pushing for policy decisions like this. So often, people are attracted to shiny objects like this without considering the full ramifications; in this case, the fact that our children are being relentlessly data mined behind the scenes. Here's a great article for anyone who has kids: Politico: Data Mining Your Children
The policy you describe above is clearly much better than not using any safeguards at all. That said, if the kids access their classroom emails from home, they are pretty much identified and tracked by google anyway. Data mining and tracking tools are very, very good these days. Cookies are not required (though they make things very easy), and even if you have multiple people in the same house using a single computer, much of that can be filtered as well, to identify, track and mine the (statistically likely) different users. I'm a little surprised that districts are getting away with signing up kids for services like this. There are weak links in COPPA, but schools/districts are not supposed to be able to sign up kids for online services with companies that mine kids' data. Or if they do, it often requires special contracts and/or different levels of service/access.
Would you mind telling me what school district/city you're in? PM me, if you'd rather not post publicly.
I'm very much interested in these issues, and am active in our city/district, pushing for policy decisions like this. So often, people are attracted to shiny objects like this without considering the full ramifications; in this case, the fact that our children are being relentlessly data mined behind the scenes. Here's a great article for anyone who has kids: Politico: Data Mining Your Children
The policy you describe above is clearly much better than not using any safeguards at all. That said, if the kids access their classroom emails from home, they are pretty much identified and tracked by google anyway.
Google doesn't knowingly collect data on nor market to children under 13. Neither their published privacy policy nor Federal law permit it. Period. In fact Google does not even permit children under 13 to have their own Gmail accounts. They would have to lie about their age to get one and if Google becomes aware of it the account will be locked and/or deleted anyway.
Google doesn't knowingly collect data on nor market to children under 13. Neither their published privacy policy nor Federal law permit it. Period. In fact Google does not even permit children under 13 to have their own Gmail accounts. They would have to lie about their age to get one and if Google becomes aware of it the account will be locked and/or deleted anyway.
I understand the rules and the laws very well. They do not reflect the current real world scenarios.
1) It's trivial for kids to lie about their age and create gmail accounts. If you know any middle schoolers, just go sit in a room full of them and ask how many 6th/7th graders use gmail. I guarantee that in most groups you'll find >50%, and it's high even among older elementary students. Kids have no clue about what they're opting into. Hell, most adults don't, you can read the recent U-Penn research on that.
2) It used to be that google/fb trolled pretty seriously to find underage kids. My experience is that's not true anymore. Kids nowadays use gmail/yahoo/hotmail freely and without fear anymore that their accounts will be locked or deleted. I'm sure it happens around the edges in egregious cases, but not much anymore. FWIW, gmail is BY FAR the most widely used email by underage kids. In the groups I've spoken with, it's huge, like 10 to 1 over the competitors.
3) With the above in mind, and the fact that prior to EricTheHalfBee's actions, the teachers were directing the students to create their own accounts, this implies that this was not happening through AppsForEducation (which was very publicly busted a while back, for lying/misuse of data), or through any official district-level program. The teachers themselves were directing the students to do something against "the rules", causing google to unknowingly (in theory) collect data from underage kids. Google can (and does) look the other way, and probably is relatively safe from legal action, but while this behavior may be within the letter of the law, it's clearly not working within the spirit of the law. I put more of the blame on teachers/schools/districts in this case (they are grossly uninformed), but google (and many other small EduTech firms) have some culpability as well.
4) It's not just about under age 13. There's a lot of gray area in the 13-17 year old groups. They are not old enough to sign a legal contract, and yet, many schools and districts are forcing them to use tools and services like this that absolutely are used for data mining purposes once the kids are 13. What, as a society, are we going to do about this? Are people okay forcing KIDS into data mined services?
Apps for teachers, apps for parents, apps for students; these Apps we had listen about a lot, and these are in use.. what about if whole combination get in one, school, parent, teacher, and student communication app Schoola2z... but schools have to access as security is of high under this app which is free to download form - https://play.google.com/store/apps/details?id=com.schoola2zlive
I had a fight awhile back with my kids school over Gmail and Google Drive. Students were creating accounts (as directed by teachers) to use without even asking parents permission. Last thing I want is my kids to start getting data mined from grade school. Even worse, some kids had their account for years and were using it as their actual personal account and using their real names (or partial real names). Way to get the kids early, Google.
After much complaining and discussions with other parents and the school they changed their policy. They still use Gmail and Google Drive, but now the teachers have a set of Gmail accounts for each class, with a unique Gmail ID to identify the class/teacher. Student Gmail accounts are the master teacher ID plus a two digit number.
So for my daughter the teacher Gmail account might be: SchoolNameTeacherName@gmail.com and my daughters Gmail account would be: SchoolNameTeacherName_06@gmail.com. At the end of the year the contents of each account are deleted and next year a different student would end up with the the same gmail account my daughter had.
The student accounts have restrictions on them so they can only send/receive to other students in the same class or their teacher. This way they don't use school accounts for personal stuff. Funny thing is on Googles own page about restrictions they use this example of students/faculty. Schools are just too lazy, it seems, to think before implementing.
This is definitely the schools fault, Google even instructs the schools not to use the personal emails of their students but to set it up the way you described. When my daughter's school switched to ChromeBook's we were invited to a assembly in which such things were discussed in detail. Though they don't use the teachers actual name but an ID number like this, <schools_name>.<teachers_ID><student_number>@gmail.ch. The student number isn't linked to anyone student permanently, if there are 300 children at the school, each student gets a number between 1 - 300, that's their student ChromeBook ID for the year. Also the only emails that are allowed to be received or sent are only the ones containing the schools name. There are also no ads anywhere to be found on the system, including email and Google Search. Though to be fair I have never received a single ad in my friends and family Google email, which is only logical since I've never used it on anything but private mail. I have another Gmail account that's used solely for public sites, which is of course inundated with ads. So anyone complaining about ads in Gmail brought that mess on themselves, always separate private and public accounts.
This is definitely the schools fault, Google even instructs the schools not to use the personal emails of their students but to set it up the way you described.
Kinda-sorta. As alluded to above, recommendations, warnings, etc., are only effective when they're understood and adhered to. Like EricTheHalfBee, I pay a lot of attention to how this stuff works in practice. I've spent a LOT of time in schools and working with school district administration and officials, and the reality is that teachers, principals, and most administrators haven't got a clue, so they just direct students to do whatever seems the easiest.
When my daughter's school switched to ChromeBook's we were invited to a assembly in which such things were discussed in detail. Though they don't use the teachers actual name but an ID number like this, <schools_name>.<teachers_ID><student_number>@gmail.ch. The student number isn't linked to anyone student permanently, if there are 300 children at the school, each student gets a number between 1 - 300, that's their student ChromeBook ID for the year.
This seems like a good start for a plan like this (yes, really). Teachers and students do not use real names, and accounts change every year. Check.
But problems crop in because any data mining company worth their salt (and of course, google is VERY good at what they do) is able to marry disparate data together to identify individuals. It's not just a vague possibility, but rather, it's at the core of what they do. In other words, as soon as a child takes home their computer (unless that's not allowed), or signs into any other service from school, they are identified.
Before saying, "Oh, but Google would never do that, because they promised not to data mine the kids", remember how they got busted for lying about AppsForEducation some time back, which is aimed at schools/kids. Google is no saint, and these days they seem to be more about doing everything they can get away with, rather than being Good Guys. In fact, unless I've misinterpreted their AFE response, they never promised to stop gathering data, but only to stop displaying ads based on that intelligence -- until the kids reach the age of majority. That's really dangerous. I would love to be proven wrong on this, but I haven't seen anything to counter that yet. Data mining at all costs seems to be in their DNA now, and it's very sad because it didn't used to be that way in the early days.
Also the only emails that are allowed to be received or sent are only the ones containing the schools name.
That's only from the designated accounts, right? Are there mechanisms in place (not just procedural, but enforced, technical mechanisms) to prevent kids from using these laptops to sign into other personal gmail accounts? Or into facebook or instagram or any other service where the kids are likely to be identified? Some enforcement could be baked into the OS/builds (though easily overridden by smart kids, who will show/do it for others), and some rules can be semi-enforced by the school/district IT staff (though also usually pretty easy to proxy around, by smart kids).
If the chromebooks are allowed to go home with the kids, then all bets are off, and the kids are very likely individually identifiable.
There are also no ads anywhere to be found on the system, including email and Google Search. Though to be fair I have never received a single ad in my friends and family Google email, which is only logical since I've never used it on anything but private mail. I have another Gmail account that's used solely for public sites, which is of course inundated with ads. So anyone complaining about ads in Gmail brought that mess on themselves, always separate private and public accounts.
Ads are merely a distraction. There's nothing wrong with contextual ads, except that they annoy people. The real problem is the personal/individual data mining and analysis that happens behind the scenes.
BTW, I don't know if I welcomed you back after your time away. I hope things are going well, and it's great to have you back! :-)
But problems crop in because any data mining company worth their salt (and of course, google is VERY good at what they do) is able to marry disparate data together to identify individuals. It's not just a vague possibility, but rather, it's at the core of what they do. In other words, as soon as a child takes home their computer (unless that's not allowed), or signs into any other service from school, they are identified.
I posted something earlier today that probably applies here: I don't believe Google knows more about "you" than any other company, nor that they are as "evil" as you seem to think they are. ,While they may not be as harmless as I generally would like to believe (with exceptions I've noted before), they aren't doing anything business-wise more devious than arranging advertisements for companies large and small. If they do their job properly the ads may even be for things that you have an interest in, so not totally irritating to some folks. Is there something else they're doing that I'm not aware of?
You seldom if ever mention the players that truly do know "more than Google does" and whose business is NOT simple personalized ads. If you really want folks to be aware of the dangers of data mining why don't you ever mention companies like Acxiom, Corelogic, Datalogix, eBureau, ID Analytics, Intelius, PeekYou, Rapleaf, Recorded Future and others like them? They're data brokers, a far different business model that Google's ad-supported search business. Yes they actually exist to learn everything they possibly can about your onjm-line and off-line life and sell it to others who want what they know: Insurers, finance companies, "tax relief" providers, attorneys, funeral homes, weightloss companies, erectile dysfunction drug makers, etc. etc. If you think Google is evil I can't imagine what tag you'd give all these guys.
So what do they know about the very personal you that Google doesn't, and want to share it with whoever can pay the fee, again unlike Google? According to the FTC besides the simple Social Security number, name and address you'd expect they collect stuff like:
- consumer data from extensive online and offline sources, largely without consumers’ knowledge, ranging from consumer purchase data, social media activity, warranty registrations, magazine subscriptions, religious and political affiliations, and other details of consumers’ everyday lives.
-Consumer data often passes through multiple layers of data brokers sharing data with each other. In fact, seven of the nine data brokers in the Commission study had shared information with another data broker in the study.
-Data brokers combine online and offline data to market to consumers online.
-Data brokers combine and analyze data about consumers to make inferences about them, including potentially sensitive inferences such as those related to ethnicity, income, religion, political leanings, age, and health conditions. Potentially sensitive categories from the study are “Urban Scramble” and “Mobile Mixers,” both of which include a high concentration of Latinos and African-Americans with low incomes. The category “Rural Everlasting” includes single men and women over age 66 with “low educational attainment and low net worths.”
-Other potentially sensitive categories include health-related topics or conditions, such as pregnancy, diabetes, and high cholesterol.
-Many of the purposes for which data brokers collect and use data pose risks to consumers, such as unanticipated uses of the data. For example, a category like “Biker Enthusiasts” could be used to offer discounts on motorcycles to a consumer, but could also be used by an insurance provider as a sign of risky behavior.
Read thru it then tell us that Google is the one we should be focused on. While we should absolutely hold Google's feet to the fire when they stray there are far more dangerous companies out there that you don't talk about.
The companies you mention are indeed slime. There should be laws to prevent what many of them do on a daily basis as their core business. There aren't. Yet.
But oddly enough, the discussion above was very specifically about using Google tools in schools. Why would I care to bring up a very different group of companies in this context? You went seriously off-topic this time with the misdirection effort! ;-)
I do bring up other companies, and often discuss in generalized terms like "any data mining company" (right in the above post!), but this was a very targeted discussion. Also note that many of the activities listed above also feed into google's data mining as well, some directly, some indirectly.
Anyway, lots of text above, but you didn't come to g's rescue as far as their AFE response. I figure if anyone knows better about this it would be you, and seriously, I'd love to be corrected on this part if I'm wrong. I'll re-paste it here:
In fact, unless I've misinterpreted their AFE response, they never promised to stop gathering data ((on kids)), but only to stop displaying ads based on that intelligence -- until the kids reach the age of majority. That's really dangerous. I would love to be proven wrong on this, but I haven't seen anything to counter that yet.
Here's the real reason I tend to harp on Google more than the shadowy data brokers: consumer sentiment. Most people don't have a lot of insights into data brokers. Those that do, probably already think very poorly of them, and yet, it's very, very difficult to keep them out of your personal business, even with active effort. On the other hand, millions of people willingly feed massive amounts of data straight into google's mouth every minute of every day (along with facebook and others) -- because somehow they feel like google isn't dangerous. That's just not true. NO company can own this much personal data without being dangerous. It's not about Google, it's about all that data sitting in one place.
Anyway, lots of text above, but you didn't come to g's rescue as far as their AFE response. I figure if anyone knows better about this it would be you, and seriously, I'd love to be corrected on this part if I'm wrong. I'll re-paste it here:
isn't dangerous. That's just not true. NO company can own this much personal data without being dangerous. It's not about Google, it's about all that data sitting in one place.
I've looked thru the current pertinent privacy statements and policies for Google Apps for Education and found this:
"COPPA applies to commercial companies and limits their ability to collect personal information from children under 13. By default, Google advertising is turned off for Apps for Education users. No personal student information is collected for commercial purposes. This permission form allows the school to act as an agent for parents in the collection of information within the school context. The school’s use of student information is solely for education purposes."
Every school's current permission page is using the same Google-mandated wording as far as I can see, and I looked at a dozen more or less, tho some add an explanation of what info the school itself is collecting.
I am all for Apple technology in schools but I have seen it first hand being used so ineffectively it hurts. To improve education however, technology is just a tiny piece of the puzzle. It is interesting to look at how Finland runs their school system and the results they achieve. Finland's school system has consistently ranked at the very top internationally. Some interesting facts:
Finnish children don't start school until they are 7.
Compared with other systems, they rarely take exams or do homework until they are well into their teens.
The children are not measured at all for the first six years of their education.
There is only one mandatory standardized test in Finland, taken when children are 16.
All children, clever or not, are taught in the same classrooms.
Finland spends around 30 percent less per student than the United States.
30 percent of children receive extra help during their first nine years of school.
66 percent of students go to college. The highest rate in Europe.
The difference between weakest and strongest students is the smallest in the World.
Science classes are capped at 16 students so that they may perform practical experiments every class.
93 percent of Finns graduate from high school. 17.5 percent higher than the US.
43 percent of Finnish high-school students go to vocational schools.
Elementary school students get 75 minutes of recess a day versus an average of 27 minutes in the US.
Teachers only spend 4 hours a day in the classroom, and take 2 hours a week for "professional development".
Finland has the same amount of teachers as New York City, but far fewer students. 600,000 students compared to 1.1 million in NYC.
The school system is 100% state funded.
All teachers in Finland must have a masters degree, which is fully subsidized.
The national curriculum is only broad guidelines.
Teachers are selected from the top 10% of graduates.
In 2010, 6,600 applicants vied for 660 primary school training slots
The average starting salary for a Finnish teacher was $29,000 in 2008, compared with $36,000 in the United States. However, high school teachers with 15 years of experience make 102 percent of what other college graduates make. In the US, this figure is 62%.
There is no merit pay for teachers.
Teachers are effectively given the same status as doctors and lawyers
In an international standardized measurement in 2001, Finnish children came top or very close to the top for science, reading and mathematics. It's consistently come top or very near every time since.
Despite the differences between Finland and the US, it easily beats countries with a similar demographic. Neighbor Norway, of a similar size and featuring a similar homogeneous culture, follows the same same strategies as the USA and achieves similar rankings in international studies.
I've looked thru the current pertinent privacy statements and policies for Google Apps for Education and found this:
"COPPA applies to commercial companies and limits their ability to collect personal information from children under 13. By default, Google advertising is turned off for Apps for Education users. No personal student information is collected for commercial purposes. This permission form allows the school to act as an agent for parents in the collection of information within the school context. The school’s use of student information is solely for education purposes."
Every school's current permission page is using the same Google-mandated wording as far as I can see, and I looked at a dozen more or less, tho some add an explanation of what info the school itself is collecting.
Also I didn't mean to come off sounding so harsh.
No worries. The bit above was just so off-topic....! lol
So this is indeed similar verbiage to what I've seen since the AFE fallout. The problems with this are:
1) Turning off google advertising is immaterial. Turning it off, in fact, is a smart thing for google to do, because it's can (potentially) act as a great misdirection tool. Now parents, teachers, administrators look at the pages and say "Great! Google isn't being bad anymore, we won!" But the data can still be collected, which is the real problem.
2) "No personal student information is collected for commercial purposes. This is where the problem lies. How is that defined, and ultimately construed legally. The wording comes off as weaselly, and unfortunately, in today's world of online data collection, almost any time you see weaselly wording, there's a reason. Honestly, 15 years ago I would have trusted their intent, but not anymore. Not after how the entire AFE thing went down, and general poor behavior in recent years.
It's can be challenging, because some services pretty much require deep insights into information typed into or received by these accounts. If email access is allowed outside the individual classrooms/schools, then spam-prevention requires digging very carefully through email content. However, in this situation, I don't see why any of that is necessary.
If they were really, truly being transparent -- as they claim to be these days (and as they are, when it serves their purposes), they could spell out details in that paragraph. As it stands, that wording provides them the capability, from the legal discussions I've had with people, to continue to collect data from all kids, both under 13 and 13-18, and when kids are old enough, they can marry that data together with everything else to add very powerful insights into these individuals. I don't have proof that this is happening, and my google contacts don't have the ability to confirm or deny, but even they are suspicious of email.
The biggest problem with this is that for the most part people (adults) have the choice to use or not use google's services. Well, this could actually be debated, but let's assume that for the moment. This is completely untrue, when schools require students to use google tools. The kids have no choice, and that's terribly, terribly wrong.
No worries. The bit above was just so off-topic....! lol
So this is indeed similar verbiage to what I've seen since the AFE fallout. The problems with this are:
1) Turning off google advertising is immaterial. Turning it off, in fact, is a smart thing for google to do, because it's can (potentially) act as a great misdirection tool. Now parents, teachers, administrators look at the pages and say "Great! Google isn't being bad anymore, we won!" But the data can still be collected, which is the real problem.
2) "No personal student information is collected for commercial purposes. This is where the problem lies. How is that defined, and ultimately construed legally. The wording comes off as weaselly, and unfortunately, in today's world of online data collection, almost any time you see weaselly wording, there's a reason. Honestly, 15 years ago I would have trusted their intent, but not anymore. Not after how the entire AFE thing went down, and general poor behavior in recent years
That's not the way I read it. Any personal information logged is for educational purposes only and being done by the school. Am I reading that wrong?
That's not the way I read it. Any personal information logged is for educational purposes only and being done by the school. Am I reading that wrong?
I believe so. With the above wording, interpreted liberally, Personal Student Information can still be collected, just not for "commercial purposes". What does "commercial purposes" mean? Are there time-restrictions to when/how it might be used later? It's all fuzzy, and a common strategy in legal work is to make things fuzzy if you want to make it possible to be interpreted liberally when necessary (and vice-versa if you don't).
As for logging being done by the school, no way. Most schools don't have that kind of capability or expertise, and I'm not sure how it would even be possible with centralized services like this. Google might make some portion of the data available back to the schools, but they are almost certainly the ones gathering usage data, as well as having 100% visibility into each and every word typed into every email or web-doc. That's just the way those systems work.
Again, I don't have inside eyes on their code, and neither do my google contacts, but I have been involved in more than my share of creating and interpreting legal documents, and this one is suspicious at best. It wouldn't have been hard for them to write a completely transparent document that spelled out exactly what kinds of data are gathered, when they're gathered, what the retention period is, etc. Until that happens, I will keep recommending to schools I work with to NOT sign up for these services. That said, I do think that the system described above by EricTheHalfBee is a good start in the right direction, and I really wish he'd have followed up and let me know where this school is.
I believe so. With the above wording, interpreted liberally, Personal Student Information can still be collected, just not for "commercial purposes". What does "commercial purposes" mean? Are there time-restrictions to when/how it might be used later? It's all fuzzy, and a common strategy in legal work is to make things fuzzy if you want to make it possible to be interpreted liberally when necessary (and vice-versa if you don't).
As for logging being done by the school, no way. Most schools don't have that kind of capability or expertise, and I'm not sure how it would even be possible with centralized services like this. Google might make some portion of the data available back to the schools, but they are almost certainly the ones gathering usage data, as well as having 100% visibility into each and every word typed into every email or web-doc. That's just the way those systems work.
Again, I don't have inside eyes on their code, and neither do my google contacts, but I have been involved in more than my share of creating and interpreting legal documents, and this one is suspicious at best. It wouldn't have been hard for them to write a completely transparent document that spelled out exactly what kinds of data are gathered, when they're gathered, what the retention period is, etc. Until that happens, I will keep recommending to schools I work with to NOT sign up for these services. That said, I do think that the system described above by EricTheHalfBee is a good start in the right direction, and I really wish he'd have followed up and let me know where this school is.
I think what Eric described is the recommended method from Google but not entirely certain.
As for what Google "scans" in Google Apps for Education they do spell it out:
"Google Apps for Education services don't collect or use student data for advertising purposes or create ads profiles.
Gmail for consumers and Google Apps for Education users runs on the same infrastructure, which helps us deliver high performance, reliability, and security to all of our users. However, Google Apps is a separate offering that provides additional security, administrative and archiving controls for education, work, and government customers.
Like many email providers, we do scanning in Gmail to keep our customers secure and to improve their product experience. In Gmail for Google Apps for Education, this includes virus and spam protection, spell check, relevant search results and features like Priority Inbox and auto-detection of calendar events. Scanning to provide product features is done on all incoming emails and is 100% automated. We do NOT scan Google Apps for Education emails for advertising purposes.
Additionally, we don't collect or use any information stored in Apps for Education users' Google Drive or Docs (or Sheets, Slides, Drawings, Forms) for any advertising purposes."
What other nefarious use of information would Google be making of anything they've collected if it can't be used for advertising/profiling? Unlike the companies I mentioned earlier they aren't data brokers so they don't make money from selling data. They make money from placing ads, and to a lesser degree selling services and hardware.
Side question: How does Google's statement compare to Apple's or Microsoft's on how student data is stored and/or used? The three companies have amazingly similar general privacy policies (with similar vagaries). Honest question as I can't find what Apple or Microsoft has to say about it but you almost certainly know.
What exactly does "advertising purposes" encompass? Why not "commercial purposes"?
Are "ad profiles" different from "profiles"? I do think this is worded very carefully on purpose.
Google's business model will evolve over the years (it already is), and having massive profile data for any purpose will likely be very valuable in the future. Especially for kids, right as they enter adulthood. This language allows them to gather individual personal data and analyze it, and I'd guess they are doing so, very carefully, and not marrying it together with the ad-serving system right now.
This also assumes that we implicitly trust Google (or ANY internet service provider / data miner) to be completely truthful. In recent years, goog has proven themselves to not be as truthful or trustworthy as we'd hope. Whether it's systemic or a problem with individuals around the company doesn't really matter, because at the end of the day, their business model puts them in control of dangerous levels of data. Far beyond anything the world has ever known. The problem is not about getting targeted ads delivered, or even about advertising at all; it's about human behavioral profiles being collected and analyzed at enormous scale, breadth and depth. This policy (and company behavior in general) does not give me confidence that data mining is not occurring, only that it's not currently being married to the ad system.
As for other companies' policies in these matters, I don't care as much, personally, because they are relative blips on the radar now, when compared to the level of human profiling data (and capacity) that google has. That may change. facebook is kinda/sorta there, but they are relatively easy to avoid now.
To my knowledge, Apple is not pushing to create services for schools to enroll under 13 students.
I do know that Microsoft signs things like HIPAA BAAs with school districts that really do have some teeth. I suspect they also sign FERPA BAAs, but I don't have firsthand knowledge of that.
-pause-
I just went to check on this, and it appears that Microsoft does indeed have a pretty decent policy surrounding student accounts on office365. Read this:
My comments above were surprisingly apropos, given that ms does indeed use the term "commercial purposes". Surprised myself!
We do not use or share Office 365 customer data for any other commercial purposes (for example, in connection with advertising or marketing or to build user profiles for commercial purposes not related to the provision of Office 365)
The fact that they are not legally required to get parental consent for students under age 13 means that their policies are pretty tight. Retention periods are important, and I don't see them listed, which is unfortunate. Again, this implies that we trust they are doing or not doing exactly what they say. I suppose my personal trust level of microsoft might be a half-step above google in 2015, but honestly, NO ONE should have deep psychological profiles of hundreds of millions of people. For any purpose. We are one "event" away from every ounce of data in ALL these companies' databases being seized by our government. At least in theory, they would be acting in our best interests, but data is never safe, and never stays captive forever.
With the above wording, interpreted liberally, Personal Student Information can still be collected, just not for "commercial purposes". What does "commercial purposes" mean?.
Doesn't it mean whatever you thought it did when Microsoft used it, making their policy look "pretty decent" in your view?
So Microsoft using "commercial purposes" in it's wording is a good thing but Google using "commercial purposes" in theirs is weaselly? Sounds disingenuous on your part. I'd like to think you can logically explain it.
This also assumes that we implicitly trust Google (or ANY internet service provider / data miner) to be completely truthful.
As for other companies' policies in these matters, I don't care as much, personally, because they are relative blips on the radar now . . . To my knowledge, Apple is not pushing to create services for schools to enroll under 13 students.
:???: Of course they do. Have you missed all the articles here at AI about Apple's educations efforts with the iPad and school districts?
I suspect they (Microsoft) also sign FERPA BAAs, but I don't have firsthand knowledge of that.
I don't know if Microsoft does either. I do know Google does tho. "Google Apps for Education complies with Family Educational Rights and Privacy Act (FERPA) and our commitment to do so is included in our agreements. Google complies with and is registered with the U.S.-EU Safe Harbor agreement, which helps ensure that our data protection compliance meets European Union standards for educational institutions."
Since you praised MS for mentioning no commercial uses for student data as well as signing HIPPA BAA's why wouldn't you do the same for Google who also do the same things and perhaps even more by including FERPA-compliant agreements. You don't know if either Microsoft or Apple do apparently.
That's not really concerning to you either? I'm frankly shocked you weren't aware of the Facebook issues, and will be doubly so if you already knew but thought it wasn't worth mentioning lest it distract from your focus on Google.
It seems to me that Google is answering most of your objections, Not sure you expect the same "transparency" from other providers but I would hope you'd spend at least a little time of looking into how others are handling the issues you raised. Google's is pretty easy to find. Some of the others not so much.
At least partly my bad on "commercial/advertising". The second time you posted what I remembered reading and having discussions with legal people about. I probably shouldn't post when tired. In fact, I'm probably going to have to disengage soon because I have too much on my plate right now to keep getting distracted here, and it shows. Anyway, my bad for confusing the second quote with the first one you posted.
I am curious though, those two quotes you posted are very different. Where are they, and why are they so different?
Of course they do. Have you missed all the articles here at AI about Apple's educations efforts with the iPad and school districts?
They're not hawking their own services, afaik, just hardware. Though the Pearson deal sucked big time, so yeah, there's that. I hope Apple learned their lesson, given that Pearson is one of the worst players in Edu anywhere.
No inconsistencies at all. I don't give Apple any personal information either. I don't use iCloud, and would never give biometrics to them via Apple Watch. But with a small bit of effort I can use Apple's wonderfully designed hardware without being data mined. Google's products are almost all oriented around data mining and user profiles, regardless of whether they're for "advertising" or "commercial purposes". ;-)
I don't know if Microsoft does either. I do know Google does tho. "Google Apps for Education complies with Family Educational Rights and Privacy Act (FERPA) and our commitment to do so is included in our agreements. Google complies with and is registered with the U.S.-EU Safe Harbor agreement, which helps ensure that our data protection compliance meets European Union standards for educational institutions."
...but honestly, NO ONE should have deep psychological profiles of hundreds of millions of people. For any purpose. "
It's not about testing studies, it's about having and mining that data.
How can you say you agree with the statement above, and still be a google-apologist? They are absolutely, unquestionably, in possession of deep psychological profiles of hundreds of millions of people, including many people who have never signed up for any kind of google account whatsoever. I don't believe you agree with my statement, as written.
But it's not even about who's worse than who. Read my statement again, I'm very consistent. *NO ONE* should have this kind of data. Not private companies, not governments, not google, not Apple, no one. It should not exist.
Sidenote: Unless you have Facebook blockers in place they'll still collect data on you even tho you aren't a Facebook user or ever agreed to their TOS.
As mentioned, they are relatively easy to block. Blocking google's tentacles requires layers upon layers, and it's still pretty much impossible.
That's not really concerning to you either? I'm frankly shocked you weren't aware of the Facebook issues, and will be doubly so if you already knew but thought it wasn't worth mentioning lest it distract from your focus on Google.
Strawman/misdirection! Facebook is a terrible, vile company. That doesn't mean Google is good. Apple isn't perfect either, but there are definitely degrees of bad/good, both overall and specific to privacy. Those two things aren't even the same. But I digress. I have no idea what kind of work you do that allows you to keep up these conversations... will you share via PM?? ;-)
How can you say you agree with the statement above, and still be a google-apologist? They are absolutely, unquestionably, in possession of deep psychological profiles of hundreds of millions of people, including many people who have never signed up for any kind of google account whatsoever. )
If that's what Google is doing I won't make an excuse for them. I've never seen any evidence or even claims (beside yours) that Google is in possession of "deep psychological profiles pf hundreds of millions of people". Where did you get that from? Heck they can't even get my age and interests right!
How could they possibly have the depth of information sourced from online and offline sources a company like Axciom or any other big data aggregator does. Google can;t even know if the person posting this is the same person listening to Google Music right now or the one playing solitaire at the moment. (Hint: they aren"t)
If that's what Google is doing I won't make an excuse for them. I've never seen any evidence or even claims (beside yours) that Google is in possession of "deep psychological profiles pf hundreds of millions of people". Where did you get that from? Heck they can't even get my age and interests right!
Never said they're perfect! That said, they're entire business model depends on having psychological profiles of all their users. It's their bread and butter. Most people don't use that terminology, but that's clearly what they have. It's based on searches, emails, analytics, and dozens of other trackers that are embedded in almost everything people look at when they're online. Some level of that is what people (consciously or ignorantly) opt into, but there is a very large class of people who choose to NOT opt into google's profiling, but are sucked into it anyway.
"Google further contends that because of the way that email operates, even non-Gmail users knew that their emails would be intercepted, and accordingly that non-Gmail users impliedly consented to the interception. Therefore, Google argues that in all communications, both parties -- regardless of whether they are Gmail users -- have consented to the reading of emails.
The Court rejects Google's contentions with respect to both explicit and implied consent. Rather, the Court finds that it cannot conclude that any party -- Gmail users or non-Gmail users -- has consented to Google's reading of email for the purposes of creating user profiles or providing targeted advertising.
Accepting Google's theory of implied consent -- that by merely sending emails to or receiving emails from a Gmail user, a non-Gmail user has consented to Google's interception of such emails for any purposes -- would eviscerate the rule against interception."
Not only is google's position here totally self-serving, but it's a complete lie. I never send email to any gmail account, nor any email account that I can determine as being hosted (read/analyzed) by google. And yet, if someone sends me an email from their gmail account, any information about me in that email is now attached to my email address, and google is attempting to say that somehow I have consented to this process. I can already think of weaselly arguments on the other side, but I take active efforts to not be data mined, and yet they are still doing so. Facebook is notorious for their shadow profiles, but google has many more ways to connect the dots.
I haven't been keeping up with this lawsuit; for all I know it's been dismissed. I should go digging now, but I'm late for something and need to type quickly.
How could they possibly have the depth of information sourced from online and offline sources a company like Axciom or any other big data aggregator does. Google can;t even know if the person posting this is the same person listening to Google Music right now or the one playing solitaire at the moment. (Hint: they aren"t)
ID-Targeting is the next gen. Device-based targeting is old school. It's not perfect yet, but getting much better. Companies skilled in this art can get a pretty good idea of how many different people's activities are coming from one single IP or even a single computer. If you or your family/housemates use any google services, there's a good chance they do indeed know that those are 2 or 3 different people, and probably even who is doing what. It's art-in-progress, but there's so much money to be made by being able to break this stuff down, it's getting a lot of attention.
Not to sidetrack from the above, but here's a question: Is there any reason to know definitively that Google doesn't buy data from Axciom and and their ilk? I think it's pretty clear that g doesn't sell data to them, but those companies happy to sell to whoever/whenever/however, right? Why not google/facebook and other online companies that can leverage that data?
Comments
Data-driven Education is only needed when Administrators and not Teachers are controlling the Education. This only happens when the Teachers can't be trusted. Data is simply an abstraction of what is right in front of the Teacher. As a Teacher myself, I don't need data in an App to tell me which student is doing poorly and which is not.
But data is required and hopefully this new App will make meeting that requirement as quick and easy as possible, so that more time can actually be devoted to teaching.
Would you mind telling me what school district/city you're in? PM me, if you'd rather not post publicly.
I'm very much interested in these issues, and am active in our city/district, pushing for policy decisions like this. So often, people are attracted to shiny objects like this without considering the full ramifications; in this case, the fact that our children are being relentlessly data mined behind the scenes. Here's a great article for anyone who has kids: Politico: Data Mining Your Children
The policy you describe above is clearly much better than not using any safeguards at all. That said, if the kids access their classroom emails from home, they are pretty much identified and tracked by google anyway. Data mining and tracking tools are very, very good these days. Cookies are not required (though they make things very easy), and even if you have multiple people in the same house using a single computer, much of that can be filtered as well, to identify, track and mine the (statistically likely) different users. I'm a little surprised that districts are getting away with signing up kids for services like this. There are weak links in COPPA, but schools/districts are not supposed to be able to sign up kids for online services with companies that mine kids' data. Or if they do, it often requires special contracts and/or different levels of service/access.
I understand the rules and the laws very well. They do not reflect the current real world scenarios.
1) It's trivial for kids to lie about their age and create gmail accounts. If you know any middle schoolers, just go sit in a room full of them and ask how many 6th/7th graders use gmail. I guarantee that in most groups you'll find >50%, and it's high even among older elementary students. Kids have no clue about what they're opting into. Hell, most adults don't, you can read the recent U-Penn research on that.
2) It used to be that google/fb trolled pretty seriously to find underage kids. My experience is that's not true anymore. Kids nowadays use gmail/yahoo/hotmail freely and without fear anymore that their accounts will be locked or deleted. I'm sure it happens around the edges in egregious cases, but not much anymore. FWIW, gmail is BY FAR the most widely used email by underage kids. In the groups I've spoken with, it's huge, like 10 to 1 over the competitors.
3) With the above in mind, and the fact that prior to EricTheHalfBee's actions, the teachers were directing the students to create their own accounts, this implies that this was not happening through AppsForEducation (which was very publicly busted a while back, for lying/misuse of data), or through any official district-level program. The teachers themselves were directing the students to do something against "the rules", causing google to unknowingly (in theory) collect data from underage kids. Google can (and does) look the other way, and probably is relatively safe from legal action, but while this behavior may be within the letter of the law, it's clearly not working within the spirit of the law. I put more of the blame on teachers/schools/districts in this case (they are grossly uninformed), but google (and many other small EduTech firms) have some culpability as well.
4) It's not just about under age 13. There's a lot of gray area in the 13-17 year old groups. They are not old enough to sign a legal contract, and yet, many schools and districts are forcing them to use tools and services like this that absolutely are used for data mining purposes once the kids are 13. What, as a society, are we going to do about this? Are people okay forcing KIDS into data mined services?
Apps for teachers, apps for parents, apps for students; these Apps we had listen about a lot, and these are in use.. what about if whole combination get in one, school, parent, teacher, and student communication app Schoola2z... but schools have to access as security is of high under this app which is free to download form - https://play.google.com/store/apps/details?id=com.schoola2zlive
This is definitely the schools fault, Google even instructs the schools not to use the personal emails of their students but to set it up the way you described. When my daughter's school switched to ChromeBook's we were invited to a assembly in which such things were discussed in detail. Though they don't use the teachers actual name but an ID number like this, <schools_name>.<teachers_ID><student_number>@gmail.ch. The student number isn't linked to anyone student permanently, if there are 300 children at the school, each student gets a number between 1 - 300, that's their student ChromeBook ID for the year. Also the only emails that are allowed to be received or sent are only the ones containing the schools name. There are also no ads anywhere to be found on the system, including email and Google Search. Though to be fair I have never received a single ad in my friends and family Google email, which is only logical since I've never used it on anything but private mail. I have another Gmail account that's used solely for public sites, which is of course inundated with ads. So anyone complaining about ads in Gmail brought that mess on themselves, always separate private and public accounts.
Kinda-sorta. As alluded to above, recommendations, warnings, etc., are only effective when they're understood and adhered to. Like EricTheHalfBee, I pay a lot of attention to how this stuff works in practice. I've spent a LOT of time in schools and working with school district administration and officials, and the reality is that teachers, principals, and most administrators haven't got a clue, so they just direct students to do whatever seems the easiest.
This seems like a good start for a plan like this (yes, really). Teachers and students do not use real names, and accounts change every year. Check.
But problems crop in because any data mining company worth their salt (and of course, google is VERY good at what they do) is able to marry disparate data together to identify individuals. It's not just a vague possibility, but rather, it's at the core of what they do. In other words, as soon as a child takes home their computer (unless that's not allowed), or signs into any other service from school, they are identified.
Before saying, "Oh, but Google would never do that, because they promised not to data mine the kids", remember how they got busted for lying about AppsForEducation some time back, which is aimed at schools/kids. Google is no saint, and these days they seem to be more about doing everything they can get away with, rather than being Good Guys. In fact, unless I've misinterpreted their AFE response, they never promised to stop gathering data, but only to stop displaying ads based on that intelligence -- until the kids reach the age of majority. That's really dangerous. I would love to be proven wrong on this, but I haven't seen anything to counter that yet. Data mining at all costs seems to be in their DNA now, and it's very sad because it didn't used to be that way in the early days.
That's only from the designated accounts, right? Are there mechanisms in place (not just procedural, but enforced, technical mechanisms) to prevent kids from using these laptops to sign into other personal gmail accounts? Or into facebook or instagram or any other service where the kids are likely to be identified? Some enforcement could be baked into the OS/builds (though easily overridden by smart kids, who will show/do it for others), and some rules can be semi-enforced by the school/district IT staff (though also usually pretty easy to proxy around, by smart kids).
If the chromebooks are allowed to go home with the kids, then all bets are off, and the kids are very likely individually identifiable.
Ads are merely a distraction. There's nothing wrong with contextual ads, except that they annoy people. The real problem is the personal/individual data mining and analysis that happens behind the scenes.
BTW, I don't know if I welcomed you back after your time away. I hope things are going well, and it's great to have you back! :-)
I posted something earlier today that probably applies here: I don't believe Google knows more about "you" than any other company, nor that they are as "evil" as you seem to think they are. ,While they may not be as harmless as I generally would like to believe (with exceptions I've noted before), they aren't doing anything business-wise more devious than arranging advertisements for companies large and small. If they do their job properly the ads may even be for things that you have an interest in, so not totally irritating to some folks. Is there something else they're doing that I'm not aware of?
You seldom if ever mention the players that truly do know "more than Google does" and whose business is NOT simple personalized ads. If you really want folks to be aware of the dangers of data mining why don't you ever mention companies like Acxiom, Corelogic, Datalogix, eBureau, ID Analytics, Intelius, PeekYou, Rapleaf, Recorded Future and others like them? They're data brokers, a far different business model that Google's ad-supported search business. Yes they actually exist to learn everything they possibly can about your onjm-line and off-line life and sell it to others who want what they know: Insurers, finance companies, "tax relief" providers, attorneys, funeral homes, weightloss companies, erectile dysfunction drug makers, etc. etc. If you think Google is evil I can't imagine what tag you'd give all these guys.
So what do they know about the very personal you that Google doesn't, and want to share it with whoever can pay the fee, again unlike Google? According to the FTC besides the simple Social Security number, name and address you'd expect they collect stuff like:
- consumer data from extensive online and offline sources, largely without consumers’ knowledge, ranging from consumer purchase data, social media activity, warranty registrations, magazine subscriptions, religious and political affiliations, and other details of consumers’ everyday lives.
-Consumer data often passes through multiple layers of data brokers sharing data with each other. In fact, seven of the nine data brokers in the Commission study had shared information with another data broker in the study.
-Data brokers combine online and offline data to market to consumers online.
-Data brokers combine and analyze data about consumers to make inferences about them, including potentially sensitive inferences such as those related to ethnicity, income, religion, political leanings, age, and health conditions. Potentially sensitive categories from the study are “Urban Scramble” and “Mobile Mixers,” both of which include a high concentration of Latinos and African-Americans with low incomes. The category “Rural Everlasting” includes single men and women over age 66 with “low educational attainment and low net worths.”
-Other potentially sensitive categories include health-related topics or conditions, such as pregnancy, diabetes, and high cholesterol.
-Many of the purposes for which data brokers collect and use data pose risks to consumers, such as unanticipated uses of the data. For example, a category like “Biker Enthusiasts” could be used to offer discounts on motorcycles to a consumer, but could also be used by an insurance provider as a sign of risky behavior.
Yet the only drum you seem to pound has Google's name on it. Google's done some questionable things as every big company has, but IMHO the danger to you or me is way overblown, well beyond rational. The full government report on real data-brokers and the privacy dangers they pose is available here:
https://www.ftc.gov/system/files/documents/reports/data-brokers-call-transparency-accountability-report-federal-trade-commission-may-2014/140527databrokerreport.pdf
Read thru it then tell us that Google is the one we should be focused on. While we should absolutely hold Google's feet to the fire when they stray there are far more dangerous companies out there that you don't talk about.
EDIT: Heck just in the past week I'd made you aware of plans to share personal information from a source you wouldn't expect, yet with a prime opportunity to mention it you don't. So here it is for those that want to know about it:
http://analysis.tu-auto.com/insurance-legal/customer-data-cash-cow-insurers?utm_campaign=TUA 22JUN15 Newsletter.htm&utm_medium=email&utm_source=Eloqua
But oddly enough, the discussion above was very specifically about using Google tools in schools. Why would I care to bring up a very different group of companies in this context? You went seriously off-topic this time with the misdirection effort! ;-)
I do bring up other companies, and often discuss in generalized terms like "any data mining company" (right in the above post!), but this was a very targeted discussion. Also note that many of the activities listed above also feed into google's data mining as well, some directly, some indirectly.
Anyway, lots of text above, but you didn't come to g's rescue as far as their AFE response. I figure if anyone knows better about this it would be you, and seriously, I'd love to be corrected on this part if I'm wrong. I'll re-paste it here:
Here's the real reason I tend to harp on Google more than the shadowy data brokers: consumer sentiment. Most people don't have a lot of insights into data brokers. Those that do, probably already think very poorly of them, and yet, it's very, very difficult to keep them out of your personal business, even with active effort. On the other hand, millions of people willingly feed massive amounts of data straight into google's mouth every minute of every day (along with facebook and others) -- because somehow they feel like google isn't dangerous. That's just not true. NO company can own this much personal data without being dangerous. It's not about Google, it's about all that data sitting in one place.
"COPPA applies to commercial companies and limits their ability to collect personal information from children under 13. By default, Google advertising is turned off for Apps for Education users. No personal student information is collected for commercial purposes. This permission form allows the school to act as an agent for parents in the collection of information within the school context. The school’s use of student information is solely for education purposes."
Every school's current permission page is using the same Google-mandated wording as far as I can see, and I looked at a dozen more or less, tho some add an explanation of what info the school itself is collecting.
Also I didn't mean to come off sounding so harsh.
In other words the Finnish finish school.
No worries. The bit above was just so off-topic....! lol
So this is indeed similar verbiage to what I've seen since the AFE fallout. The problems with this are:
1) Turning off google advertising is immaterial. Turning it off, in fact, is a smart thing for google to do, because it's can (potentially) act as a great misdirection tool. Now parents, teachers, administrators look at the pages and say "Great! Google isn't being bad anymore, we won!" But the data can still be collected, which is the real problem.
2) "No personal student information is collected for commercial purposes. This is where the problem lies. How is that defined, and ultimately construed legally. The wording comes off as weaselly, and unfortunately, in today's world of online data collection, almost any time you see weaselly wording, there's a reason. Honestly, 15 years ago I would have trusted their intent, but not anymore. Not after how the entire AFE thing went down, and general poor behavior in recent years.
It's can be challenging, because some services pretty much require deep insights into information typed into or received by these accounts. If email access is allowed outside the individual classrooms/schools, then spam-prevention requires digging very carefully through email content. However, in this situation, I don't see why any of that is necessary.
If they were really, truly being transparent -- as they claim to be these days (and as they are, when it serves their purposes), they could spell out details in that paragraph. As it stands, that wording provides them the capability, from the legal discussions I've had with people, to continue to collect data from all kids, both under 13 and 13-18, and when kids are old enough, they can marry that data together with everything else to add very powerful insights into these individuals. I don't have proof that this is happening, and my google contacts don't have the ability to confirm or deny, but even they are suspicious of email.
The biggest problem with this is that for the most part people (adults) have the choice to use or not use google's services. Well, this could actually be debated, but let's assume that for the moment. This is completely untrue, when schools require students to use google tools. The kids have no choice, and that's terribly, terribly wrong.
That's not the way I read it. Any personal information logged is for educational purposes only and being done by the school. Am I reading that wrong?
I believe so. With the above wording, interpreted liberally, Personal Student Information can still be collected, just not for "commercial purposes". What does "commercial purposes" mean? Are there time-restrictions to when/how it might be used later? It's all fuzzy, and a common strategy in legal work is to make things fuzzy if you want to make it possible to be interpreted liberally when necessary (and vice-versa if you don't).
As for logging being done by the school, no way. Most schools don't have that kind of capability or expertise, and I'm not sure how it would even be possible with centralized services like this. Google might make some portion of the data available back to the schools, but they are almost certainly the ones gathering usage data, as well as having 100% visibility into each and every word typed into every email or web-doc. That's just the way those systems work.
Again, I don't have inside eyes on their code, and neither do my google contacts, but I have been involved in more than my share of creating and interpreting legal documents, and this one is suspicious at best. It wouldn't have been hard for them to write a completely transparent document that spelled out exactly what kinds of data are gathered, when they're gathered, what the retention period is, etc. Until that happens, I will keep recommending to schools I work with to NOT sign up for these services. That said, I do think that the system described above by EricTheHalfBee is a good start in the right direction, and I really wish he'd have followed up and let me know where this school is.
I think what Eric described is the recommended method from Google but not entirely certain.
As for what Google "scans" in Google Apps for Education they do spell it out:
"Google Apps for Education services don't collect or use student data for advertising purposes or create ads profiles.
Gmail for consumers and Google Apps for Education users runs on the same infrastructure, which helps us deliver high performance, reliability, and security to all of our users. However, Google Apps is a separate offering that provides additional security, administrative and archiving controls for education, work, and government customers.
Like many email providers, we do scanning in Gmail to keep our customers secure and to improve their product experience. In Gmail for Google Apps for Education, this includes virus and spam protection, spell check, relevant search results and features like Priority Inbox and auto-detection of calendar events. Scanning to provide product features is done on all incoming emails and is 100% automated. We do NOT scan Google Apps for Education emails for advertising purposes.
Additionally, we don't collect or use any information stored in Apps for Education users' Google Drive or Docs (or Sheets, Slides, Drawings, Forms) for any advertising purposes."
What other nefarious use of information would Google be making of anything they've collected if it can't be used for advertising/profiling? Unlike the companies I mentioned earlier they aren't data brokers so they don't make money from selling data. They make money from placing ads, and to a lesser degree selling services and hardware.
Side question: How does Google's statement compare to Apple's or Microsoft's on how student data is stored and/or used? The three companies have amazingly similar general privacy policies (with similar vagaries). Honest question as I can't find what Apple or Microsoft has to say about it but you almost certainly know.
What exactly does "advertising purposes" encompass? Why not "commercial purposes"?
Are "ad profiles" different from "profiles"? I do think this is worded very carefully on purpose.
Google's business model will evolve over the years (it already is), and having massive profile data for any purpose will likely be very valuable in the future. Especially for kids, right as they enter adulthood. This language allows them to gather individual personal data and analyze it, and I'd guess they are doing so, very carefully, and not marrying it together with the ad-serving system right now.
This also assumes that we implicitly trust Google (or ANY internet service provider / data miner) to be completely truthful. In recent years, goog has proven themselves to not be as truthful or trustworthy as we'd hope. Whether it's systemic or a problem with individuals around the company doesn't really matter, because at the end of the day, their business model puts them in control of dangerous levels of data. Far beyond anything the world has ever known. The problem is not about getting targeted ads delivered, or even about advertising at all; it's about human behavioral profiles being collected and analyzed at enormous scale, breadth and depth. This policy (and company behavior in general) does not give me confidence that data mining is not occurring, only that it's not currently being married to the ad system.
As for other companies' policies in these matters, I don't care as much, personally, because they are relative blips on the radar now, when compared to the level of human profiling data (and capacity) that google has. That may change. facebook is kinda/sorta there, but they are relatively easy to avoid now.
To my knowledge, Apple is not pushing to create services for schools to enroll under 13 students.
I do know that Microsoft signs things like HIPAA BAAs with school districts that really do have some teeth. I suspect they also sign FERPA BAAs, but I don't have firsthand knowledge of that.
-pause-
I just went to check on this, and it appears that Microsoft does indeed have a pretty decent policy surrounding student accounts on office365. Read this:
https://www.microsoft.com/online/legal/v2/en-us/MOS_PTC_Regulatory_Comp.htm
My comments above were surprisingly apropos, given that ms does indeed use the term "commercial purposes". Surprised myself!
The fact that they are not legally required to get parental consent for students under age 13 means that their policies are pretty tight. Retention periods are important, and I don't see them listed, which is unfortunate. Again, this implies that we trust they are doing or not doing exactly what they say. I suppose my personal trust level of microsoft might be a half-step above google in 2015, but honestly, NO ONE should have deep psychological profiles of hundreds of millions of people. For any purpose. We are one "event" away from every ounce of data in ALL these companies' databases being seized by our government. At least in theory, they would be acting in our best interests, but data is never safe, and never stays captive forever.
When I said: You came back with:
Doesn't it mean whatever you thought it did when Microsoft used it, making their policy look "pretty decent" in your view?
So Microsoft using "commercial purposes" in it's wording is a good thing but Google using "commercial purposes" in theirs is weaselly? Sounds disingenuous on your part. I'd like to think you can logically explain it.
:???: Of course they do. Have you missed all the articles here at AI about Apple's educations efforts with the iPad and school districts?
Those HIPPA BAA's would have to do with student health data since HIPPA is of course specific to health matters. Google also signs HIPPA BAA's.
http://www.techrepublic.com/blog/google-in-the-enterprise/google-agrees-to-sign-baa-as-means-to-hipaa-compliance/
It's been discussed here at AI on a few different occasions.
Guess who still refuses to and is NOT compliant with HIPPA for cloud storage? Apple.
http://mentegram.com/blog/hipaa-cloud-dont-use-icloud-or-dropbox-for-storage/
Why won't they? You don't find that at all concerning of course since they aren't Google?
I don't know if Microsoft does either. I do know Google does tho.
"Google Apps for Education complies with Family Educational Rights and Privacy Act (FERPA) and our commitment to do so is included in our agreements. Google complies with and is registered with the U.S.-EU Safe Harbor agreement, which helps ensure that our data protection compliance meets European Union standards for educational institutions."
Since you praised MS for mentioning no commercial uses for student data as well as signing HIPPA BAA's why wouldn't you do the same for Google who also do the same things and perhaps even more by including FERPA-compliant agreements. You don't know if either Microsoft or Apple do apparently.
I agree with that. I avoid Facebook entirely for that reason among others.
http://www.nytimes.com/2014/06/30/technology/facebook-tinkers-with-users-emotions-in-news-feed-experiment-stirring-outcry.html?_r=0
I've not seen any evidence of Google doing similar psychological testing studies on it's users.
Sidenote: Unless you have Facebook blockers in place they'll still collect data on you even tho you aren't a Facebook user or ever agreed to their TOS.
http://www.theguardian.com/technology/2015/apr/10/facebook-admits-it-tracks-non-users-but-denies-claims-it-breaches-eu-privacy-law
That's not really concerning to you either? I'm frankly shocked you weren't aware of the Facebook issues, and will be doubly so if you already knew but thought it wasn't worth mentioning lest it distract from your focus on Google.
It seems to me that Google is answering most of your objections, Not sure you expect the same "transparency" from other providers but I would hope you'd spend at least a little time of looking into how others are handling the issues you raised. Google's is pretty easy to find. Some of the others not so much.
I am curious though, those two quotes you posted are very different. Where are they, and why are they so different?
They're not hawking their own services, afaik, just hardware. Though the Pearson deal sucked big time, so yeah, there's that. I hope Apple learned their lesson, given that Pearson is one of the worst players in Edu anywhere.
No inconsistencies at all. I don't give Apple any personal information either. I don't use iCloud, and would never give biometrics to them via Apple Watch. But with a small bit of effort I can use Apple's wonderfully designed hardware without being data mined. Google's products are almost all oriented around data mining and user profiles, regardless of whether they're for "advertising" or "commercial purposes". ;-)
I don't know if Microsoft does either. I do know Google does tho.
"Google Apps for Education complies with Family Educational Rights and Privacy Act (FERPA) and our commitment to do so is included in our agreements. Google complies with and is registered with the U.S.-EU Safe Harbor agreement, which helps ensure that our data protection compliance meets European Union standards for educational institutions."
It's not about testing studies, it's about having and mining that data.
How can you say you agree with the statement above, and still be a google-apologist? They are absolutely, unquestionably, in possession of deep psychological profiles of hundreds of millions of people, including many people who have never signed up for any kind of google account whatsoever. I don't believe you agree with my statement, as written.
But it's not even about who's worse than who. Read my statement again, I'm very consistent. *NO ONE* should have this kind of data. Not private companies, not governments, not google, not Apple, no one. It should not exist.
As mentioned, they are relatively easy to block. Blocking google's tentacles requires layers upon layers, and it's still pretty much impossible.
Strawman/misdirection! Facebook is a terrible, vile company. That doesn't mean Google is good. Apple isn't perfect either, but there are definitely degrees of bad/good, both overall and specific to privacy. Those two things aren't even the same. But I digress. I have no idea what kind of work you do that allows you to keep up these conversations... will you share via PM?? ;-)
How could they possibly have the depth of information sourced from online and offline sources a company like Axciom or any other big data aggregator does. Google can;t even know if the person posting this is the same person listening to Google Music right now or the one playing solitaire at the moment. (Hint: they aren"t)
Never said they're perfect! That said, they're entire business model depends on having psychological profiles of all their users. It's their bread and butter. Most people don't use that terminology, but that's clearly what they have. It's based on searches, emails, analytics, and dozens of other trackers that are embedded in almost everything people look at when they're online. Some level of that is what people (consciously or ignorantly) opt into, but there is a very large class of people who choose to NOT opt into google's profiling, but are sucked into it anyway.
http://blogs.findlaw.com/technologist/2013/09/5-takeaways-from-the-google-email-scanning-lawsuit.html
Read through to the very last line.
Judge Koh said:
Not only is google's position here totally self-serving, but it's a complete lie. I never send email to any gmail account, nor any email account that I can determine as being hosted (read/analyzed) by google. And yet, if someone sends me an email from their gmail account, any information about me in that email is now attached to my email address, and google is attempting to say that somehow I have consented to this process. I can already think of weaselly arguments on the other side, but I take active efforts to not be data mined, and yet they are still doing so. Facebook is notorious for their shadow profiles, but google has many more ways to connect the dots.
I haven't been keeping up with this lawsuit; for all I know it's been dismissed. I should go digging now, but I'm late for something and need to type quickly.
ID-Targeting is the next gen. Device-based targeting is old school. It's not perfect yet, but getting much better. Companies skilled in this art can get a pretty good idea of how many different people's activities are coming from one single IP or even a single computer. If you or your family/housemates use any google services, there's a good chance they do indeed know that those are 2 or 3 different people, and probably even who is doing what. It's art-in-progress, but there's so much money to be made by being able to break this stuff down, it's getting a lot of attention.
Not to sidetrack from the above, but here's a question: Is there any reason to know definitively that Google doesn't buy data from Axciom and and their ilk? I think it's pretty clear that g doesn't sell data to them, but those companies happy to sell to whoever/whenever/however, right? Why not google/facebook and other online companies that can leverage that data?