«

»

Google’s “commitment” to student privacy unearths some worrying questions

google-watchingBy Simon Davies

Quite a few media outlets have excitedly reported on Google’s announcement last week that ads and ad scanning will now be removed from the company’s education apps for schools. If these articles were to be believed, we should all be dancing in the streets with joy over some miraculous U-turn by the company on its combative attitude to privacy protection.

Sadly, this is not the case. The media excitement has been premature and largely misplaced. If you peel the story back a couple of layers, the scenario that emerges is extremely worrying.

The media excitement has been premature and largely misplaced. If you peel the story back a couple of layers, the scenario that emerges is extremely worrying.

Google’s education apps are used worldwide by around thirty million students and teachers. For some time there has been controversy over the company’s practice of scanning the content of communications and pitching ads at children. This disreputable practice is one reason why there’s been a backlash against the company, with such countries as Norway and Sweden placing severe restrictions on public sector use of Google cloud services. There have also been questions in the US over whether the Google scanning was in violation of the federal Family Educational Rights and Privacy Act (FERPA) law which, regulates information that can be collected from and about students.

In a company blog published last week, Google’s director of education services announced that from now on scanning and ad placement will not be enabled. Proclaiming a commitment to the protection of children’s privacy, the blog explained that the new measures were essential to trust.

This change of directions of course implies that the company had in the past compromised that trust by intruding on privacy, but let’s come back to that issue later.

Here’s the announcement that we “should” have read on the Google blog:

“Google is committed to protecting the privacy of children and young people, so we will no longer scan, analyse, process or store any data relating to them for any purpose whatever. It’s the right thing to do”

But that’s not what Google said. Instead, the company announced that it will disable content scanning only on Gmail “for advertising purposes“. That’s a far cry from a global commitment to protect privacy.

Google must answer a number of unresolved questions about just how far its proclaimed commitment to children’s privacy extends.

To begin, Google’s announcement regarding the removal of “ads scanning” relates only to Gmail.  Although the current GAFE (Google Apps for Education) privacy policy states that Google does not “collect or use any information stored in Apps for Education users’ Google Drive or Docs (or Sheets, Slides, Drawings, Forms) for any advertising purposes,” users still do not know whether or how their activities in Calendar (which is integrated into Gmail), or Vault, (which allows for email and chat archiving and retention), will be treated.

Equally unclear is precisely what Google really means when it says that “Google cannot collect or use student data in Apps for Education services for advertising purposes.”

Equally unclear is precisely what Google really means when it says that “Google cannot collect or use student data in Apps for Education services for advertising purposes.”  For instance, this statement leaves open the possibility that Google can continue to collect and use student data for non-advertising purposes and then use that data to deliver targeted advertising outside of the GAFE context. The GAFE privacy policy states, for example, that “K-12 Google Apps for Education users do not see ads when they use Google Search and are signed in to their Apps for Education accounts” (my emphasis). The policy does not clearly state whether the data collected from students may cause them to “see” ads elsewhere. After all, Google’s business model is all about the untrammeled sharing of data across the entire company.

It’s also noteworthy that the definitions are left hanging. It is unclear what Google even means by the terms “student data” and “advertising purposes.” Data protection regulators may wish to pursue this rather significant loose end.

It’s also reasonable to ask what Google intends to do with all of the student data it has collected so far through Gmail in GAFE. If the company truly is concerned about student privacy, then the company should either permanently discard the scanning data from private email communications that it has been collecting from students over the past seven years, or explain how it intends to segregate that data. This is a critically important issue.

It’s not unreasonable to also demand that the company should then commission an unaffiliated third party audit of its systems to confirm that it has taken these actions. These audits aren’t cheap of course, often coming in at hundreds of thousands of dollars (or three minutes of Google’s ad revenue), but what price can you put on trust, eh Google.

It’s time for Google to be completely transparent and provide a comprehensive accounting of all of its past and present scanning and targeted advertising practices, particularly with regard to student data.

Google has also stated that it plans to make “similar changes” for all Google Apps customers, “including Business, Government and for legacy users of the free version.”  But it has provided no meaningful information or specifics about these plans, other than to state that the company will “provide an update when the rollout is complete.”  Until that occurs, users of Google Apps for Government, for example, will continue to have their private email communications scanned and indexed for advertising and other purposes, resulting in an unwarranted invasion of privacy and – even worse for sensitive government data – a potential security risk.

Google may have answers to some or all of these questions.  But ordinary users – as well as schools, regulators, legislators, and businesses – will never know them if Google’s reluctance to provide meaningful information about its privacy practices persists.  It’s deeply concerning, for example, that last week’s statement by Google on a critical student-privacy issue consisted of a mere three sentences. Unsurprisingly therefore, Google’s announcement has resulted in more questions than answers.

This pattern has been played out time and again:  Google commits a privacy violation, attempts to downplay its significance through vague public statements and blog posts and then comes clean only after Google can no longer hide the truth because of litigation or pressure from national media attention. The company then purports to make a privacy protective change that is announced in the most narrow and ill-defined way, doing little to truly advance privacy concerns.

It’s time for Google to be completely transparent and provide a comprehensive accounting of all of its past and present scanning and targeted advertising practices, particularly with regard to student data.  The privacy and security of young people deserves nothing less.