Dive Brief:
- Parents of two California students this week filed a class action lawsuit alleging that school security software company Securly illegally collected students’ private information without their consent and sold it to third-party vendors.
- The lawsuit claims Securly violated California privacy law and the federal Video Privacy Protection Act by making unauthorized connections to the children’s mobile devices through which Securly collected and stored location data. The company then allegedly provided that information to its clients for targeted advertising without the children’s or parents’ knowledge or consent, according to the suit filed Monday in U.S. District Court for the Southern District of California.
- The case demonstrates a noticeable effort to hold ed tech companies accountable for protecting student data privacy. Requested damages from the class action are expected to exceed $5 million, at up to $12,500 per covered plaintiff.
Dive Insight:
The class action lawsuit claims the parents did not know their children’s San Diego County schools had installed Securly software on their Chromebooks.
In the lawsuit, Securly is described as a “location data broker that provides its customers massive amounts of illegally intercepted data collected from elementary, middle, and secondary school student’s mobile devices.”
Securly, in a statement emailed to K-12 Dive, called the lawsuit’s claims “baseless and uninformed” and said the company plans to “defend ourselves vigorously.”
“Securly has never sold student data to third parties, nor have we ever used student data to target advertisements,” the company said. “Securly’s suite of student safety solutions upholds the highest standards for student data privacy and complies with all international, federal, and state privacy regulations.”
The parents’ lawsuit specifically called into question Securly’s Filter tool, which the company says is a cloud-based web feature that allows schools to keep students safe. The tool sheds light on students’ online activity, can be used to download or email reports, and blocks inappropriate sites quickly, according to Securly’s website.
The parents who brought the lawsuit said they never received any disclosure that Securly would be tracking their children’s location, intercepting their children’s personal communications or sharing their video viewing habits with third parties “to create targeted advertisements and marketing campaigns.” They were “shocked and alarmed” when they discovered that Securly was doing this without their or their children’s knowledge and consent, the lawsuit said.
It’s not uncommon for ed tech companies to share student data info with third parties, according to a January study conducted by nonprofit Internet Safety Labs. In fact, 96% of apps used or recommended by K-12 schools were found to share students’ personal information with third parties.
Consequently, concerns remain that students’ personal online data is at risk.
Even as alarms sound over the issue, however, schools have drastically increased the number of ed tech tools used in the classroom since the pandemic forced instruction online.
The number of ed tech tools used by districts more than doubled between the 2018-19 and 2019-20 school years — jumping from 895 tools to 2,263, according to a recent report from Instructure’s LearnPlatform. In the 2022-23 school year, districts used 2,591 ed tech tools on average.
As government officials try to hold ed tech more accountable for issues like cyber defense and data privacy, school technology experts recommend districts take inventory of the ed tech they use, know their state and federal laws, and read an ed tech company’s terms of use thoroughly before signing any contracts.