Wednesday, October 6, 2010

Privacy, Living and Learning Digitally

You know with all the bad press lately about students of all ages inappropriately sharing pictures, videos, and information, we should wonder if privacy still exists.  My last post Living and Learning Responsibly in the Digital World talked about online behaviors.  This post is intended to explore the related problem of online privacy http://www.flickr.com/photos/alancleaver/4105726930/#or lack there-of.

Where does the responsibility for dealing with privacy issues lie?  Parents?  Teachers?  School systems (i.e., curriculum)?  At what age should this topic be introduced to students?  Should it be reinforced at every opportunity through a student’s educational career?

I wonder how much privacy awareness young people in Pitt Meadows had leading up to the rave party incident I referred to in my last post?  What went wrong?  The actions of taking pictures and texting (sexting) them to friends and putting them on Facebook are an invasion of privacy.  How is that young girl going to ever escape this invasion?  Pictures on the Internet never go away!

Or more generally, kids that go to a party Friday night, get drunk or worse, and friends capture pictures of each other and post them to Facebook.  What if this is a common occurrence for these kids?  Later in life when they wish to go into a respectable profession, their past may come back to haunt them, digitally.  Oh, and this isn’t limited to kids, adults seem to think it’s okay to live the darker side of their lives out loud too.  Who’s teaching kids, adults, to use these tools properly where they respect their own and their friends privacy?

Take the Rutgers University case where a guy videos his room mate making out with another guy.  He then tweets it out and posts the video online without the consent of his room mate.  The room mate committed suicide as a result.  From the article,
Paul Stephens, director of policy and advocacy at Privacy Rights Clearinghouse, a national consumer group, said that although posting a video of a student’s private sex acts online seems like an obvious violation of privacy, the Rutgers case shows that some college students need the most basic online conduct lessons.
Or this reenactment…
Privacy and Reputation Online
I would suggest that K12 has a responsibility and an opportunity to address online privacy and digital responsibility, early on.  We need to consider creating age appropriate learning opportunities that address online privacy for our students, perhaps as early as kindergarten.

Switching focus, we also need to think about our responsibilities as a public (government funded) educational institution with respect to our care for student privacy.  I spoke to our lawyer last year and he explained the fiduciary responsibility we have to protect our students (all minors) identity and parental consent doesn’t address this.  We have to guarantee that their identity is protected.  This precludes the District from officially endorsing the use of public Internet services or Cloud Services.  It gets a little fuzzier when it is a teacher who chooses the learning resource (a web tool) for their students.

Teachers in our District guide kids into our secure portal (my43) and out to the public Internet.  They use tools like PBWiki, WikiSpaces, Google Docs, Blogger, WordPress, and some may even be using Facebook.  This is all good (not so sure about Facebook but that’s another conversation).  Students learning within powerful online tools.  But, wait.  What about student privacy?  Is their identity sufficiently protected?  What about when their identity is an important aspect such as with blogging?  What is a teacher’s responsibility for student privacy in the digital world?  What is best practice for taking kids out to these sites, safely and legally?  Some common advice for K12 aged students is that they should:
  • choose a user name/id that doesn’t reveal their identity
  • not share their real age or any age or their birth year
  • not reveal personal facts about themselves or where they live
We have clear obligations under privacy law but, I still find it difficult to be definitive.  According to our lawyer we can not put personal information about students (e.g., an email address, name, or other personally identifiable attributes) on a system outside of our direct control.

BC privacy law: 30.1  A public body must ensure that personal information in its custody or under its control is stored only in Canada and accessed only in Canada, unless one of the following applies:
(a) if the individual the information is about has identified the information and has consented, in the prescribed manner, to it being stored in or accessed from, as applicable, another jurisdiction; (b) if it is stored in or accessed from another jurisdiction for the purpose of disclosure allowed under this Act; (c) if it was disclosed under section 33.1 (1) (i.1).
BC privacy law: Disclosure harmful to personal privacy 22
(1) The head of a public body must refuse to disclose personal information to an applicant if the disclosure would be an unreasonable invasion of a third party's personal privacy.
(2) In determining under subsection (1) or (3) whether a disclosure of personal information constitutes an unreasonable invasion of a third party's personal privacy, the head of a public body must consider all the relevant circumstances, including whether (f) the personal information has been supplied in confidence,
(3) A disclosure of personal information is presumed to be an unreasonable invasion of a third party's personal privacy if (j) the personal information consists of the third party's name, address, or telephone number and is to be used for mailing lists or solicitations by telephone or other means.
(4) A disclosure of personal information is not an unreasonable invasion of a third party's personal privacy if (a) the third party has, in writing, consented to or requested the disclosure,
So, I’m very interested in what other School Districts / Schools, private or public, Canadian or not, are doing about preparing students, parents, teachers, and principals to be privacy aware and responsible.  I’m also interested in how others are working within their privacy legislation while encouraging teachers to use appropriate public Internet tools, safely with kids.