This week the Electronic Frontier Foundation, a digital rights advocacy group, filed a complaint to the US Federal Trade Commission against Google for collecting data from school-aged children. The organization examined Google’s Chromebook, a laptop running the Chrome operating system, and Google Apps for Education, a suite of educational software programs used in many elementary schools across the United States. According to their statement, EFF found that “Google’s “Sync” feature for the Chrome browser is enabled by default on Chromebooks sold to schools. This allows Google to track, store on its servers, and data mine for non-advertising purposes, records of every Internet site students visit, every search term they use, the results they click on, videos they look for and watch on YouTube, and their saved passwords.” 

The organization notes that Google does not use this data to serve targeted advertising to children. However, as the data collection feature is enabled by default, Google does not obtain explicit permission from children or their parents to collect their information. The EFF also notes that “since some schools require students to use Chromebooks, many parents are unable to prevent Google’s data collection.” The Chromebooks and software in question are part of Google for Education, a project which provides inexpensive laptops, a free suite of web-based educational software and classroom-management tools for teachers. 

Their complaint refers to Google’s potential violation of the Student Privacy Pledge, also known as “K- 12 School Service Provider Pledge to Safeguard Student Privacy.” It is a pledge for K-12 school service providers committed to safeguarding student privacy which states, in part, that “K-12 school service providers are honored to be entrusted by educators and families to support their educational needs and school operations. School service providers take responsibility to both support the effective use of student information and safeguard student privacy and information security.” President Obama endorsed the pledge earlier this year. 

The Electronic Frontier Foundation claims that Google is violating this pledge in three ways: collecting personal information about the students’ use of non-educational Google services unrelated to authorized education purposes, the default “Chrome Sync” feature in the Chrome browser enabling Google to collect students’ entire browsing history, and Google for Education’s administrative settings, which enable school administrators to potentially share students' information with Google and third-party websites. 

Earlier this week we wrote about VTech, a manufacturer of children’s toys which experienced a significant data breach. The breach involved over five million user accounts belonging to both parents and kids, including the names, gender and birth dates of the children. Motherboard reported that the hacker responsible for the breach also gained access to children’s photos and chat logs. Both stories highlight the potential risks and ethical questions regarding the collection of data from children.