I ask this title as a question because I am genuinely curious. Recent news reports have disclosed that Google had been routinely violating both the spirit and the letter of FERPA in this educational enterprise services To these reports, coming out of the Gmail case in California Federal Court, Google responded via its corporate blog that it would change some practices.
That is good! But some questions remain going forward about the integrity of the data in Google enterprise applications. SafeGov, an organization on whose advisory board I sit, has put out the most concise set of questions I know of to address these points on behalf of institutions that maintain education records.
- Immediately amend its agreements and policies with educational institutions with legally binding language to remove advertising from all educational offerings and use education data exclusively for delivering legitimate educational services as required by section §99.31 of the Family Education Rights and Privacy Act (FERPA).
- When Android and Chromebook devices are used for educational purposes, confirm whether data that is stored on or passes through the device is used for any secondary purpose beyond delivering the intended service.
- Commit to removing all personal profile information and data collected in the past that is not directly related to delivering legitimate educational services.
Neither government nor higher education have said word one about this issue, not from the Department of Education, NACUA nor EDUCAUSE community. I am curious. Being gaga over Google went out of fashion went some years ago. What’s up?