The Digital Futures Commission (DFC)1 launched a report on Education data reality: The challenges for schools in managing children’s education data2 in June, 20223. It aims to understand a). How to enable schools to use the benefit of education technology (EdTech) and data while mitigating the risks; b). Which data are processed, by whom and why?; c). Whether it's in the children’s best interests following their privacy and rights. It also reflects on the role of the government, regulatory bodies, EdTech companies, schools, teachers and parents in this complex ecosystem of technologies. This report is based on the findings of interviews conducted with professionals who work in or with schools on data and digital technologies in the state school sector in the UK during May 2021 - April 2022. A question in the interview guide, “How has the pandemic affected your institution’s use of EdTech?'' suggests itself about the emerging concern as well as its global relevance today. The collection of education/student data has grown phenomenally since COVID-19 pandemic due its increased dependence on digital learning tools and devices including virtual classrooms. The report explores the possibility of harnessing the benefits of technology and at the same time emphasizes on having strong data protection in place for digital safety, child safety and child rights.
There is a lack of awareness and understanding about the types of data processing and usually impossible to negotiate given the power imbalance between individual schools and EdTech companies. It appears that the data being processed by online EdTech providers are not meaningfully informing schools or governments. It is also important to note that in order to carry out the work of educating children, explicit consent to process personal data is not required from anyone – parent or child. Regarding the approach of schools on data protection obligations, many Data Protection Officers (DPOs) highlighted the importance of the risk- and intent-based approach of the General Data Protection Regulation (GDPR). Schools also consider data protection primarily through a safeguarding (child protection) lens. On the benefits of education data, schools claimed to have more and better curated data for analysis, to understand children’s needs, and making teaching more efficient. However, the problems associated with using education data in children’s best interests were more prominent than the benefits.
The report has detailed recommendations for government, technology providers and schools. Some recommendations for governmental and regulatory bodies are investment in educational expertise, to oversee the market, certification of digital products and services in compliance with the Age Appropriate Design Code (AADC) and GDPR apart from the funding, guidance and training of teachers and school staff about the beneficial use of EdTech and data protection. The EdTech companies are suggested to stop using student data exploitatively including biometric, for making it a revenue stream directly or indirectly without gaining explicit consent, comply with data protection regulations, process only data proportionate to the product’s purpose and educational outcomes, ensure co-creation and evidence-based product along with the research done. Schools are advised to provide education for students on their rights as data subjects and their critical understanding of how and why their data is shared. It is also expected to involve their parents, recognising that they may need targeted support to help their child attain the levels of interaction with technology that the school strives for.
It concludes with four priorities which are the needs of schools for change: