Raising Humans in a Digital World
Page 18
Shear, the father of two children in elementary school, says an immense amount of data is being collected from today’s students. “Schools are using free apps, and the personal data these apps collect is being sold, literally right under a parent’s nose,” says Shear.3 When Education Week interviewed him on this topic, he told them, “When I was young, I went to the library, I took out books on all kinds of crazy stuff, and that information wasn’t stored in the cloud to be analyzed by algorithms or sold to third-party advertisers. Our kids should have the same freedom.”4
Yet they don’t. Students today routinely divulge personal information, a task made easy thanks to technology, without fully understanding the possible consequences. Many seventh and eighth graders take the PSAT 8/9 Assessment. This is the precursor to the popular SAT, the College Board test that most college-bound high school students take. The personal information collected by the College Board includes name, grade level, sex, date of birth, student ID number or Social Security number, racial/ethnic group, military relation, home address, email address, mobile phone, grade point average, courses taken, and parents’ highest education levels. While it is not mandatory that students provide all this information (good luck collecting this data from my now-skeptical students next year, College Board!), most kids obediently and willingly do so anyway. What does the College Board do with this sensitive information? In a letter published in the Washington Post, Cheri Kiesecker, a Colorado parent and member of the Parent Coalition for Student Privacy, writes:
[T]he College Board’s privacy policy to parents and students claims they do not sell student data. Rather, they sell a license to access a student’s personal data. What is the difference? Indeed, this distinction seems only semantical.5
Consider the dozens, possibly hundreds or thousands, of free educational services and apps available to schools today. For instance, one of the most popular is Google’s G Suite for Education (formerly Google Apps for Education), an online learning management system designed specifically for schools. It incorporates Google Classroom (a free web service that lets teachers and students easily share work and assignments) with other free Google products like Gmail, Calendar, Docs, Sheets, and Slides. It’s an amazing resource that helps teachers stay organized, conduct quizzes, share information, and communicate with students—and the best part is, it’s entirely free! Who can fault a cash-strapped school or teacher for taking full advantage of such a deal? More than seventy million people actively use G Suite for Education today. Perhaps not surprisingly, Google openly acknowledged in 2016 that it “collects and data mines for some commercial purposes a wide range of personal information on student users who log in through its popular Apps for Education service, then venture to the company’s search engine and other products.”6 It’s not just apps that collect student data. Software on laptops, tablets, and computers used in school collect personal information, too— everything from birth dates to search histories.
Google tracks its users across other services it offers, including YouTube. In early 2018, a complaint filed with the FTC by twenty advocacy groups claimed YouTube routinely collects data on children under age thirteen. In its defense, YouTube says its terms of service state the site is not for viewers under age thirteen. Which is hard to believe, as it offers “cartoons, nursery rhyme videos, and those ever-popular toy-unboxing clips” that garner millions of views.7
In and out of school, kids give personal information to the apps, games, websites, and anything else they use. “All of this data may be used in ways never imagined,” says Shear. “We need to educate our kids about what is actually happening with their personal information when they use so-called ‘free’ digital products and services.”8
TEACHING KIDS ABOUT PERSONAL INFORMATION AND PRIVACY–PART 1
With all the possible perils the internet poses to minors, data mining of their personal information might seem low on the list of parental concerns, but it’s not. A 2015 report released by the Family Online Safety Institute (FOSI) states that while most parents believe technology affects their children’s lives in positive ways, they remain concerned about their children’s personal safety and privacy. FOSI found that parents are more concerned about privacy than about performance in school, social relationships, physical health, technology use, and behavior.9
Privacy isn’t just important to parents. “It’s very important to kids, too,” says Shauna Leff, vice president of marketing and communications of PRIVO, a company that provides a suite of privacy solutions for companies. “Starting in middle school, privacy becomes very important to kids,” she told me. “Their online lives become like their bedrooms. They want, and expect, to find privacy there.”
According to Leff, kids want something else, too. “They want engagement; they want customization. They want to be able to use free sites, like YouTube,” she explains. “But think about it: What does Google get out of it? Kids have to understand that everything online can’t just be free. There is a price to be paid.”10
That price is their personal information.
Learning the Price of “Free”
Learning that their personal information is a valuable commodity may be the most important lesson for children starting to use connected devices. I try to drive home this concept with my students through various activities that follow the introductory “announcement” at the beginning of this chapter. They are required to read the privacy policies and terms of service of the apps they use most: Snapchat, Instagram, etc. This comes after a basic vocabulary lesson that teaches them the meanings of words and phrases they’ll find in the fine print of every app or web service they will ever use—personal information, cookies, third parties, license, user content, location information, log file information, monetization, and so forth. Many adults don’t even fully understand these terms, even though they routinely see these words in the policies they skim and agree to when downloading apps and services to their own phones and computers.
COMMON PRIVACY POLICY TERMS
•Personal information: Includes your name, address, email address, phone number, age, etc.
•Cookies: Small files placed on your device by some sites you visit. Cookies enable sites to “remember” your data.
•Third party: “Party” is a legal term for a person or entity. A “third party” is a person or entity other than the one you may have entered into an agreement with.
•License: Official permission to do, use, or own something.
•User content: Includes words, images, videos, audio, memes, or anything else you post online.
•Location information: Information about where a device user is located. Apps and websites can determine location by using cellular, WiFi, GPS, Bluetooth, etc.
•Log file information: A log file records events that occur on a device and may include search queries, how web services were used, and information about crashes, hardware settings, browser type, and more.
•Monetization: The process of making money.
You’d think students would complain bitterly about the tedium of reading these excruciatingly long and boring policies. Instead, they attack them with zeal and are often appalled at what they find. Some of my students found this buried within the Snap Inc. terms of service: “Many of our Services let you create, upload, post, send, receive, and store content. When you do that, you retain whatever ownership rights in that content you had to begin with. But you grant us a license to use that content. How broad that license is depends on which Services you use and the Settings you have selected.”11 (emphasis added)
The part in italics grabbed their attention. “Snap” is short for Snapchat, the app they know and love because user content supposedly “disappears” after it is viewed by whomever it’s been shared with. Sure, most kids realize that friends can screenshot the content to keep and use elsewhere, but few suspected Snapchat of using their content. Upon further scrutiny, students discovered that for all content uploaded to the app, “you grant Snap
Inc. and our affiliates a worldwide, royalty-free, sublicensable, and transferable license to host, store, use, display, reproduce, modify, adapt, edit, publish, and distribute that content.”12
Additionally, students learned that if their “Snapchat Stories” were set to be viewable by “everyone,” any content in that story is “public content,” which means:
[T]he license you grant us for this content is broader. In addition to granting us the rights mentioned in the previous paragraph, you also grant us a perpetual license to create derivative works from, promote, exhibit, broadcast, syndicate, sublicense, publicly perform, and publicly display Public Content in any form and in any and all media or distribution methods (now known or later developed). To the extent it’s necessary, when you appear in, create, upload, post, or send Public Content, you also grant Snap Inc., our affiliates, and our business partners the unrestricted, worldwide, perpetual right and license to use your name, likeness, and voice, including in connection with commercial or sponsored content.13 (emphasis added)
You might have to read these excerpts a couple of times to get the point. My students got it right away. They discovered that, even on this so-called “disappearing” app, the personal information and content they share doesn’t disappear at all.
A Third Party Asks What Students Think
A couple of weeks into these lessons, I was contacted by a producer from NBC’s Today Show, who asked if he could send a film crew to Journey School. He wanted to include us in a series they were producing about kids and technology. When I delivered this exciting news to the seventh graders, they didn’t believe me. I’d lost all credibility with that class after my “special announcement!”
Nevertheless, a few weeks later, a news crew did show up at school, and when NBC correspondent Jacob Soboroff asked a group of five students what they’d been learning in Cyber Civics, they wasted no time responding. “We’ve been learning about privacy policies and terms of agreement,” a bright young boy named Nicolas answered. I was surprised at how eager they were to tell Soboroff all about the boring legalese they’d been reading, and I think he was surprised, too. Especially when they told him that what they discovered “freaked them out” so much, they’d decided to delete some of their apps.
“You guys have friends obviously outside of this school and outside of this class. Do any of them read the terms of agreement on social media?” asked Soboroff.
“No,” they responded, laughing.14
When asked if they thought they knew more about the apps they use than their friends, all five heads bobbed up and down. “Absolutely,” one student answered. “I can’t believe how little most kids know.”
Understanding Personal Information = Smart Choices
NBC aired this segment the same day that Facebook’s Mark Zuckerberg broke his silence about the privacy scandal involving his social network and Cambridge Analytica, a voter-profiling company that collected and used the personal information of tens of millions of Facebookers. When the New York Times and The Guardian broke this story, Facebook’s stock quickly plunged by 7 percent (that’s a $37 billion hit, by the way). Even worse for the social media app, many considered quitting Facebook as the hashtag #DeleteFacebook started trending across the web. It was a big deal. But if you dig into this story, it makes you wonder if things would have been different had Facebook users been better educated, or at least curious, about how the personal information they willingly provided the social media network might be used. Here’s what happened: “A researcher named Aleksandr Kogan developed a personality-quiz app for Facebook. . . . About 270,000 people installed Kogan’s app on their Facebook account. But as with any Facebook developer at the time, Kogan could access data on users or their friends.”15 (emphasis original)
There’s more to the story than this, but the salient fact is that users whose personal information was shared likely didn’t read Facebook’s privacy policies carefully. Or understand they had the choice not to take the quiz. Or know how to customize their privacy settings. It’s becoming apparent that these are basic survival skills for citizens in a digital age.
That’s why it’s essential to teach kids that “free” has a price: their personal information. But, even more importantly, they should know that they can and should decide how much of their personal information to share on the web.
Be Aware: Kids Will Still Share
Even armed with this knowledge, kids will be tempted to share personal information online. “We are living in a Facebook era, where people are so excited to share everything, their every moment,” says Leff. “That’s fine, that’s great—if people have made a choice to do that. But everyone should be able to choose what they want to share and what they want to get in exchange.”16
Personally, I’ve made the choice, time and again, to share personal information in exchange for awesome services. I share my listening history with Spotify (a music app), and in exchange it gives me a tailored “daily mix” of songs it thinks I will like, based on my data. Strava, an exercise app that tracks my bike rides, asks me to share my age, which I readily do (even though I don’t do this nearly as readily in real life!). In exchange, it compares my performance to other riders that fall within my age range. That way, I don’t have to suffer the humiliation of being mercilessly outridden by nineteen-year-old “Mach 1 Racer.” Entirely worth it.
But like all fair exchanges, both parties should be fully aware of how the exchange works, even if one of those parties is a nine-year-old kid you’ve decided is old enough to play Roblox or Minecraft. When children download or sign up to use games, apps, music, or other services, they are inevitably going to be asked to share personal information. Most children will share their personal information, or yours. That’s right. When children use a parent’s device, which many do, the stored passwords, email addresses, credit card numbers, birth date, address, contacts, and other data on that device are often a quick click away from being shared by the child using that device.
Do I have your attention now? Good. Because helping your children understand that personal information should be protected and shared sparingly is really important. And this is only the beginning of what they should know about privacy and personal information. Why? Because not knowing about this next part puts our democracy at risk.
TEACHING KIDS ABOUT PRIVACY AND PERSONAL INFORMATION–PART 2
Way back in the days of a nascent internet, a short twenty-five years or so ago, many believed this magnificent new platform would be a boon for humankind because it would give everyone and anyone—regardless of race, age, gender, social status, or political persuasion—a voice. This “new public square,” as many called it, would be teeming with new ideas, divergent worldviews, and alternative solutions to problems—unfiltered and unedited—and the world was going to be better for it.
In 2001, legal scholar Cass Sunstein, later head of President Obama’s Office of Information and Regulatory Affairs, explained that such an internet would benefit democracy:
[P]eople should be exposed to materials that they would not have chosen in advance. Unplanned, unanticipated encounters are central to democracy itself. Such encounters often involve topics and points of view that people have not sought out and perhaps find quite irritating. They are important partly to ensure against fragmentation and extremism, which are predictable outcomes of any situation in which like-minded people speak only with themselves.17
This idealistic vision of the internet never quite materialized. Instead, because of the business model explored in Part 1 (the internet extracts personal information and provides customized and free experiences in exchange), humankind ended up with something entirely different from what the optimists imagined. Today, we have an internet that largely decides for us what we want and like.
While this might sound like an overstatement, think about it. Sophisticated algorithms embedded in nearly every online experience track what we like and do, based on the information we give them. Not only does this in
clude the personal information we willingly hand over, but also our searching, buying, and browsing habits. This is personal information, too. Now consider this: The internet is getting better and better at analyzing all the data it gobbles up. It knows what we like and want, sometimes better than we do. For example, did you happen to search for a new pair of shoes online? Bingo—now shoe advertisements are probably popping up on sites you visit. Did you like or share a left-leaning news article or two on Facebook? That explains why you’re getting more stories from the Huffington Post and Mother Jones on your feed instead of Fox News and The Weekly Standard.
Welcome to the world of “filter bubbles” and “echo chambers.” You’ve arrived at the really important part of personal information.
Help, I’m Trapped in a Filter Bubble!
In a compelling 2011 TED Talk, Eli Pariser, the former executive director of MoveOn.org, introduced the world to the term “filter bubble.” “Your filter bubble is your own personal, unique universe of information that you live in online. And what’s in your filter bubble depends on who you are, and it depends on what you do.”18 Additionally, Pariser warned, “if we don’t pay attention to it, it could be a real problem.”19
Google is particularly adept at this filter bubble business. Whenever you use the search engine, “there are fifty-seven signals that Google looks at— everything from what kind of computer you’re on to what kind of browser you’re using to where you’re located—that it uses to personally tailor your query results.”20