I recently ran across this research paper from the Fordham Law School, in the research paper, which can found here the goals of the study are:
“The goals of the study are threefold: first, to provide a national picture of cloud
computing in public schools; second, to assess how public schools address their statutory
obligations as well as generally accepted privacy principles in their cloud service agreements;
and, third, to make recommendations based on the findings to improve the protection of student
privacy in the context of cloud computing.”
They discovered some disturbing statistics including:
- Only 25% of districts inform parents of their use of cloud services
- 20% of districts fail to have policies governing the use of online services
- A sizable plurality of districts have rampant gaps in their contract documentation, including missing privacy policies
- School district cloud service agreements generally do not provide for data security and even allow vendors to retain student information in perpetuity with alarming frequency
In short many school districts are using cloud services with little regard or concern for the safety, security and use of the online data that the schools are uploading to cloud service providers. Pretty scary if you have kids in the public schools system.
The paper is about 100 pages long but does a great job at identifying some big gaps or problems with how are school systems are using online and/or cloud services.