Google rejects EFF claims it spies on school kids

Google rejects EFF claims it spies on school kids
EFF files a complaint with the Federal Trade Commission alleging that Google collected and data mined children's personal information.

Google has rejected the Electronic Frontier Foundation's concerning claims with regard to how it collects and uses data when child students use school-issued devices, like Chromebooks, and Google's own Google Apps for Education (GAFE) core and non-core services.

Key among the EFF's complaint is the Google Sync service used by the Chrome web browser, and how Google utilizes student's information when using non-Core (or "consumer") services, including YouTube, Maps and Books.

We'll now take a look at the EFF's allegations about Google's practices, and the response from the Search giant, based on the information available publicly at this time.

EFF's Spying on Students campaign

The FTC complaint has arisen as a result of a noble cause, which is the EFF's "Spying on Students" campaign. Its goal is simply to raise awareness about privacy risks associated with devices and software provided by schools to children as young as 7 years old.

As part of this program, the EFF examined Chromebooks sold to schools by Google, and also examined its GAFE Core services (including email, Calendar, Talk/Hangouts, Drive, Docs, Sheets, Slides, Sites, Contacts and the Apps Vault) and non-Core services as used by students.

A potential risk raised by the EFF is that Google Sync is enabled by default on Chromebooks sold to schools, and the EFF didn't hold back when asserting what this allows Google to collect.

"This allows Google to track, store on its servers, and data mine for non-advertising purposes, records of every Internet site students visit, every search term they use, the results they click on, videos they look for and watch on YouTube, and their saved passwords," the EFF asserts.

"Google doesn't first obtain permission from students or their parents and since some schools require students to use Chromebooks, many parents are unable to prevent Google's data collection."

Additionally, the EFF also indicates that Google serves ads to students when using non-GAFE services but while still logged in to the student account, and that Google is tracking activity on these services (Google News, Maps, Books, YouTube etc.) and applying it to an ad profile attached to the account, regardless of the fact that its a student account.

The Student Privacy Pledge

The reason the EFF has reached out to the Federal Trade Commission is it finds Google is violating the Student Privacy Pledge, which it signed earlier this year. The pledge amounts to a legally enforceable document that commits Google to refrain from collecting, using or sharing student's personal information, unless it is needed for legitimate educational purposes.

"Despite publicly promising not to, Google mines students' browsing data and other information, and uses it for the company's own purposes. Making such promises and failing to live up to them is a violation of FTC rules against unfair and deceptive business practices," said EFF Staff Attorney Nate Cardozo.

"Minors shouldn't be tracked or used as guinea pigs, with their data treated as a profit center. If Google wants to use students' data to 'improve Google products,' then it needs to get express consent from parents."

The EFF wants the FTC to investigate the claims and force Google to stop using students' personal information for its own purposes, and mandate that all information previously collected be destroyed.

Google rebuffs EFF, clarifies its use of personal information

Jonathon Rochelle, director of Google Apps for Education, responded to the EFF's complaint by insisting that Google's services comply with both the law and the commitment it made by signing the Student Privacy Pledge. Rochelle insists that Student's personal data in the GAFE Core services is only used to provide the service itself, while no ads are shown and the data is not used for advertising purposes.

As for non-Core (or "consumer") services such as YouTube, Rochelle clarifies that it is up to schools whether students can even access these services with the GAFE accounts.

"We are committed to ensuring that K-12 student personal information is not used to target ads in these services, and in some cases we show no ads at all. In Google Search, for example, we show no ads when students are logged in," Rochelle insists.

He also insists that Chrome Sync is only used to enable account holders to log into any Chromebook or Chrome browser and find all of their important stuff, like apps, extensions, history, and so on. Applied to the classroom, this means that shared devices can still provide a personal experience once a student logs in to a personal account.

In GAFE accounts, personally-identifiable data is used only to allow students to access their own data across devices. Google's systems also compile data from millions of users of Sync, with personally-identifiable information removed, to improve its services. As an example, Rochelle posits how millions of users encountering an error on a webpage could alter its search result rankings.

GAFE users' Chrome Sync data is not used to target ads to individual students.

It is worth noting that co-authors of the Student Privacy Pledge, The Future of Privacy Forum and The Software and Information Industry Association, have been critical of the EFF's interpretation of the pledge. The FTC's interpretation will be a lot more important.

Sources & Recommended Reading:
  • Google Deceptively Tracks Students' Internet Browsing, EFF Says in FTC Complaint:
  • EFF's FTC complaint document:
  • Google's Student Tracking Isn't Limited to Chrome Sync:
  • The facts about student data privacy in Google Apps for Education and Chromebooks:
  • Future of Privacy Forum Statement Regarding Electronic Frontier Foundation Student Privacy Complaint:
  • Some Misunderstandings of the Student Privacy Pledge:
  • Google+: Google for Education (Image Source):

Written by: James Delahunty @ 3 Dec 2015 11:51
Google FTC EFF
Advertisement - News comments available below the ad
  • thebox

    Google rejects because Google knows it's been caught and to fix things before stuff gets more known, they will silently fix the issue(s) and no one shall ever know.

    ahhhhh!!! cobras

    3.12.2015 12:02 #1

  • Bozobub

    Of course they deny everything. Admitting you've been shady is not a recipe for success.

    4.12.2015 05:04 #2

  • ilikefree

    I think schools should not make students use Chrome or Chromebooks as everyone knows they both have "phone home" programs built in.
    If you need a computer to do your school work it should be up to the students or their parents what they use so long as the lessons they are needed for will run ok on them.
    Schools probably got a bulk purchase deal with Google to resell to students, maybe mining the information was planned from the beginning and now someone has bought it to the attention of others they are trying to clean up after the fact.
    Googles "do no evil" has been changed to "do no evil that can be tracked back to us" I think
    Google suck

    shit doesnt just happen theres always an arsehole involved

    4.12.2015 19:16 #3

  • megadunderhead

    ok why don't you look at microsoft

    hi with windows 10 we will be taking your personal information from your computer selling it to adware and solicitors to send e-mails to friends and families and if you don't agree with this we will just shut down your computers features unless you let us do it

    6.12.2015 01:20 #4

  • ilikefree

    I don't use windows 10 and sometime tonight I will be uploading to my website a small tool to remove everything they are trying to push onto people.
    Get Windows 10 notification icon, downloaded files,Upgrade operating system program, etc
    Try it tomorrow
    Get Windows 10 Removal Tool

    shit doesnt just happen theres always an arsehole involved

    6.12.2015 01:52 #5

  • Bozobub

    I love my 3rd-party firewall (Comodo).

    EVERY new little BS program M$ tries to foist off on Windows update to grease me into accepting Windows 10 gets flagged by the firewall; I can then block and terminate the process with prejudice. I also block them in Windows Update, but they "magically" keep forgetting to honor that status.


    The blatant keylogging by Win10 makes it a complete "Hell, no!" for me. And that's ignoring the other problems I have with the OS.

    I can run my old-ass games and ePSXe on Win7 ju-u-ust fine. I also don't have a touchscreen. I simply won't ever need Win10 with this system. And I want the OS about as much as I want leprosy.

    6.12.2015 04:39 #6

  • ilikefree

    I use Key Scrambler from QFX Software
    Sometimes I need to turn it off as it won't keep up with my typing speed

    shit doesnt just happen theres always an arsehole involved

    6.12.2015 16:18 #7

  • ilikefree

    I also use a two way firewall, Private Firewall, it tells me anytime anything wants to access the internet

    shit doesnt just happen theres always an arsehole involved

    7.12.2015 22:07 #8

  • hearme0

    Just because your "services comply with all laws" doesn't mean it's got free reign to do anything and it doesn't mean it's right or proper. "Laws" being complied with are often blanketed and moreso for adult-related issues rather than child.

    As for Mega's comment........really? really? MS ain't sellin' sh*t to anyone with your Cortana inking and typing so stop being propaganda spreader and an alarmist.

    Frankly, if you can't trust MS now, then we're all screwed. Lighten up!

    9.12.2015 13:55 #9

  • Bozobub

    "Sell"? Possibly not, although that's highly doubtful, at best; the privacy TOS for WIn10, at least, directly mentions that they give your data to 3rd parties. They also directly admit they've given data gleaned from this type of spying into the grubby mitts of the NSA/FBI. Google also does largely the same type of data collection, as well as Apple.

    Microsoft keylogs EVERY Win10 keystroke, by default. You think they don't do the same for Cortana searches, which are run entirely on M$ servers? Google and Apple are similar with their voice-based "digital assistants" and record everything, although Google will, unlike the others, let you use the voice API while offline; you do, however, lose some capability, of course.

    If you're doubtful, a simple Google search for "(microsoft OR google OR apple) gives data to (nsa OR fbi)" (sans quotes, and capitalization is important here; the capitalized words are Boolean operators) will be quite eloquent on my behalf.

    You can denigrate distrust of any of the "Big Info" players all you like; I think you'll find that to be a rather tough row to hoe.

    9.12.2015 14:16 #10

© 2024 AfterDawn Oy

Hosted by
Powered by UpCloud