Describing the Privacy of Complex Things is Complex… so is testing black box behavior of same, both could do better.

Recently the Mississippi Attorney General sued Google, revisiting some of the same claims that the EFF made in late 2015, alleging that Google is mining student data in violation of agreements and the student privacy pledge.

The title of this post is my TL|DR summary of an excellent post by Bill Fitzgerald, the Privacy Initiative Director at Common Sense Media. It raises  an important point, which is that it is important that the vendors that provide EDTech services be accurate, transparent and comprehensible, about what is happening with use data, it is equally important to hold those that criticise, advocate, lobby, and enforce privacy to similar standards.

Based on the information currently available, the Mississippi AG lawsuit does not appear to meet this standard.

1.The lawsuit lacks specific evidence of any actual evidence of data mining. This was pointed out in the ED Week article about this by Benjamin Herold , where he says

“The Mississippi attorney general’s office, meanwhile, has provided only limited information about how it determined that Google is tracking students, using their data to build profiles, and targeting them with ads. Officials “tested” …[but] declined to provide any details about the nature of those tests, citing their ongoing investigation. The lawsuit itself contains no information demonstrating that any of Google’s allegedly deceptive practices actually occur.” 

This is also born out in the FAQ which says:

Q: What information is Google collecting?
A: It is unclear at this time exactly what information Google is collecting from its GSFE users. Through this lawsuit, the Attorney General seeks to uncover exactly what information Google is accessing and collecting. The lawsuit also seeks information as to how Google is using that data.

2.The allegations about Chrome Sync are both technically incorrect and refers to functionality (sync passwords, browser history, bookmarks etc.) that is similar to functionality that exists in nearly every modern browser/operating system. For reference see both Google’s response to Sen. Franken and the Chrome help page for adding a “trust no one” passphrase that prevents Google from reading sync data (see ) the descriptions of what does not work if this is done make it very clear what it is used for.

3. The references to non-core services ignore the clear statements that Google makes to schools (in the terms and in the admin console) that schools are responsible for obtaining parental approval for all users under 18 prior to enabling a non-core service . One question that has not been answered in Mississippi is if the student accounts the AG used had YouTube enabled for students, and if so, did the school obtain the parental permission.

4.On the claim that the Google policies are complex and in places contradictory. I’d point folks to the EDU privacy notice https://gsuite.google.com/terms/education_privacy.html  which is a short (<1200 word), easy to read document that summarizes the policies provides answers to that would lead one to believe the Miss. lawsuit got the facts wrong and very clearly addresses the concern about multiple conflicting polices by saying…

“Where there are terms that differ, as with the limitations on advertising in G Suite for Education, the G Suite for Education agreement (as amended) takes precedence, followed by this Privacy Notice and then the Google Privacy Policy.”

As far as them being complex, yes, that is a fair point, because it is a complex system and yes there are areas for improvement, but one very clear area I’d point to is where the word “privacy” links to depending on consumer or GSuite accounts.

privacy-compare

5.In a video clip of an interview with journalist Anna Wolfe, Hood make the claim that his office looked at “some other class action lawsuits that Google settled where they were in fact mining data of children”. No details were provided, but I cannot identify what “Class action settlements” he was referring to. The most likely one (Matera v. Google) appears to have been modified so that it does not include Google Apps for Education. The settlement document says

“Subsequently, on October 17, 2016, Plaintiff Matera filed an Amended Complaint (ECF No. 58), …… eliminating allegations pertaining to Google Apps”

6. As long as we are on the subject of court settlements and prior bad acts, it is worth remembering that a federal court shut down AG Hood’s abuse of authority in a prior case against Google after a series of Pulitzer prize winning articles on how the influence of lobbyists can sway congressional leaders and state attorneys general.

Some privacy and transparency areas that Google could improve on include:

  1. Disabling all non-core Google services by default for newly created GSuite for Education domains.
  2. Specifically clarifying what takes precedence for schools the ADmin notice that it is the schools responsibility to get permission from parents for students under 18 (and therefore under 13) to use services such as YouTube, Google + etc..) or the terms corresponding language that prohibits the use by under 13 in these services 9e.g. YouTube, Google + and the Google Chrome Store).
  3. Requiring developers to post links to terms and privacy policies in their listing in the Chrome Apps Store, and conspicuously displaying the link.
    • Require the same for Apps found apps discovered through Google Drive’s “connect more apps” feature.
    • Require the same for 3rd Party “google add-ons” for sheets, docs and forms. This last is particularly important as the user interface presents access to these 3rd party services from a menu within a document or spreadsheet. This has the potential to  create confusion over what is a Google product. Also since these services are listed with a tool (Google Drive) that is provided by the school it may create the impression that these tools are recommended, vetted, sanctioned or approved by the district.
    • This is shown below-the Drive App Pear deck has a link to policies, the Docs Add-on EasyBib does not.

  4. Clarifying the behavior of data collection for GSuite EDU users that are:
    1. Logged into GSuite but have YouTube disabled by the Admin
    2. Logged into GSuite but have YouTube enabled by the Admin

An example that raises this question is the network traffic when a non-logged in user searches YouTube and traffic appears to be going to google search services.

youtubecapture

3 thoughts on “Describing the Privacy of Complex Things is Complex… so is testing black box behavior of same, both could do better.

Comments are closed.