We talk a lot about security and privacy on my show, but we don’t talk enough about these subjects in relation to students and schools. Schools are tragically underfunded and can’t afford to hire cybersecurity experts, let alone privacy experts. Students are minors who lack the legal rights and life experience to push back against horrific privacy invasions brought on by remote learning and in-home test proctoring. The laws in the US are woefully outdated and we too often assume that what is legal is the same as what is right and just. Today, I’ll discuss these challenges and ethical dilemmas with Doug Levin.
Doug Levin is co-founder and national director of the K12 Security Information eXchange (K12 SIX), a national non-profit dedicated solely to helping schools protect themselves from emerging cybersecurity threats.
- K12 SIX: https://www.k12six.org/
- Annual “State of K-12 Cybersecurity Report’: https://www.k12six.org/the-report
- K-12 Essentials Series: https://www.k12six.org/essentials-series
- Public event calendar: https://www.k12six.org/events
- US Department of Education, Privacy Technical Assistance Center: https://studentprivacy.ed.gov/
- CISA K-12 Cybersecurity Resources: https://www.cisa.gov/stopransomware/k-12-resources
- CISA Back to School Campaign: https://www.cisa.gov/r8-virtual-back-school-campaign-2022
- US GAO: “Critical Infrastructure Protection: Education Should Take Additional Steps to Help Protect K-12 Schools from Cyber Threats” https://www.gao.gov/products/gao-22-105024
- EFF: Student Privacy Resources https://www.eff.org/issues/student-privacy
- CDT: Student Privacy Resources https://cdt.org/area-of-focus/privacy-data/student-privacy/
- EPIC: Student Privacy https://epic.org/issues/data-protection/student-privacy /
- Algorithmic Justice League: https://www.ajl.org/
- The Markup: https://themarkup.org/machine-learning/2022/01/19/help-us-investigate-the-ed-tech-industry
- Fight for the Future, which e.g., runs this campaign: https://www.baneproctoring.com/
- ACLU: https://www.nyclu.org/en/issues/education-policy-center/technology-schools
- Send me your questions! https://fdsd.me/qna
- Subscribe to the newsletter: https://firewallsdontstopdragons.com/newsletter/new-newsletter/
- Check out my book, Firewalls Don’t Stop Dragons: https://www.amazon.com/gp/product/1484261887
- Become a Patron! https://www.patreon.com/FirewallsDontStopDragons
- Donate directly with Monero! https://firewallsdontstopdragons.com/contact/
- Would you like me to speak to your group about security and/privacy? http://bit.ly/Firewalls-Speaker
- Generate secure passphrases! https://d20key.com/#/
Table of Contents
Use these timestamps to jump to a particular section of the show.
- 0:03:24: Pre-interview definition of terms
- 0:05:07: What is K12SIX about?
- 0:10:52: What are the biggest security threats for schools?
- 0:17:15: What about security threats for teachers and students?
- 0:21:58: What are your top security recommendations for schools?
- 0:30:01: What are the major impediments for schools improving cybersecurity?
- 0:33:20: How can schools systems best share info and help one another?
- 0:37:41: What are the main privacy threats for students?
- 0:46:25: How is student data being used (or abused)?
- 0:48:36: How do AI systems fail when it comes to minority populations?
- 0:51:32: How can students and parents assert their privacy rights?
- 0:56:03: What resources can you recomment for schools and students?
- 0:59:39: Interview wrap-up
- 1:00:40: Not reusing user names and passwords
- 1:02:20: Preview of upcoming shows, promotions