SafeGov.org have released a survey of European data protection officials, which suggests that children who are using cloud computing technologies at school are at risk of privacy violations if they don’t receive special protection.
The study has been released to coincide with the International Conference of Data Protection and Privacy Commissioners taking place this week in Warsaw.
The survey shows support for safeguarding especially vulnerable cloud user populations in public organisations, such as school children, civil servants, and healthcare professionals and their patients, who are at risk of being tracked and profiled for online advertising purposes. The majority of respondents endorsed the use of codes of conduct, establishing rules that schools and cloud providers could voluntarily sign up to follow. The codes include a pledge to ban the processing and secondary use of students’ personal information for advertising purposes while in school.
Jeff Gould, president of SafeGov.org. believes that although the cloud is a great innovation, it can leave people vulnerable: "The use of commercial cloud services by schools in Europe is growing, and while the benefits of such adoption are indisputable – ease of use, cost and simplicity — the education sector contains particularly vulnerable users who require special privacy protection. We’re comforted by the support voiced for safeguarding school children, and today we’re asking for a clear, principled commitment from cloud, policy and education actors banning targeted advertising in schools."
SafeGov.org has called upon Europe’s Data Protection Authorities (DPAs), the European Commission, national education ministries, European schools and parent associations to recognise that while free commercial cloud services provide great benefits to schools, they must be carefully regulated in order to prevent violations of data protection rights or the introduction of advertising into schools. SafeGov.org has stressed that codes of conduct would prevent such violations against vulnerable users of the cloud. It has been suggested that DPAs work with schools to develop a set of criteria for use during the cloud provider selection process to ensure that data will be protected.