Google snoops on kids via Chromebooks, claims EFF in FTC filing

Think of the... oh never mind


Google has been collecting data from schoolchildren as young as seven years of age, according to a complaint filed with the US Federal Trade Commission (FTC) by the Electronic Frontier Foundation (EFF), despite the Chocolate Factory's legally enforceable commitment to refrain from such activities.

The EFF, which launched its "Spying on Students" campaign today, filed its complaint after examining "Google's Chromebook and Google Apps for Education (GAFE), a suite of educational cloud-based software programs used in many schools across the country by students as young as seven years old".

Google, it added, had signed the Student Privacy Pledge, "a legally enforceable document whereby companies promise to refrain from collecting, using, or sharing students’ personal information, except when needed for legitimate educational purposes or if parents provide permission". The EFF claimed in its statement:

While Google does not use student data for targeted advertising within a subset of Google sites, the EFF found that Google’s “Sync” feature for the Chrome browser is enabled by default on Chromebooks sold to schools.

This allows Google to track, store on its servers, and data mine for non-advertising purposes, records of every internet site students visit, every search term they use, the results they click on, videos they look for and watch on YouTube, and their saved passwords.

Google doesn’t first obtain permission from students or their parents and since some schools require students to use Chromebooks, many parents are unable to prevent Google’s data collection.

“Minors shouldn’t be tracked or used as guinea pigs,” EFF staff attorney Nate Cardozo said.

The EFF reports that the Chocolate Factory said it will "soon disable a setting on school Chromebooks that allows Chrome Sync data, such as browsing history, to be shared with other Google services".

"While that is a small step in the right direction, it doesn’t go nearly far enough to correct the violations of the Student Privacy Pledge currently inherent in Chromebooks being distributed to schools," according to the EFF.

The Register has contacted Google with our own enquiries and we will update this article if and when we receive a response. ®

Similar topics


Other stories you might like

  • The future: Windows streaming through notched Apple screens

    Choice is the word for Jamf's Dean Hager

    Interview As Apple's devices continue to find favour with enterprise users, the fortress that is Windows appears to be under attack in the corporate world.

    Speaking to The Register as the Jamf Nation User Conference wound down, the software firm's CEO, Dean Hager, is - unsurprisingly - ebullient when it comes to the prospects for Apple gear in the world of suits.

    Jamf specialises in device management and authentication, and has long been associated with managing Apple hardware in business and education environments. In recent years it has begun connecting its products with services such as Microsoft's Azure Active Directory as administrators face up to a hybrid working future.

    Continue reading
  • There’s a wave of ransomware coming down the pipeline. What can you do about it?

    AI can help. Here’s how…

    Sponsored The Colonial Pipeline attack earlier this year showed just how devastating a ransomware attack is when it is targeted at critical infrastructure.

    It also illustrated how traditional security techniques are increasingly struggling to keep pace with determined cyber attackers, whether their aim is exfiltrating data, extorting organisations, or simply causing chaos. Or, indeed an unpleasant combination of all three.

    So, what are your options? More people looking for more flaws isn’t going to be enough – there simply aren’t enough skilled people, there are too many bugs, and there are way too many attackers. So, it’s clear that smart cyber defenders need to be supplemented by even smarter technology incorporating AI. You can learn what this looks like by checking out this upcoming Regcast, “Securing Critical Infrastructure from Cyber-attack” on October 28 at 5pm.

    Continue reading
  • Ransomware criminals have feelings too: BlackMatter abuse caused crims to shut down negotiation portal

    Or so says infsec outfit Emsisoft

    Hurling online abuse at ransomware gangs may have contributed to a hardline policy of dumping victims' data online, according to counter-ransomware company Emsisoft.

    Earlier this month, the Conti ransomware gang declared it would publish victims' data and break off ransom negotiations if anyone other than "respected journalist and researcher personalities" [sic] dared publish snippets of ransomware negotiations, amid a general hardening of attitudes among ransomware gangs.

    Typically these conversation snippets make it into the public domain because curious people log into ransomware negotiation portals hosted by the criminals. The BlackMatter (aka DarkSide) gang's portal credentials (detailed in a ransom note) became exposed to the wider world, however, and the resulting wave of furious abuse hurled at the crims prompted them to pull up the virtual drawbridge.

    Continue reading

Biting the hand that feeds IT © 1998–2021