Google’s Chromebooks are still spying on grade school students

“Privacy advocates at the Electronic Frontier Foundation have again outlined how Google is successfully dumping millions of low-cost Chromebooks on U.S. schools, enabling the mass collection and storage of information on children without the consent of their parents or even the understanding of many school administrators,” Daniel Eran Dilger writes for AppleInsider.

“Two years after it filed a federal complaint against Google alleging that it was ‘collecting and data mining school children’s personal information, including their Internet searches,’ the EFF has issued a new status report detailing how Google is still working to erase minor students’ privacy “often without their parents notice or consent, and usually without a real choice to opt out,” Dilger writes. “In stark contrast, Apple has emphasized in its education site that it ‘will never track, share, or sell student information for advertising or marketing purposes” and that the “security, privacy, confidentiality and integrity of student information is always protected.’ The site also provides a data and privacy overview for schools and privacy guide for parents.”

“Increasingly, U.S. schools have adopted mandatory polices for grade-school students that assign children Chromebooks and enroll them into cloud services that collect data, without notice and without any alternative options,” Dilger writes. “Parents have reported to the EFF that schools have mass-enrolled their children into Google email accounts using their full names, posted their photos on social media sites and enrolled them into other services that collect data without any notification.”

Read more in the full article here.

MacDailyNews Take: Chromebooks. Google’s trojan horse.

Yet another reminder that there’s no such thing as a free lunch and you get what you pay for.

As we wrote last May: The cream-of-the-crop schools, like the cream-of-the-crop consumers and corporations, deploy Apple Macs and iPads, not cheapo plastic Chromebooks.

Unfortunately, too many U.S. public schools, unionized in the worst possible way, are broken through and through.

As we wrote back in January 2016: There is no easy answer for a company dedicated to quality to compete in a market that’s hellbent on shortsightedly wasting taxpayers’ money on cheap, shitty junk.

Make that “cheap, shitty, privacy-invading, unsafe junk.”

Apple is losing its grip on American classrooms to cheap Chromebooks – March 2, 2017
Apple CEO blasts teacher unions, says US schools are ‘unionized in the worst possible way’ – February 16, 2007

[Thanks to MacDailyNews Readers “Fred Mertz” and “Nick P.” for the heads up.]


  1. I believe the real threat to children’s privacy is from the schools themselves — in the form of budget-stressed administrators whose meagre understanding of technology makes them overly reliant on their technology officers. Their decisions to deploy Chromebooks — or even Surfaces or iPads – seem never to start or end with a concern for student privacy, but instead emphasise student outcomes and cost. Their priority ought to be the safety of children who can’t give consent to be tracked.

    Google is fuelling this worrisome trend by pushing Chromebooks, so they contribute to the problem, but it’s the school employees who are accountable for the well-being of students: they are the responsible adults in the classroom.

    1. Does Google own school/University or student data?

      No. Google doesn’t assume ownership of any customer data in G Suite core services, and this is stated in our contracts (under “Intellectual Property”).
      We provide powerful, easy-to-use management tools and dashboards to help administrative staff keep track of their organisation’s services, usage and data. We only keep your personal information as long as you ask us to keep it. If an education department, school or university decides to stop using Google, we make it easy for them to take their data with them.

      Does Google sell school or student data to third parties?

      No. We don’t sell your G Suite data to third parties, and we do not share personal information placed in our systems with third parties, except in the few exceptional circumstances described in the G Suite agreement and our Privacy Policy, such as when you ask us to share it or when we are required to do so by law.

      Are there Ads in G Suite?

      No. There are no ads in the suite of G Suite core services. Outside the G Suite Core Services, additional Google services may show ads, as described in the G Suite Privacy Notice. For G Suite users in primary/secondary schools, Google does not use any user personal information (or any information associated with a Google Account) to target ads.

      Which third Parties have reviewed Googles Security Practises?

      We connect with independent auditors to review our data protection practices. Ernst & Young, an independent auditor, has verified that our practices and contractual commitments for G Suite comply with ISO/IEC 27018:2014. G Suite and our data centres are also SSAE 16/ISAE 3402 Type II SOC 2-audited and have achieved ISO 27001 certification

      Has Google signed the Student Privacy Pledge?

      Yes. In order to reaffirm the commitments that we’ve made to schools, Google has signed the Student Privacy Pledge. This pledge, introduced by the Future of Privacy Forum (FPF) and the Software & Information Industry Association (SIIA), is intended to reflect our commitment to safeguard the personal information of students in our services designed for use in schools

      Does Google Encrypt my Data

      Yes. Data is encrypted at several levels. Google forces HTTPS (Hypertext Transfer Protocol Secure) for all transmissions between users and G Suite services and uses Perfect Forward Secrecy (PFS) for all its services. Google also encrypts message transmissions with other mail servers using 256-bit Transport Layer Security (TLS) and utilizes 2048 RSA encryption keys for the validation and key exchange phases. This protects message communications when users send and receive emails with external parties also using TLS.

      What kind of scanning or indexing of user data is done on G suite for Education accounts?

      G Suite services don’t collect or use information in those services for advertising purposes or to create ads profiles.
      Gmail for consumers and G Suite users runs on the same infrastructure, which helps us to deliver high performance, reliability and security to all of our users. However, G Suite is a separate offering that provides additional security, administrative and archiving controls for education, work and government customers.
      Like many email providers, we carry out scanning in Gmail to keep our customers secure and to improve their product experience. In Gmail for G Suite, this includes virus and spam protection, spell check, relevant search results and features such as Priority Inbox and auto-detection of calendar events. Scanning to provide product features is carried out on all incoming emails and is 100% automated. We do NOT scan G Suite emails for advertising purposes.

      Can G Suite for Education be used in Compliance with the Family Educational Rights and Privacy Act (FERPA)?

      Yes. G Suite core services comply with the Family Educational Rights and Privacy Act (FERPA), and our commitment to doing so is included in our agreements.

      Can G Suite for Education be used in compliance with the Children’s Online Privacy Protection Act of 1998 (COPPA)?

      Yes. We contractually require that schools using G Suite obtain the parental consent required by COPPA. Our services can be used in compliance with COPPA as long as a school has parental consent.

      1. Bullshit. I do not and will never trust Google as long as they aggregate, parse, and profit from consumer data and advertising as their primary product. Google is a cancer on the internet, plain and simple. Use all the pretty words that you want, but Google is parsing and profiting from every possible byte of data that it can grab.

        1. It was the Communist fellow traveller, the Nazi sympathiser, the Capitalist apologist, the family enabler that allowed bullies and tyrants to seize power and emboldened them to ever further abuses. The only way to stop these sociopaths is to identify their entry points and attack those, even though they might be our own kin.

    2. bah, blaming school administrators for not understanding who the real villain is? Get real, Mr. Mole’s Technophillia of school children IS the enemy…there’s a good reason Jobs threw his happy ass out the door.

      1. Of course Google is the enemy, but parents, teachers, and administrators are the enablers — in their ignorance and short-sightedness, inviting the devil into their lives. Target the enablers, who are the supposed custodians of our young, and it may be possible to stymie him. Taking him on directly hasn’t worked.

        1. I disagree with your most learned opinion, I cannot see that a school administrator can be responsible for the “devil” in the internet anymore than being responsible for those who would poison the food in school children’s cafeterias.

          I am glad you are posting again on MDN.

  2. Corporate unions are bad; People’s unions are good.

    The life of the people’s unions lives on in MDN’s practice in that MDN is forced to give his interns lunch and bathroom breaks. Before people’s unions, the corporation disregarded workers’ health and safety.

    I call on an aggressive strengthening of people’s unions and the deminution of the strength of corporate unions. An example of a corporate union is the GMA, Grocery Manufacturing Association, a corrupt union. It paid millions to defeat GMO labeling in CA.

  3. Googles Educational Privacy policy is very clear and transparent. (Better then or equal to Apples)

    If Schools are using Chromebooks without also utilizing a Google EDU domain then thats the School’s problem, not Googles.

    1. Bringing up privacy policy is a non-sequitur; The issue is privacy practice, not the policy. People have confidence in Apple’s privacy practices but not Google’s.

      1. I dont know why you would put more trust into one corporate entity over another. they are machines that don’t care about you at all. they only want your money.

        Except that Google EDU domains are Free and Apple’s iPad based half working sort of solution is expensive and finicky.

  4. The EFF report had a footnote to a letter in response to Senator Al Franken’s inquiry into the security and privacy of Google Apps for Education Core Services [Gmail, Google
    Calendar, Groups, and Drive, which includes Docs (word processing), Sheets (spreadsheets) and Slides (presentations).
    ]. In a nutshell, it appears that the core services ARE protected quite stringently, but when school administrators allow access to services outside of those core services (supposedly with consent from parents obtained by the school) there may be a less stringent policy in force.

    Click to access 160216GoogleResponse.pdf

      1. Totally agree. Doesn’t help that the FUD spread is made easier by the amount of documents you have to wade through to form an informed opinion. I thank my 2nd Grade speed reading courses. 😀

      2. Google set it up that way, Herself. This little piece meets standards and is safe for kids. But press this button and everything is fair game. Of course, you won’t be satisfied with just the core services, will you. So go ahead, push that button and sell the children…

        Google has to earn my trust, and the company is starting from below ground zero. I strongly dislike Google and it’s management.

        1. Google has been able to set up a beachhead in education because they’ve spotted a lucrative lifetime market for personal data — get ’em when they’re young, and you’ve got ’em forever — and deliberately underpriced Apple and Microsoft to get ’em, knowing that schools are perennially cash-strapped.

          But administrators are to blame for allowing less-accountable third parties access to the data. This is where the real trouble begins. A truly responsible US Department of Education would issue guidelines and offer training to school district personnel in this dawn of digital services to students. Yes, it’s regulation, but of a sort that is urgently needed to stop advertisers from owning the next generation.

        2. Since we understand that the problem is easy accessibility to Google, perhaps being part of the solution by ‘evening’ the accessibility field by donating usable Apple hardware to schools in sufficient quantities that they don’t need to purchase Chromebooks, even to replace damaged ones, and provide the associated technical expertise to secure AND manage those systems then everyone can just stop complaining about schools doing the best they can with the resources they are provided. Convince Apple to give deep discounts to schools would also help stem the tide, everyone can see they can afford it. Think about it as the “Apple Tax” actually working for you. Evidently people are content to sit back and allow the schools their children attend to expand use of Chromebooks without providing an alternative solution and then complaining about it. Unlike complaining about the direction Apple takes with ‘new’ developments I think this is a situation parents and those similarly concerned have the opportunity to do something about.

  5. Rule 1 never trust google, rule 2 refer to rule 1. Google is evil, their business plan is to harvest personal information and sell it. Any hardware or software tool they sell or give away is used for this purpose. Protect yourself and dump google.

    1. I think the translation software used to generate the text in the article you linked to has not been edited by any human hands to correct errors. Most likely ‘Google Dwelling’ is meant to be “Google Home” among other mistranslated terms. Please link to an article on the same subject that was written originally in English to avoid such difficult to parse text.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.