Protecting our kids means more than helmets

Technology has slowly woven its way into the education world, bringing many welcome efficiencies and benefits. Though some of these new benefits have come with some rather predictable high-tech hazards, a few of which have been serious enough to light fires under education’s notoriously, but understandably, slow-moving bureaucracies.

Los Angeles Unified School District (LAUSD), which is surely tech-advanced and has sophisticated safeguards in place, recently discovered that a user on the dark web was selling data, which experts think may have been acquired in a 2022 cyberattack. The exposed files contained sensitive information for hundreds of people born between 1993 and 2010 including home address, homelessness status, disability status and contact information for relatives.

data privacyFor another example, consider the cyberattack on New York City public schools (again, hardly a soft target) that occurred in June 2023. According to reports, the attack exposed sensitive data on roughly 45,000 students. The documents that were accessed included student evaluations, and the exposed data included social security numbers and birthdates. It’s chilling stuff, and these are just two examples of many.

Thankfully, administrators are taking measures to protect our students, their data, and their privacy. Some of that protection has come from organizations like A4L and their Student Data Privacy Consortium. A4L is a global non-profit that provides solutions in the education data space and supports the use of standards by schools, districts, states, countries, and education vendors. Here in the US, A4L is working within 28 States to help set guidelines for data and privacy protection. Their critical work will be expanding into even more States by the end of 2024.

However, while some organizations are making positive strides to protect student data in schools, the landscape of guidelines and safety evaporates rapidly once the school day ends. For after-school activities like sports, academic clubs, and extracurriculars, there are few, if any, safety nets in place. This is a new frontier, and the ones who staff the space tend to be overwhelmed coaches and athletic directors who are preoccupied with more pertinent matters like coaching, tryouts, scheduling, equipment, travel, and fundraising. Until recently, things like data and privacy just haven’t been in the conversation.

Most of all, consider fundraising, which, for decades, has been a huge component of extracurriculars. It wasn’t long ago when our kids were going door-to-door to stranger’s houses with pockets full of cash, selling chocolate bars or holiday gift guides to raise money for their activities. It’s pretty unbelievable, in retrospect.

That unsafe, free-for-all business model led to countless cases of crime, fraud, theft, and many other problems. Recently, though, that business model was disrupted, and vastly improved, by technology. Taking advantage of online efficiencies like social networks, apps, engagement tools, and other functions, students and schools have raised hundreds of millions of dollars – more than ever before, for sports and extracurriculars. [Full disclosure: I am the Founder/CEO of Snap! Mobile which offers fundraising and other online solutions].

But, as always, where there’s money – there’s problems. In the same way hackers have attacked data systems in New York, Los Angeles, and elsewhere, so too, will they inevitably attempt to hack digital fundraising and student data tied to extracurriculars. In addition to potential hacking, there are also some bad actors within the space where entire business models revolve around the sale and distribution of data, almost always buried in the fine print of long contracts.

data
Cole Morgan, Snap! Mobile CEO & Founder

My warning to any coach or athletic director new to the digital space is to look hard and close at what vendor companies demand regarding data and/or how they plan to protect it. Read and review that fine print and beware of “free”. There’s an adage in the online world that says, “If you’re not paying for the product, you probably are the product.” If a predatory or careless vendor, contractor, or other entity gets access to your student’s data, or your community member data, your students and community members could be the target of unwanted marketing, or potentially, much worse – and you could lose your job as a result.

But dire warnings and basic awareness for administrators aren’t enough. Some coaches and administrators simply aren’t equipped to read intentionally complicated or misleading privacy policies. Further, as school budgets dry up across the country, coaches and administrators are increasingly desperate to provide for their students, and desperation often breeds bad decision-making.

» ALSO SEE: NFHS will write rules for high school flag football

What is ultimately needed is for standards and guidelines to be agreed upon, put in place, and followed by everyone involved. We need coaches and administrators to be able to lean on independent experts in the space and to look for the endorsement or stamp from trusted sources that do know, like A4L, for example.

I often reflect on my high school football experience with my coach. He and his staff did everything they could to protect our safety both on and off the field. Yet, with the mountain of responsibilities on his plate, I can’t imagine him adding to that workload complicated legal contracts and sophisticated tech issues. We ask so much from our coaches, teachers and educators. Instead of adding more to their plate, we should be making their lives easier.