During the COVID-19 pandemic, educational institutions shifted their services to the digital world in an unprecedented rate to educate students safely. These digital tools have taken up the students’ data, suffered security breaches and generally mishandled their students’ personal information.
A report published on Tuesday by nonprofit organization Me2B Alliance found that most of school utility apps were sharing some amount of student data with third-party marketing companies. The Me2B team surveyed some dozen supposed ‘utility’ apps for school districts— the kinds used to download or review bussing schedules or school calendars— and discovered that about 60% of them are leaking information from a students’ location to their contact list to mobile ad identifiers without permission.
In order to determine the kind of data the apps were sharing, Me2B examined the Software Development Kits (SDKs) the apps came packaged with. SDKs can do a range of things, which includes helping developers monetize their free-to-download apps by sharing some data with third-party ad networks. Out of the 73 apps surveyed in the report, there were 486 total SDKs throughout, with an average of 10 SDKs per app.
Out of the 486 total bits of code, 306 of them were either owned or operated by Google or Facebook. The other SDKs were sharing data with less popular third parties, such as AdColony and Admob.
However, the data sharing didn’t stop there. The report pointed out that these less popular SDKs often share the data gotten from student apps with at least dozens of other little-known third parties. These SDKs were found in large amounts in Android apps, but much lesser iOS apps brought the pieces of tech onboard (91% versus 26% respectively).
There are a few reasons this might be so. Although Apple isn’t very careful about by abiding by its own privacy rules, the company sets a certain standard which every iOS developer needs to stick to, especially when it’s regarding tracking and targeting the users of their apps. Recently, Apple dialed it up by mandating App Tracking Transparency (ATT) reports for the apps in its store which requests the permission of a user to track their activity outside the app.
Although Android has its process of reviews for apps, from past events, we have seen insecure apps go through the loopholes and into numerous people’s devices. There’s also a good chance that a lot of apps developed for Android are directing data right back to Google.
With Apple slowly strengthening its standard around ATT, it is very possible that the gap between the two OS will only get wider— leaving students’ data stuck somewhere in the middle.
By Marvellous Iwendi.