K-12 Schools Must Teach Data Privacy and Security

Daniel Solove
Founder of TeachPrivacy

K-12 Schools Must Teach Data Privacy and Security

By Daniel J. Solove

It is essential that children learn about data privacy and security.  Their lives will be fully enveloped by technologies that involve data.  But far too little about these topics is currently taught in most schools. 

Fortunately, there is a solution, one that I’m proud to have been involved in creating.  The Internet Keep Safe Coalition (iKeepSafe), a nonprofit group of policy leaders, educators, and various experts, has released the Privacy K-12 Curriculum Matrix.

The Privacy K-12 Curriculum Matrix is free.  It can be used by any school, educator, or parent.  It contains an overview of the privacy issues that should be taught, including which details about each issue should be covered in various grade levels.  It includes suggestions for appropriate learning activities for each grade level.

My role in the creation of this curriculum was identifying the issues that should be covered and the knowledge that students should develop throughout their K-12 education.  Many others assisted on the project, including education experts who defined learning objectives and appropriate learning activities for various grade levels.  

Overview of the Privacy Curriculum

Here is a very basic outline of the curriculum that should be taught throughout a student’s K-12 education.  Data security is encompassed within this curriculum too, as it is deeply intertwined with privacy.

I. AWARENESS: General Privacy Awareness

  • Privacy in the Digital Age — Students should learn how their data is collected and used.
  • Use of Online Services and Products — Students should learn how to assess the risks and benefits of using various technologies.

II. PROTECTION: Safety and Security

  • Identity Theft  — Students should learn about identity theft, how to try to prevent it, and how to respond if victimized by it.
  • Phishing and Online Threats — Students should learn how to identify and avoid various security threats online.
  • Privacy and Physical Safety — Students should learn about physical dangers that might result from interacting with strangers online, as well as how posting certain persona data can create safety risks.
  • Data Security — Students should learn good data security practices.

III. COLLECTION: Respecting Privacy Boundaries: Snooping and Other Forms of Data Collection

  • Ethical Respect for the Privacy Boundaries of Others — Students should be taught about how technology makes it easy to invade other people’s privacy and why they ought to respect other people’s boundaries for sharing their personal data.
  • Legal Boundaries on Information Collection and Use — Students should be aware that certain privacy violations are illegal and could result in substantial punishment. 
  • Government Searches and Surveillance — Students should be taught about their basic rights as citizens when it comes to government searches and surveillance.

IV. SHARING: Sharing Personal Data About Oneself and Others

  • Confidentiality — Students should be taught about the ethics of maintaining confidentiality of personal information.
  • Online Gossip and Self-Exposure — Students should be taught about how online gossip can cause harm to others as well as the potential negative consequences of self-exposure. 
  • Cyberbullying and Online Harassment — Students should be taught about the consequences of engaging in these activities as well as how to respond when victimized and how to help others who might be victimized.
  • Sexting and “Youth Produced Sexual Images” — Students should be taught about the dangers of these activities, which can result in severe criminal penalties. 

It is important that the above issues not be taught in simple black-and-white terms.  As stated in the Privacy K-12 Curriculum Matrix: “Privacy issues often don’t have clear right or wrong answers.  It is best to provide students with age-appropriate information and then allow them to think for themselves and reach their own conclusions about what best suits their values and comfort levels.  Ideally, students should be taught through concrete examples, problems, and role-playing activities.”

There is much more detail and material in the document.  The above is just my very basic overview so you can understand the scope of it. 

Bringing the Curriculum Into the Schools

The next step is for schools to use the Privacy K-12 Curriculum Matrix to teach these issues in each grade.  If you want your children to learn about the above material, there are a few things you can do:

1.Bring the Privacy K-12 Curriculum Matrix to the attention of your children’s school.

2. Spread the word to other parents. 

3. Urge your school to teach these issues.  Explain to educators and administrators the importance of educating students about these issues. 

4. You can use the curriculum yourself to teach your own children.  Although the Curriculum is designed for use in the classroom, many of the activities can be done at home or adapted for home.

Digital Compliance and Student Privacy:
A Roadmap for Schools

I also worked on another guide for iKeepSafe called Digital Compliance and Student Privacy: A Roadmap for Schools.  This is also a free resource.

The Roadmap is for school districts to understand how to implement privacy and security compliance programs.  It provides the kinds of policies and procedures that should be in place, the specific kinds of privacy issues schools encounter, and the issues that educators and school administrators should be trained about.

* * * *

This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics.  This post was originally posted on his blog at LinkedIn, where Solove is a “LinkedIn Influencer.” His blog has more than 900,000 followers.

Privacy+Security ForumProfessor Solove is the organizer, along with Paul Schwartz of the Privacy + Security Forum (Oct. 21-23 in Washington, DC), an annual event that aims to bridge the silos between privacy and security. 

If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:
*
 LinkedIn Influencer blog
*
 Twitter
*
 Newsletter

TeachPrivacy privacy security training 08