I wrote back in April about my favorite tools for online teaching in China, which can be quite different from the tools available for teaching online in the US. Considering that we aren't legally able to access Youtube, Google or (sadly now) MIT Scratch, we have to find alternatives that are available for our students to use. In my earlier post, I talk about Padlet, Curiosity Machine, Kahoot, PhET Simulations, and a few other mentionable digital resources that are still accessible through a Chinese internet connection.

However, lately I've been inspired to dig more into digital citizenship and protections of student privacy in these new online tools. As the pandemic continues in other parts of the world, more and more of these tools are adapting to "the new normal" of online teaching. I see teachers using resources for their efficiency and effectiveness, without really considering the terms and conditions that might be placed on users. As we introduce these digital tools to our students, it's important to think about what privacy considerations the students must abide in order to use the service.

Living in China, the restrictions on privacy and data collection are fairly ambiguous and less strict than in the EU or US. Although we're not subject to COPPA or FERPA, I still believe in the educator's responsibility to vet websites for their privacy practices to make sure that we're not taking advantage of students. Unfortunately, it's not always easy to see what student data is being collected and whether it's worth the trade-off for using that service. Ideally teachers will take the time to sift through the terms and conditions to make an informed decision, but realistically that would take more time than I have available (unless I hire myself a paralegal!) In my case, I used the amazing summary website Terms of Service; Didn't Read (tosdr.org) and the Common Sense privacy evaluators to quickly check on what my websites are requiring of students.

1) PhET Simulations

I've been using PhET simulations for almost every unit, but never considered what privacy implications this might have for my students. In general, I see the website as very safe : students are not required to log in, and they can access the simulations anywhere without an account. In fact, if students attempt to create an account, the website explicitly warns "Students do not need to create an account." I find this encouraging, as it actively prevents collecting data from students unnecessarily. However, if students wish to volunteer to create or translate simulations, they will have to create an account, and what happens with that information is not quite clear.

Furthermore, the system does collect background data, which can be stored and used in ways that are unclear. The PhET website follows the University of Colorado privacy policy , which is much quite vague about what may or may not happen for different sites. According to the general school policy, "system Administration automatically collects non-personal usage information for website administration purposes when you visit University of Colorado System Administration websites. Usage information includes: number of visitors, number of page views, IP address, website pages visited prior to visiting the site(s), browser information, technical information about your device, etc." It's unclear how much of this is collected by PhET users, and it would certainly be more ethical for PhET to restrict this information as most of its users are students outside the UofC system.

Furthermore, to create a PhET account for teachers or volunteers, you must provide an email address, name, country and city. The privacy policy is generally applied to all of the university websites, and it's unclear what happens to this information after it is collected. According to the policy, it may be used for communications, understanding user interests, or "safety of the community". Users should be aware that their personal information may someday be subject to scrutiny, which might not be ideal from a privacy perspective.

My recommendation is to use the PhET simulations without an account and save yourself the headache of sharing personal information. Although the website collects information about user traffic, it is such a useful resource in my classroom that I believe it to be a fair trade-off for the interactive content. However, I think this can also become a lesson in digital awareness, and it might be worthwhile to pose this situation to my students themselves before they use the website. By informing my students of the website's policies for gathering and tracking information, they can make the decisions themselves -- grade 5 and 6 are an excellent age to begin educating students on "free" websites and what that means.

2) Padlet

Concerning student data and privacy, Padlet is relatively secure in that it allows users to choose their desired level of privacy from private to password protected to public. Users can also decide if they want posters to log in with their account or allow anonymous posts. However, the website gives this control solely to the Padlet creator -- a user who posts something private on a private board may find that board has been made public later, which could make personal information vulnerable. Students should still remember the core values of online privacy (never post personal information, only post to those you trust) in order to keep themselves safe when using Padlet. As a business, Padlet collects some user information, including email address and name. However it doesn't collect addresses, names of schools or anything more sensitive, and it promises never to display your email address in the service. Overall, it can be a little risky for students to use Padlet on their own (71% warning rating from Common Sense Media), but I believe that it can be a good opportunity for them to practice being smart about digital communication.

3) Kahoot

As a website, Kahoot is a little more worrisome when it comes to student privacy (66% safety rating from Common Sense Media).

On ToS;DR, Kahoot has a neutral rating, but it's still under review. The website uses standard credit card practices for purchasing subscriptions, which stores your credit card information and can charge the card on a reoccurring basis, although these practices will likely not impact students who are using the free version or a school's subscription for Padlet. When it comes to information, it can be stored on servers around the world as well, which means that your students' data could be going through different jurisdictions. This might not seem important, but it's exactly the reason for the 2020 political turmoil over WeChat and TikTok usage in the US. I can see firsthand how different countries protect or use the data going through their servers, and so it can be dangerous for teachers in the US to be using a service without knowing exactly where that data will be stored.

From a safety perspective, Kahoot can be a little concerning. Users can create their own content and share it publicly, and the website doesn't pre-screen for accuracy or content. They have opened a new Kahoot Academy, which seems to be more curated, "official" content that is undoubtedly safe for students, but the website still allows public communication between user-created content that can open doors to inappropriate usage by students. Concerning privacy, the website does collect user data, and can share that data with marketers and other third parties. The site has special protections for users under the age of 13, and treats this information very sensitively. However, there are still some warnings for usage : the website may perform data analytics on all accounts (including young students), and may allow third parties to do so as well. It requires a name and email address to create an account, and it's not clear if this information is kept encrypted or if users will be notified of a data breach. In any case, the website should be used with caution -- something I need to keep in mind if I ask my students to create their own Kahoot games, instead of simply playing my own.

Overall, it's been an eye-opening experience to sift through the terms and conditions, something I rarely take the time to do. It serves as a reminder that even when we don't believe that we are sharing personal information, our favorite "free" resources are still able to collect data on us. Awareness is key, and I'll certainly be introducing my students to these issues to make sure they know how to inform and protect themselves in the future!