Oregon EdTech
Professional Development
Cadre

September 28, 2017

I Am:

Bill Fitzgerald
Director, Privacy Evaluation Initiative
Common Sense Media

@funnymonkey

Text

Created under a CC Attribution Share-Alike License

You Are?

Created under a CC Attribution Share-Alike License

Topics on the Docket

  • Encryption
  • Tracking
  • Basic Security Issues
  • Evaluating Apps
  • Google

Created under a CC Attribution Share-Alike License

Anything Missing?

Created under a CC Attribution Share-Alike License

Encryption

Created under a CC Attribution Share-Alike License

name_redacted.com

Created under a CC Attribution Share-Alike License

Look for the "s" in https

Remove it and try to load with just http://

 

If it loads as http:// - that's not good.

Encryption is a Canary in the Coal Mine

Created under a CC Attribution Share-Alike License

observatory.mozilla.org

Created under a CC Attribution Share-Alike License

Tracking

Created under a CC Attribution Share-Alike License

Intercepting Proxies

Created under a CC Attribution Share-Alike License

Cookies. Blech.

Created under a CC Attribution Share-Alike License

Cookie Syncing

Created under a CC Attribution Share-Alike License

Lather, Rinse, Repeat

Created under a CC Attribution Share-Alike License

Basic Security Issues

Created under a CC Attribution Share-Alike License

Created under a CC Attribution Share-Alike License

Created under a CC Attribution Share-Alike License

OWASP Resources

2013 Top 10
2017 Top 10

Created under a CC Attribution Share-Alike License

Evaluating Services

Created under a CC Attribution Share-Alike License

Triage

Created under a CC Attribution Share-Alike License

Evaluation Questions

Created under a CC Attribution Share-Alike License

Google

Created under a CC Attribution Share-Alike License

Core GSuite

Created under a CC Attribution Share-Alike License

Core GSuite

  • https://gsuite.google.com/intl/en/terms/education_terms.html
  • https://gsuite.google.com/terms/education_privacy.html
  • https://www.google.com/policies/privacy/
  • https://gsuite.google.com/intl/en/terms/user_features.html
  • https://gsuite.google.com/intl/en/terms/dpa_terms.html

Created under a CC Attribution Share-Alike License

Non-Core

  • https://support.google.com/a/answer/181865
  • https://support.google.com/a/answer/6356441

(Hint: The terms are different)

Created under a CC Attribution Share-Alike License

Non Non Core

Created under a CC Attribution Share-Alike License

Some Concerns

  • SSO (Single Sign On) with non-Core apps
  • What data is covered under what terms?
  • Consent mechanism?
  • Review mechanism?
  • Who controls what?

Created under a CC Attribution Share-Alike License

Activity

Created under a CC Attribution Share-Alike License

Select One of these Sites

  • http://www.easybib.com/
  • https://edulastic.com
  • https://literably.com/
  • https://web.seesaw.me
  • https://www.classkick.com

Spend 5 minutes taking a look at the service or their terms.

What jumps out as good?

What jumps out as bad?

What would you look for next?

Created under a CC Attribution Share-Alike License

If you are advising or training a teacher on selecting a tool, how much time do you tell them it takes?

Created under a CC Attribution Share-Alike License

Questions?

bfitzgerald@commonsense.org

Created under a CC Attribution Share-Alike License

Oregon EdTechProfessional DevelopmentCadre

By billfitzgerald

Oregon EdTechProfessional DevelopmentCadre

  • 316
Loading comments...

More from billfitzgerald