The following ratings a product could receive are described below:
Meets our minimum requirements for privacy and security practices.
Applications and services that received a Pass rating have met a minimum criteria for transparency and qualitatively better practices in their policies. Before using an application or service in this rating, parents, teachers, schools, and districts are strongly advised to read the full privacy evaluation as a starting point for the process of vetting the application or service. In addition, a more detailed review should happen before any child or student data is shared with a service. In 2019, approximately 20% of applications and services are rated Pass, which is a 10% increase in the percentage of products with overall better rating question practices since 2018.
Does not meet our recommendations for privacy and security practices.
Applications and services that received a Warning rating have risks narrowly focused around data use related to selling data, third-party marketing, creating profiles that are not associated with any educational purpose, and/or using data to target advertisements. We include data use from both the first party (i.e., the vendor that builds the service) and third parties (any company given access to data by the vendor). Using data to profile students for advertising purposes can potentially violate multiple state laws and in some cases federal law. An application or service can be given a Warning rating for either a lack of transparency around data use—which creates the potential for profiling and behavioral targeting—or for clearly stating the service uses data to target advertisements and/or create profiles. As with any application being considered for use within schools, school and/or district staff should review the privacy policies and terms of service to ensure that they meet the legal and practical requirements of their state laws and school policies. Unclear or qualitatively worse responses to the questions listed below trigger inclusion in the Warning rating:
In 2019, approximately 60% of applications and services are rated Warning, which is a 20% decrease from 2018 in the percentage of products rated Warning. However, this decrease was due to a respective 10% increase in the number of applications and services rated Pass and Fail. On the bright side, a majority of applications and services (68%) disclosed that they do not rent, lease, trade, or sell data. However, a majority of applications and services are unclear or explicitly allow third-party marketing, behavioral advertising, and third-party tracking, track users across other websites, or allow the creation of data profiles. This use of educational data for noneducational purposes, even if legal, is contrary to user expectations about edtech.
Do the account-creation page, the login page, and all pages accessed while a user is logged in support encryption with HTTPS?
Do the account-creation page, the login page, and all pages accessed while a user is logged in require encryption with HTTPS?'
Does the product use trackers on its homepage, on its registration page, or while a user is logged in?