A good first step is to move from the app to your policy. The privacy policies and terms of service are usually pretty explicit, and will trump your own policies (e.g. "our product is not intended for people under the age of___" ). Most things are going to be set up in accordance with FERPA and COPPA.
One district I worked for was very concerned about intellectual property rights; they didn't want students using anything that shared the IP rights for anything they created. This can be quite limiting though, as nowadays many (especially free) creative sites share IP rights with creators.
------------------------------
K. Kroese
Tandem Friends School
Charlottesville VA
------------------------------
Original Message:
Sent: 10-17-2023 08:08 PM
From: Michael Lindner
Subject: Google Admin - Criteria for "Trusted" Status
Hello everyone,
With the recent changes to Google's security features for users under 18, I have begun reviewing the level of access that I grant to each application in the Google admin console. In doing so, I hope to lay out a criterion that an app or service must meet in order to be granted the "trusted" status. My aim is that in setting such a standard, it will simplify the new approval process of educators requesting access to a service for use in their classroom.
My question for you all is: do you have a set of privacy requirements that a service must meet in order to be granted access to student GSuite data? If so, what has been your experience with verifying that a service meets these requirements?
#CybersafetyandDataSecurity
------------------------------
Michael Lindner
Database and Cloud Services Manager
The Bush School
Seattle WA
------------------------------