It is 8:47 a.m. on a Tuesday in a third-grade classroom in suburban Columbus, Ohio. Maya, seven years old, opens the school-issued Chromebook and logs in with her student ID. By the time she closes it at 3:15 p.m., the device and the cloud platforms it connects to will have logged 847 discrete data points about her: the 11 seconds she spent staring at a reading passage before scrolling down, the three spelling words she got wrong and then corrected, the search query she typed and then deleted before submitting ("why do dogs die"), the 23-second attention drift flagged by her learning management system when she looked away from the screen, and the micro-pause patterns in her keystrokes when she got frustrated during math.
Her parents, both of whom signed a one-page "technology use agreement" at the beginning of the school year, have no idea any of this is being collected. They couldn't name the vendors who hold it. They couldn't tell you where it goes or how long it lives. And under the current legal framework governing children's digital privacy in the United States, they have almost no practical recourse to find out.
This is not a hypothetical. This is the infrastructure of American public education in 2026.
What COPPA Actually Covers — And What It Doesn't
The Children's Online Privacy Protection Act was signed into law in 1998, when the commercial web was four years old, social media did not exist, and "app" meant something you filled out to get a job. COPPA requires operators of websites and online services directed at children under 13 to obtain verifiable parental consent before collecting personal information. At the time, this seemed like meaningful protection.
It was not designed for a world where a child's school day is mediated almost entirely through software platforms operated by for-profit corporations.
The central loophole in COPPA's application to education is the school consent exception. Under the FTC's interpretation of COPPA, schools and school districts can consent on behalf of parents — substituting institutional permission for individual parental consent — when the data collection is for "educational purposes." The intent was to reduce administrative friction. The effect has been to create a legal architecture in which parents are structurally excluded from decisions about what data is collected from their minor children and by whom.
This exception rests on an assumption that schools understand what they are agreeing to. They often do not. A 2020 survey by the Parent Coalition for Student Privacy found that the majority of school IT administrators responsible for approving EdTech vendors could not accurately describe the data practices of the tools they had approved. They sign vendor contracts that run to dozens of pages of legalese, often without dedicated privacy counsel. The vendors know this. Some of them count on it.
COPPA also does not cover data collected from children ages 13 to 17. Once a student crosses that threshold, the full weight of commercial surveillance infrastructure descends on them with essentially no federal protection specific to their age.
The EdTech Surveillance Stack
To understand the scale of what is happening, you have to understand that EdTech data collection is not a single product — it is a stack. Multiple platforms, each collecting data at a different layer of the school day, each sharing data with downstream partners, each justifying its practices under a different exception or consent framework.
At the base of the stack: Google Workspace for Education, used by more than 40 million students in the United States. Google offers a suite of tools — Docs, Meet, Classroom, Drive — at no charge to qualifying educational institutions. The cost is not monetary; it is structural. Google divides its Education products into "Core Services," which are governed by stricter data use restrictions, and "Additional Services" — Google Search, YouTube, Maps — which are subject to Google's standard commercial terms. The distinction is buried deep in service agreements. Many districts enable Additional Services without understanding that they have just opened their students to Google's standard advertising data infrastructure.
Microsoft 365 Education follows a similar architecture, with comparable ambiguities around where "educational" data ends and commercial data begins.
Above that layer sits the Learning Management System — Canvas (Instructure), Schoology (PowerSchool), Google Classroom. Every assignment submitted, every discussion post, every quiz attempt, every timestamp, every revision history: all logged. Instructure's Canvas alone serves tens of millions of students worldwide. Its privacy policy, at the district-contract level, can be modified through data processing addenda that most parents never see.
Bridging identity across all these platforms is Clever, a single sign-on platform that more than 75,000 schools use. Clever knows every application a student accesses, when they access it, and for how long. It is, by design, a panopticon of the digital school day. When students click "Log in with Clever," they are authenticating against a system that aggregates behavioral signals across the entire EdTech ecosystem.
Each layer adds data. Each handoff creates new exposure surfaces. No single parent, and arguably no single school administrator, can see the full picture of what is being collected.
Behavioral Surveillance in Schools
Beyond the productivity suite, a separate category of EdTech has grown to alarming scale: tools that monitor student behavior in real time, flag concerning content, and build psychological profiles of minors.
Bark markets itself as a "student safety" platform. It monitors student email, text messages, Google Drive documents, and social media accounts — scanning for keywords and patterns associated with bullying, self-harm, depression, drug use, and violence. More than 3,500 school districts use it. The system uses machine learning to classify student communications by risk level and alerts school administrators when thresholds are crossed.
Gaggle operates similarly but at a scale that should arrest attention: the company reported scanning more than 3 billion items in 2023. Three billion pieces of student-generated content — essays, emails, chat messages, image searches — processed through Gaggle's content classification infrastructure. The company employs human reviewers who see flagged content from minors. Those reviewers are not school employees. They are Gaggle employees, operating under a service contract, with access to deeply personal student communications.
GoGuardian provides browsing surveillance — every URL a student visits on a school device — combined with a product called "Beacon," which the company describes as a "student wellness" AI. Beacon analyzes browsing behavior to generate mental health risk scores for individual students. These scores are shared with school administrators. The behavioral model GoGuardian builds on a student — their browsing patterns, their flagged searches, their classified risk level — constitutes a de facto mental health record. It is not governed by HIPAA. It is not treated as a medical record. It is an EdTech vendor's product, stored on their infrastructure, subject to their retention policies.
None of these tools are inherently malicious in intent. Some have genuinely intervened in crisis situations. But the architecture they create — persistent behavioral surveillance of minors, mental health profiling by private corporations, data retention beyond the school year — has consequences that extend far beyond any individual safety intervention.
The EdTech Data Broker Problem: Biometrics in the Exam Room
If behavioral monitoring in daily school use represents one frontier of student surveillance, exam proctoring technology represents another: the collection of biometric data from minors.
Proctorio and Respondus Monitor are used by thousands of educational institutions to monitor students during online exams. These platforms require access to the student's camera, microphone, and in some implementations, their eye movements. They record video, perform facial recognition to verify identity, track gaze direction to flag potential cheating, and analyze keystroke dynamics — the unique timing patterns in how an individual types, which function as a behavioral biometric.
This is biometric data. Collected from minors. During mandatory academic assessments.
Proctorio has faced multiple lawsuits from students challenging the invasiveness of its data collection practices. A 2021 lawsuit in Canada challenged Proctorio's collection of student browser history, webcam footage, and behavioral metrics. In the United States, students with disabilities have raised particularly pointed objections: some proctoring AI flags behaviors associated with conditions like ADHD or autism — looking away from the screen, unusual movement — as potential cheating, generating false positive alerts that can have serious academic consequences.
The legal mechanism that enables vendors like Proctorio to hold student data long-term is the FERPA "school official" exception. FERPA — the Family Educational Rights and Privacy Act of 1974 — was designed to govern paper student records in school filing cabinets. Its "school official" exception allows schools to share student records with parties that perform services on the school's behalf. Under current interpretation, this means that every EdTech vendor a school contracts with can be designated a "school official," giving them access to student educational records and, critically, the ability to retain and use that data under their own policies.
The exception has effectively dissolved the boundary between educational institutions and private data processors. Student data — disciplinary records, learning disability designations, behavioral assessments, biometric proctoring footage — flows to private vendors under a legal fiction that they are extensions of the school itself.
AI Tutoring Systems: Building Cognitive Models of Children
The most recent and arguably most consequential development in EdTech surveillance is the proliferation of AI tutoring systems that build detailed cognitive models of individual students.
Khan Academy's Khanmigo, powered by GPT-4, interacts conversationally with students across subjects. Every exchange — what questions the student asks, where they express confusion, how long they take to respond, what analogies they reach for — is logged and potentially used to refine the system's model of that student's learning profile.
Carnegie Learning has been building AI tutoring systems for mathematics for two decades. Its MATHia platform tracks hundreds of variables per student: which problem types trigger errors, what the latency is between problem presentation and first input, how the student's accuracy changes across a session as cognitive load increases. Carnegie Learning's longitudinal data on student cognitive behavior spans millions of students over more than twenty years.
DreamBox Learning (now part of Discovery Education) builds adaptive math curricula for K-8 students, adjusting difficulty in real time based on behavioral signals. The system tracks not just correctness but strategy — which tools a student uses to solve problems, whether they backtrack, how they explore the problem space. DreamBox has described its data model as capturing over 50,000 data points per student per hour.
The question these systems raise is not whether they have educational value — some do, demonstrably. The question is: who owns the cognitive model they build of your child, and for how long?
Current terms of service at these companies provide for data retention beyond the student's active use of the platform. The behavioral and cognitive profiles built during a child's elementary school years can persist in vendor databases indefinitely. The child has no right to delete them. The parent has limited rights to access them. The school that licensed the software often has no contractual right to demand deletion when the contract ends.
A seven-year-old's cognitive profile, built in third grade, may exist in a private company's database when that child is forty-five.
The FERPA Gap
FERPA was signed in 1974 by Gerald Ford. It was designed to give parents access to their children's educational records and to prevent those records from being shared without consent. For its time, it was reasonable legislation.
It is not designed for the world it now governs.
The "school official" exception — allowing vendors to access student records without parental consent if they are performing services for the school — was intended to cover obvious cases: the nurse who needs to see a student's health records, the counselor reviewing a disciplinary file. It has instead become the legal basis for sharing student data with hundreds of third-party vendors simultaneously.
In 2022, the Government Accountability Office found that the Department of Education had not taken meaningful enforcement action against FERPA violations by EdTech companies. The Department lacks statutory authority to issue fines under FERPA. Its only enforcement mechanism is withholding federal education funding from institutions — a nuclear option so severe that it has never been used and almost certainly never will be.
Parents theoretically have the right under FERPA to request and review their children's educational records. In practice, this right has become largely theoretical. Schools are often unable to produce a complete list of the vendors they share data with. The EdTech market is dynamic — tools are added and removed from district use throughout the year, and procurement decisions are often made at the building or classroom level without central IT awareness. A parent who submitted a FERPA records request to their child's school district in 2023 might receive documents that reference systems the district no longer tracks and omit systems added after the last inventory was compiled.
Real Incidents: When the Infrastructure Fails
The harms from this surveillance infrastructure are not only theoretical. They manifest concretely when the systems holding sensitive data are breached.
In January 2022, Illuminate Education — which provided student information system services to hundreds of school districts — suffered a data breach affecting approximately 820,000 students in the Los Angeles Unified School District. The data exposed was not merely names and addresses. It included learning disability designations, English learner status, disciplinary records, behavioral assessments, and homeless status indicators. This was among the most sensitive possible data about the most vulnerable students in the district. It was held by a third-party vendor. LAUSD had shared it under the FERPA school official exception. When the breach occurred, many families learned for the first time that this data existed and had been shared.
The PowerSchool breach of late 2024 and early 2025 was larger by orders of magnitude. PowerSchool provides student information system software to more than 16,000 school districts across the United States and Canada. When threat actors accessed its customer support portal using compromised credentials, they extracted data on an estimated 60 to 70 million current and former students, along with millions of teacher records. The compromised data included Social Security numbers, medical records, grades, disciplinary history, and in some cases, sensitive family information. PowerSchool reportedly paid a ransom to prevent the data from being published — a payment that, as security researchers noted, provides no guarantee that copies do not persist.
ClassDojo, a classroom communication platform popular in elementary schools, faced scrutiny in 2018 and again in the early 2020s over its data retention practices. The platform, which markets itself as a tool for teachers to communicate with parents and reward student behavior with digital "points," retained student data for years after students had left classrooms that used it. The behavior records — which students were rewarded, which were flagged for disruptive behavior — persisted in the platform's database long after the children had moved on. ClassDojo's user base exceeds 50 million users across more than 180 countries.
These breaches are not anomalies. They are the predictable consequence of building a surveillance infrastructure and then distributing the data across hundreds of minimally-resourced vendors, some of whom lack basic security controls.
State-Level Pushback: Insufficient but Real
In the absence of meaningful federal action, states have attempted to fill the gap.
California's SOPIPA (Student Online Personal Information Protection Act, 2014) prohibits EdTech vendors from using student data for targeted advertising, building profiles for non-educational purposes, or selling student information. It applies to services specifically directed at K-12 students. It has been a model for similar legislation in more than 40 states.
The Student Data Privacy Consortium works with school districts to develop standard data privacy agreements that vendors must sign as a condition of contract. As of 2025, more than 3,000 school districts participate. It is meaningful work, but voluntary and uneven — districts that lack legal resources cannot effectively negotiate with large vendors.
New York State issued guidance on AI in education in 2023 requiring districts to conduct privacy impact assessments before deploying AI tools that interact with students. Several other states have followed with similar guidance frameworks.
At the federal level, a proposed update to COPPA was circulated in 2024 that would have extended protections to teens under 17, added stronger data minimization requirements, and narrowed the school consent exception. It did not advance. The EdTech lobby, combined with broader tech industry opposition, was sufficient to stall the legislation in committee. The FTC's authority to promulgate rules under COPPA remains intact, but rulemaking is slow and subject to legal challenge.
The Student Privacy Pledge, a voluntary commitment framework signed by EdTech vendors, was once held up as a model of industry self-regulation. Independent researchers have documented significant rates of non-compliance among signatories, and the pledge's enforceability is essentially nonexistent. Self-regulation of an industry with direct financial incentives to maximize data collection has performed exactly as one would predict.
What AI Does With This Data Downstream
The collection of student behavioral data does not end at the classroom door. The downstream uses of this data — some current, some emerging — extend the harm beyond education.
Predictive risk scoring systems use student behavioral data to generate probability estimates: which students are likely to drop out, which are likely to require disciplinary intervention, which are likely to become involved in the justice system. These systems exist and are in use in multiple school districts. They operationalize historical bias encoded in behavioral data, producing risk scores that reflect not individual futures but structural inequities in who gets flagged and surveilled.
At age 13, students age out of COPPA's protections. The behavioral and cognitive profiles built during their elementary years persist and can be used to target them with advertising. Mental health app companies, for-profit colleges, and consumer credit marketers have all shown interest in EdTech-derived behavioral data.
Insurance risk assessment is a longer-horizon concern but one that researchers in surveillance capitalism have flagged explicitly. Learning disability designations, mental health risk scores, behavioral flags — these data points, held in private vendor databases for years or decades, represent actuarial inputs with potential future value to insurance underwriters, employers, and lenders. The student who was flagged by GoGuardian's wellness AI in seventh grade may encounter consequences from that flag in ways they can never trace.
The permanent record, once a metaphor, has gone digital and does not expire.
What Parents Can Actually Do
The situation is not hopeless, but the mechanisms for protection require active effort from parents who are navigating systems designed, often implicitly, to minimize their engagement.
FERPA data requests are a legal right. Parents of students under 18 can submit written requests to their school district for all educational records held about their child, including records shared with or held by third-party vendors. Districts are required to respond within 45 days. The request should specifically ask for a list of all third-party vendors the district has shared student data with in the past three years.
Opt-out mechanisms exist in some but not all contexts. California parents in districts subject to SOPIPA can request that their child's data not be used for non-educational purposes. Some districts, under pressure from parent advocacy groups, have added explicit opt-out processes for specific tools. Ask; the worst outcome is being told no.
"Do Not Sell" requests under the California Consumer Privacy Act (CCPA) apply to California residents. If you are in California, you can submit do-not-sell requests to EdTech vendors directly, using your child's information as the subject of the request.
School board engagement is the highest-leverage intervention available to most parents. School boards approve vendor contracts. They can require privacy impact assessments as a condition of approval. They can mandate that districts maintain comprehensive, current vendor inventories. They can require contracts to include data deletion provisions upon contract termination. Parent groups that have organized around student data privacy — the Parent Coalition for Student Privacy is a useful resource — have won meaningful contract improvements in multiple districts by showing up to board meetings with specific questions.
Ask your school: what EdTech vendors has the district contracted with this year? What data does each collect? Where is it stored, and for how long? Who can access it? What happens to it when the contract ends? If your school cannot answer these questions — and many cannot — that is information worth sharing publicly.
A Note on Privacy-First Architecture
The proliferation of AI systems processing student data creates a specific design obligation: PII should not travel upstream.
When an AI tutoring system, a behavioral monitoring platform, or an administrative tool sends student data to a large language model or cloud AI service for processing, that data — names, behavioral profiles, disability designations — becomes part of a larger processing chain with its own data retention and potential training implications. The principle of data minimization requires that personally identifiable information be stripped before AI processing occurs.
Privacy-preserving architecture — where a PII scrubbing layer removes or pseudonymizes identifying information before it reaches AI inference infrastructure — is not a technically complex problem. It is an architectural choice. Organizations processing children's data have both an ethical obligation and, in an increasing number of jurisdictions, a legal one to make that choice deliberately. Zero-log policies matter here, because logs are where sensitive data persists long after the primary processing has ended. For minors, whose data carries both legal and ethical weight that adult data does not, these choices are not optional refinements. They are baseline requirements.
The Infrastructure Made Visible
Maya closes her Chromebook at 3:15 p.m. She is seven years old. She does not know that her learning pace has been logged, that her attention drift has been flagged, that her deleted search query — the one about why dogs die — was processed by a content scanning system and reviewed by a human moderator she has never met, employed by a company her parents have never heard of, operating under a contract her school signed without fully understanding.
She does not know that the cognitive model being built about her learning style — by the AI tutor, by the adaptive math platform, by the LMS that timestamps every interaction — will outlive her time in that classroom, possibly outlive her time in that school district, possibly outlive her childhood.
She does not know that the behavioral data generated by her seven-year-old self is already an asset on someone's balance sheet.
She picks up her backpack and walks out into the afternoon. The data stays behind.
The infrastructure that collected it is invisible because it was designed to be. The vendors who profit from it have strong incentives to keep it that way. The legal frameworks governing it were written for a world that no longer exists. And the parents who might object to it are kept just informed enough to sign the form, and no more.
This is not a technology problem. It is a policy failure and a power imbalance, operating at scale, on children, with consequences that will not be fully visible for decades. The least we can do is name what it is.
Sources and references: FTC COPPA guidance (16 C.F.R. Part 312); FERPA (20 U.S.C. § 1232g); LAUSD/Illuminate Education breach notification, January 2022; PowerSchool security incident disclosure, January 2025; Gaggle 2023 Safety Report; California SOPIPA (Cal. Bus. & Prof. Code § 22584); Parent Coalition for Student Privacy, "The Trouble with Ed-Tech Data Privacy," 2020; GAO Report GAO-22-105462, "K-12 Education: Student Privacy and Data Security," 2022; Student Data Privacy Consortium vendor agreement database.
Top comments (0)