We Need to Talk About Zoom

April 18, 2020

We need to talk about the protection and privacy of our children. We need to talk about the accounts our children create and use, and whether the rules once put in place for their online safety still apply in 2020. During the rise of the Internet and the Web in the 1990s, an era long forgotten by most of us now consumed with its use, Americans were largely talking about the risks of children having unfettered access to information, particularly of the more pornographic kind, like a nine year old hitting buttons of naive curiosity and finding things a parent was not yet prepared to explain. And that made sense to most of us at the time.

Understandably, Congress passed a Communications Decency Act in the mid 1990s, but it was quickly struck down by the Supreme Court for violating elements of free speech. And again, the counterargument made sense. At the time. In the United States, you can’t stifle someone’s right to share what they want to share, provided it causes no provable harm to the recipient. If a child at home sees something inappropriate, that’s on them, or on the parents, but not on the creator of content for which the recipient deems objectionable, so said SCOTUS.

Then what about the schools, Americans asked, wondering if the same rules of free speech applied to an environment where parents were largely absent.

Enter COPPA (1998). Enter CIPA (2000). Both laws addressed privacy requirements for children under the care of public education. In a nutshell, they put stipulations on government funding for schools, so long as every district and every school implemented some kind of program for filtering out websites and inappropriate keywords, striving in some form or fashion to protect children under the age of 13 from seeing or accessing things unbecoming of or unrelated to academic instruction.

So why do I bring this up?

Because the course I was hired to teach, from 2013 to 2019, was rooted in a thorough knowledge of the Web, everything from its history to its content to its presentation and preservation. For a while, I was the only independent Web Design teacher in our district. And when students complained about blocked websites, I taught them about the trade off of the law, the fact that we might lack the funds for additional technology in the classroom if not for the filters that were put in place for their legal protection.

During those years, my students fit into a peculiar age. They were the faces of middle school adolescence, spanning the pass from 12 to 15, some of whom still fit under that COPPA/CIPA regulation of 13. But they almost always understood the law when we talked about it, because to a large extent, I made a point of defending our district’s filter policy, knowing why it was there and to what ends, even if there were cracks, and even if the kids often found ways around them.

For several years, I had members of the local community and the district board, our superintendent included, who walked through my classroom and asked me an array of questions prompted by their reactions and positive impressions of kids learning to write code and produce online content, strictly through the use of HTML, CSS, and JavaScript on Notepad. Along with other courses at our school, we had regular tours for parents, a chance to show them all the great things our students were able to do at a Title I magnet. For me at least, there was a certain amount of joy that came with these tours, with answering the questions of parents and prospective students, because I was fairly certain I would be teaching this subject for many years to come, that I and several of my colleagues had become something of a novelty, teaching innovative digital courses that no one else in the district was doing. And the district seemed to love it. It felt like our school had an edge, like we fit with the times, and I was fully invested in our shared success.

But then things took a curious turn. Between 2017 and 2018, the district for which I had spent several years defending, turned their focus to child data protection, fueling an unexpected ire against teachers who had created websites that students used in the classroom, fearing a violation of COPPA/CIPA laws and turning the table on those for which no legal violation had ever been breached. In my case, the course website I had built to teach was purely content-based, a website filled with lessons and information and online tools I had gathered together in one place as a means of open access; certainly nothing the students ever had to log into or provide their personal information. But that didn’t matter, as I was informed. Stop using it ASAP, I was told, or it would soon be blocked and I would be reprimanded. Nevermind that I had been hired as a Web Design teacher, one of the first in the district at the middle school level, and that my expertise, even at the graduate level, was in, of all the things, information and the Web.

Perhaps most troubling about this shift in thinking, this affront to classroom educators in the modern era, was that it ran hypocritical to courses being created for students by officials at the district level, courses with links to sites created and maintained by obscure persons and unvetted sources from every corner of the globe. In essence, my site was on the verge of being disallowed, while simultaneously, a laundry list of sites for which the district had even less control were being encouraged, showing a strange lack of trust in professionally trained and licensed educators they had hired to engage with students in their very own district.

As I attempted to make my case and argue for the means to continue my program as it was, I spoke to every person I could, among those involved in this reform, addressing the distinction between content-based sites and account-based sites, that most teachers like me were in the first category, providing sites with information to students where no logins were required and certainly no expectation that a child provide their personal information. Having taught these underage privacy laws to underage middle schoolers, I knew of no teacher that was violating such laws, no more than creating a poster or decorating a bulletin board as a method for aiding instruction.

But again, this didn’t matter. It didn’t matter that I believed in these privacy laws, or that I taught them in class, or even that I happened to be using a site with a secure server. Far as the district was concerned, if I continued on as I was, as I had been hired to do in the beginning, it wasn’t that I would be violating any child’s privacy, but rather, that I would be violating this new standard, hypocritical as it was to anyone paying attention. So I made a difficult decision. To avoid facing this peculiar threat of a reprimand, I slowly brought my course to an end, over two or three semesters, walking away from the program I had built, conceding that I had lost the argument, that the line between data privacy and digital content had been blurred, that no one was really listening anymore. That was Spring 2019.

Fast forward to Spring 2020 and a lengthy quarantine that has imperiled the use of traditional classrooms, forcing teachers to look, reasonably and innocently, for whatever resources make the most sense in the moment, including the widest array of digital apps and websites, with or without specific approval, regardless of age, or law, or privacy risks that might be otherwise regulated.

Enter Zoom.

Thousands upon millions of children under the age of 13 have now been asked, with their parents or without, to create Zoom accounts using whatever district or private email they have at their disposal. But the result of creating a Zoom account, like any other, is that it opens up a virtual dialogue between email user and site/app creator. On its face, that sounds innocent enough, but for anyone who pays attention, the entry of an email address for any new account often involves checking or unchecking that “we want to send you stuff” option. Leave it checked, by default, and the email owner will receive regular mail. Leave it unchecked, and that email address has still been provided to a third party vendor beyond the family and school relationship, a vendor that often can and will pass along those addresses to yet another vendor, soliciting users based on their patterns of logged in behavior.

But so what, though, right? So the kids have a Zoom account. Doesn’t matter. Who cares.

If you fit into the category of parents or teachers who feel precisely this way, the question is whether the majority of parents and teachers are of the same mind. And if we are all of the same mind, then there’s a serious shift we need to make, together, socially and legally.

I will concede that the Web of 2000 is not the Web of 2020 and that any child in today’s K-12 system has unquestionably grown up inside of that window, treating the Web as an appendage. But what we have not done, as a society, amidst every other popular issue, is to ask the question of whether those COPPA and CIPA laws still apply for our kids today.

Right now, there are several class action lawsuits against Zoom, claiming it has either violated the privacy of users or shared the information of users with outside vendors. Truth be told, most of us just “zoom” past every privacy warning anyhow, with a click of acceptance because we just want it done. But should we be doing this, or should we have done this, with our children, in such universal haste?

Perhaps I sound like a disgruntled former employee of a district that shattered my program. I assure you that while I was for several months, I am not today. And I have not been for some time. I have made my peace and moved on, focusing on the health and well being of the students I now teach at a different school in a different subject for a different grade. But those six years were significant enough to me as an educator that I have to ask these questions, especially when our kids are far more vulnerable to predatory marketing today than they were in 2000.

Currently, my fifth graders and I do not connect on Zoom because I could not bring myself to ask them, at the ages of 10 and 11, to sign up for an outside account. And because I knew that even if some parents might be careful to manage and supervise this sign-up process with their children, many of them would not have the means or the interest to participate, having relinquished that freedom to their children long before I expressed any concern.

So the question is, if you are a teacher, if you are a parent, are you okay with children setting up accounts that tempt the fate of predatory marketing, aiming at their age and vulnerability in particular? Or do we need to end COPPA and CIPA laws completely, to let kids under 13 have free reign to sign-up for whatever they want at any age?

I ask because it matters. The path our kids are allowed to get on, early, is a statement that reverberates into their future and ours. And if we’re all cool with kids having unfettered access in 2020, then I think we should be talking about it more seriously, about changing the law, and the risk of lawsuits that will continue to follow, simply because the law continues to exist. If, however, we’re not cool with changing the laws as they are, then I think we should still be talking about it, about what we can do, collectively, to ensure our kids continue to be protected in their online ventures, against those who would wish them harm.

Either way, it’s your turn now.

Pass it on.