Mark Keierleber writes:
A few months after education leaders at America’s largest school district announced that a technology vendor had exposed sensitive student information in a massive data breach, the company at fault — Illuminate Education — was recognized with the software industry’s equivalent of the Oscars.
Since that disclosure in New York City schools, the scope of the breach has only grown, with districts in six states announcing that some 3 million current and former students had become victims.
Read more at The74.
The Illuminate Education breach has done more than just raise questions about whether Illuminate should be booted as a signatory of the Student Privacy Pledge that EdTech companies sign. This breach has also really challenged the Future of Privacy Forum to show that it has actual teeth. The article has a great quote from Bill Fitzgerald (aka @FunnyMonkey):
“I have never seen anybody get anything more than a slap on the wrist from the actual people controlling the pledge,” said Bill FItzgerald, an independent privacy researcher. Taking action against Illuminate, he said, “would break the pledge’s pretty perfect record for not actually enforcing any kind of sanctions against bad actors.”