Bill Fitzgerald had a concerning thread on Twitter yesterday about some research on College Board and the sharing of student data. I will not reproduce his whole thread here, but he points us to the team’s report on Consumer Reports, authored by Thomas Germain. The bullet points alone are enough to make you realize that College Board is posing a risk to student privacy and that they have not honored pledges they made — well, maybe they honored the letter of their pledge but not the spirit?
- The College Board is tracking students and sending information about their activity to advertising platforms at companies such as Facebook and Google.
- Our researchers found ads on other websites that appeared to use tracking from the College Board website.
- These practices seem to contradict the College Board’s explicit promises to consumers. The company may be sharing students’ information without consent.
As Bill noted on Twitter yesterday:
One of the biggest myths people collecting and exploiting data try to push: unique identifiers (or hashed values, or anonymized data) protect privacy, by default.
This myth sounds good, but it’s a lie.
A computer doesn’t care if my name is “Bill” or “0xcg35vG” as long as I’m called that consistently.
Unique IDs are confusing to humans, but are great for machines.
And on the CB site – like most sites – humans are tethered to multiple unique IDs set by multiple third parties.
Read the Consumer Reports article here.