There's data and then there's asking for trouble

There's data and then there's asking for trouble

Summary: Ars Technica is reporting on a Queensland, Australia initiative to build a massive student database whose invasiveness and privacy concerns seem to dwarf even the volumes of data collected on students here in the States.According to the article,1,251 state schools would be part of the OneSchool program...


Ars Technica is reporting on a Queensland, Australia initiative to build a massive student database whose invasiveness and privacy concerns seem to dwarf even the volumes of data collected on students here in the States.

According to the article,

1,251 state schools would be part of the OneSchool program...and would be required to upload things like photos, career aspirations, off-campus activities, contact information, behavior records, attendance, and performance records. The state believes that such a centralized system will help the school system keep better track of each student's progression and allow teachers to check up on how their students are doing. The database would not be publicly accessible, although it would be open to all staff in the school system (there will be at least 12 different levels of access).

While some of these data are hardly atypical for a school system, the photos and off-campus activities alone are enough to raise serious privacy concerns. Many parents have suggested a compromise of requiring districts to keep such information in a student information system accessible to local staff instead of the entire state. The state has dubbed participation non-negotiable, however.

As Queensland University of technology IT professor Mark Loori, points out,

"The social fabric of hackers is such that this database is going to be a fair target," especially after [the Queensland Education Minister] has all but publicly declared that hackers won't be able to weasel into OneSchool.

Topics: Hardware, CXO, Data Centers, Data Management, Enterprise Software, Security, Software, Storage, IT Employment

Christopher Dawson

About Christopher Dawson

Chris Dawson is a freelance writer, consultant, and policy advocate with 20 years of experience in education, technology, and the intersection of the two.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Down-under's downright daft

    I couldn't resist the alliteration. :-)

    There is no absolute security. Not in analog life, not in digital life. This is asking for trouble. They are taking much too big a risk, for some dubious extra advantages.
    • to add to what 1 said.

      Way to many people have access to parts of this data in the clear. Way to many people have passwords. Data about life outside of school being collected and stored should make the dolts who demanded it personally responsible when it gets out.

      Making it a challenge is asking for trouble. There is no such thing as an on line data base that can't be hacked.

      Good luck to the people down under. If an idea is this stupid you just know it's going to catch on in the states.

      Similar but much more limited information is posted in the states normally just test scores. Teachers and parents with the right passwords can look at them.

      More data can be found on line in websites the public would have to find before they could hope to crack. Administrators and guidence can get into them but forget about the public school teachers having passwords for these. Not sure they could even get in from outside the system.
      • Catching on in the states

        I think we may be lucky here - at least where I work (educational research) - we have very stringent privacy laws in our state.

        Yes, we have worked with this kind of data in research studies, with permission forms for everyone from the researchers to the parents and school employees.

        Luckily, I can say that the boots on the ground in the schools staff were very reluctant to give up much of this info, or talk to research staff about homelife even when facing official letters of introduction and permissions. I feel confident that permissions would never get passed that would change this. Even if they did, I don't think there would be too much pressure from in school personell to parents to comply with providing the answers to fill the database. Which starts a whole other problem - if parents and students are hiding things from the system that has taken on a big brother feel, how are we to help the kids who need it? No one will ever tell us anything, including what child needs help paying for lunch so they don't go hungry.

        This is a slippery slope, I hope you are wrong and we never see it here.
  • RE: There's data and then there's asking for trouble

    off campus activities are private matters and should be held private, even of local staff insolong as students have not disclosed them. It should be the students call to disclose or not these information, and to decide up to which level of publicity they should be available.
  • RE: There's data and then there's asking for trouble

    I know it's inappropriate, but I can't help but laugh. When are people going to learn that centralization is the WORST thing to do with data if it's intended to be kept private?

    I give it a week, max, before it's hacked into.
  • ZDNet needs to get its story straight

    Left hand, please meet right hand. The Queensland thing is bad, bad, but according to Christopher Dawson RTI is the greatest thing since sliced bread. What's the difference between the two? I see none.
    • Here's the difference

      RTI uses data at a local level to improve instruction. We're looking at specific test scores and diagnostics.

      We don't add student pictures, contacts, and where they are after school to these data and then upload them to a central repository accessible statewide.

      Academic and testing data are useful, but it's entirely unclear where the utility lies in many of the data points being collected by Queensland.

      MCAS data (the Massachusetts set of standardized tests) are stored by state ID number. Parent/guardian names, after school activities, and ways to contact the student are not included in the datasets.

      Trust me, there's a difference.

      • I'm sure you mean well

        "The road to hell is paved with good intentions." "I'm from the government and I'm here to help."

        How do you feel about, say, Google cookies, or Echelon? Sure, RTI may not collect pictures or contacts now, but what's to prevent you from deciding that that information -- and much more -- is somehow therapeutically necessary? What if you decide that detailed information about behind-doors family life would help case management, and little RTI Jane and Johnny need to be filling out forms about Mom and Dad or Mom and Mom or Dad and Dad? Other than your assertion, why should we believe that you're the good guys, and that this is as far as RTI will go? When has any data collection program not expanded? How will you not be tempted to "make it better for the kids"? Want some examples? Glad to oblige:

        Yeah, it can't happen HERE, and especially not in the People's Republic of Massachusetts.

        And you can't seriously be saying in this day and age that data are safe just because they're not centralized. That's so pre-Internet -- you know, like the real year of 1984.

        Later edit: I changed the subject line because the original, with its reference to Zamyatin, was from an early draft that I forgot to change.
        • You have a point post 7.

          The problem is that if people are going to make plans on how to improve student performance they need data in the best and most useful form it can be presented in and that means an on line data base.

          A smaller data base or one that is firewalled so you can only look at students that you need to work with is much harder to crack open and steal data on every kid in the northeast than something larger.

          You are also right that it might well be useful to know what the circumstances a student is dealing with are. Two good parents with a stable relationship and good income who care about the kids works better than transient boy friends with occasional visits by the police and child welfare officers. This sort of thing does affect in school performance but that sort of data if on line at all needs to be in a different data base whose URL isn't even known outside highest admin and guidence at a school and even then it should be firewalled so that these people can only see their students. I suppose it would also be a good idea to fix things so that only people trying to log on from known computers inside the system can even look at this stuff.

          Most education users would not have a clue how to get around this if it was in place and therefore couldn't tell anyone else how to do it.
        • Free Advice

          "Yeah, it can't happen HERE, and especially not in the People's Republic of Massachusetts."

          Never insult anyone's home town or state, or their native country. Following such a policy definitely makes for more civil discussion and may even contribute to national unity. It will also help you to make more friends and fewer enemies. Assuming its relevant to the discussion, it is appropriate to make specific criticisms, but likening a democratically governed state (as little as you may like the political consensus) to a Communist dictatorship seems out of bounds to me.

          BTW: I'm a Californian formerly resident in Virginia and currently residing in Utah. I've never lived in Massachusetts.
          John L. Ries
          • You've heard of rhetorical devices?

            Referring to some locale as a "People's Republic of XXX" is not an invidious, McCarthyite accusation of Communism -- it's that fine old thing called hyperbole. You know, deliberate exaggeration for effect? Satire? Berkeley has been called a People's Republic for as long as I can remember, and no one there seems to mind.

            Also, I notice that you have no qualms about delivering a patronizing lecture on polite discourse while simultaneously insulting me. How do you know how I feel about consensus in democracies or any other political system?

            Since you brought up California, and I'm a native, let's talk about California. The "detailed information about behind-doors family life" scenario really did almost happen here. I refer you to AB 2068 from back in 2000. That bill would have required obtaining from students a "social history as set forth in a prescribed publication" whenever a school did a medical exam. The bill passed but was vetoed by Governor Davis. The prescribed publication was a paper from the American Association of Pediatricians that is still their official policy. The AAP paper is at:


            The text of the bill is still online at:


            This is one California legislator's opinion of the bill:

          • Never been a big fan of rhetoric

            And "People's Republic of XXX" is insulting, kind of like referring to a certain San Diego suburb as "Nasty City" (I'm not from there). I find both to be extremely irritating and absolutely counterproductive. Your opinion of Massachusetts politics is expressed by the label you gave and requires no further comment.

            I'm well aware of the influence of special interest groups in California politics ("law enforcement's choice" means the candidate is in the pocket of the police unions). Interestingly enough, term limits (which I opposed) have insured that the vast majority of elected officials are constantly campaigning for the next office and that takes money. This is something that California voters can fix, but the record says they're not likely to, so they get the best government they deserve. And yes, we have problems here in Utah too, largely driven by an electorate far more concerned with party labels than with the merits of individual candidates, so we get a lot of mediocre hacks trying to score points with the party faithful who control the nominating process.
            John L. Ries
          • How did we get from RTI to here?

            How in the world did you get on to special interests, term limits, party hacks, and "Nasty City"? Hark, I believe my crankcase alert just lit up.

            For your information, the assembly bill I referred to, AB 2068, was introduced by a Democrat, Darrell Steinberg, who has a demonstrated interest in mental health, disability, and children's issues, and is now in the State Senate. Can you read his bio and say he's in the pocket of police unions or the result of party hack nominations? I may not like his bill, but did I insult the man as you did, sight unseen from another time zone? I did not.


            Once again you seem to me to have violated your own Polite Discourse Dictat by (1) going off on tinfoil-hat topics, and (2) taking another swipe at the strawman you created for my sociopolitical beliefs, but your axe is yours to grind. I hope you'll both be very happy together.

            Based on the evidence to date, and to prevent myself from switching into invective mode, I'm invoking NAWAF on this thread.
  • RE: There's data and then there's asking for trouble

    I am a QLD Teacher. You have NOT given any facts about the system or its access.It is NOT accessible to any employee at any school.
    The reasons for the actual type of data stored are varied, but not irrelevant.
    • relevance

      What relevance is there for photos?
  • Sorry, meant to reply to other message

    Please ignore this post.