Globally, students who were required to use government-endorsed education technology (ed tech) during the COVID-19 pandemic had their contact, keystroke, and location data collected and sold to ad tech companies, according to the Human Rights Watch (HRW).
A total of 146 of 164 government-endorsed ed tech products endangered the privacy of children, with 199 third-party companies receiving personal data, the HRW said.
Further, only 35 endorsed vendors disclosed that user data would be collected for behavioural advertising, whilst a total of 23 products were developed with children as primary users in mind.
"In the absence of alternatives, children faced a singular choice whether they were aware of it or not: Attend school and use an ed tech product that infringes upon their privacy, or forgo the product altogether, be marked as absent, and be forced to drop out of school during the pandemic," the HRW wrote in its report How dare they peep into my private life.
The HRW investigation, which began in March 2021, examined the uptake of students using ed tech products as a result of a surge in home learning during pandemic lockdowns -- a rise that saw education apps used for an estimated 100 million cumulative hours per week, up 90% from the same period in 2019.
Of the products investigated, 39 were mobile apps, 91 were websites, and 34 were available in both formats. Apps running on Google's Android system were the focus of the report, with the HRW citing it as the "dominant mobile operating system worldwide".
Meta was also caught up in the investigation, with the HRW finding that 31 ed tech websites sent data to Facebook through Facebook Pixel -- a technology that collects data, and later facilitates targeted ads on Facebook and Instagram.
Read: YouTube remains in Russia to be an independent news source: CEO
In Australian schools, the HRW investigation concluded the following products had the capability to track students: Minecraft Education Edition, Cisco's Webex, Education Perfect, Microsoft Teams, Zoom, Webex, and Adobe Connect.
Outside of Australia, nine governments including Ghana, India, Indonesia, Iran, Iraq, Russia, Saudi Arabia, Sri Lanka, and Turkey, built and offered 11 education apps that had the capability to collect Android advertising ID from children. An estimated 41 million students and teachers had their privacy put at risk by these apps, according to the HRW.
The HRW made the following recommendations for governments to remedy the privacy breach: Adopt child-specific data protection laws; enact and enforce laws to prevent companies from exploiting the rights of children; ban the profiling of children; and ban behavioural advertising to children among others.
The report also recommended changes for technology companies including to stop collecting and processing children's data for user profiling, and provide child-friendly privacy policies among others.