E-learning revolutionised the way teaching and learning is done. It depends on computer-based technologies—laptops, the internet, etc for execution. Yet, these technologies come with risks. Nigerina schools rarely put these risks into consideration before creating their online platforms. They have not researched properly to discover best practices for e-learning especially when teaching students between the ages of 11—17.
In this article, I focus on the recent increase of Nigerian schools who have taken their services online. I pose the question: are these new pedagogical frameworks free from privacy risks?
It’s good that Nigerian schools are looking for avenues to teach their students. However, it seems these schools are focused on course development and delivery with no consideration of privacy and security. Some private schools in Nigeria sent letters to parents informing them about their new e-learning portal. Certain things must be considered by these schools.
First, the principle of accountability plays a vital role. The school must declare that have a robust technical and organisational measure in place to protect students’ information. Also, they must have the right tools to provide confidentiality, protect data integrity, and make data available when required.
From my findings, most Nigerian private schools are not seeking appropriate consent from parents. Certain keywords must be used in the consent forms for parents and parents must positively opt-in before they allow their children into these virtual classrooms. Many schools don’t have the required consent to run these virtual classrooms. Parents, too, should be asking the right questions: Is the class recorded? Will these recorded classes be shared with third parties?
Another key thing is the school’s system must keep logs of its data collection so that it can prove that it is complying with the Nigerian Data Protection Laws. Also, the school must identify how it will store the information fairly and lawfully.
Schools must ensure that their retention policies and procedures are clear. They must be able to prove that the recorded learning will be kept for a particular period and deleted on set dates.
One of the cornerstones of any online institution is security safeguards such as authentication, encryption, and protection of data integrity (guarding against data corruption by attackers). Without this, schools expose students and parents to danger. Schools must vet those who have access to these virtual environments? What kind of training does the staff have?
What about the networks? Does the school carry out teaching through a secure internet network? Virtual private networks may seem strong, however, some passive attack techniques can reveal sensitive information about the participating communicators. Have they carried out the right penetration and intrusion testing on their systems?
Now is the time, for schools to provide their policies and practices relating to the management of personal information and provide links to this information. There should be a set of policies for school administrators, teachers, and parents. These policies would be beneficial for the schools and the parents and most importantly, for the protection of students.
We understand the importance of learning during the lockdown but schools should take appropriate measures to ensure that their virtual environments are safe for children. Parents too, on their part, need to carry out their due-diligence before exposing their children to these fast online environments springing up in these dire times.
I have examined that most private schools treat privacy in their online environments superficially and this is bad. They must build an online architectural framework that adheres to privacy principles before rushing students into these virtual classrooms.