Schools shared nearly 5 million public Facebook posts between 2005 and 2020 that feature photos of students. And about 726,000 of those posts may identify one or more students by their first and last names, according to a “Data Ethics” analysis released this week by the American Educational Research Association.
Even though the percentage of Facebook images that identified students was small, the posts that do name children publicly are likely chipping away at their privacy, said coauthor Joshua M. Rosenberg, an assistant professor of STEM education at the University of Tennessee, Knoxville. “The posts we studied may represent the largest existing collection of publicly accessible, identifiable images of minors,” Rosenberg said. “It is likely that the photos are being accessed by a range of actors, including government agencies, predictive policing companies, and those with nefarious intent.”
Previous research has focused on whether posts by individual educators threatened student privacy but Rosenberg and his co-authors believe their study is the first to analyze school and district social media activity. The team used Facebook’s own data tracking tool, CrowdTangle, to search school and district homepages for links to images on Facebook.
While schools many may be posting photos to Facebook to connect with their communities and display student achievements and other uplifting news, the analysis also pointed to some unsettling, if unintended, consequences: Australia’s online safety agency has, for example, reported that tens of millions of harmless images of minors shared on social media have been downloaded and saved on child exploitation sites. Also, U.S. government agencies scan social media to monitor immigration, predict crime risks and track users’ social connections, the analysis cautions.
And putting a school’s Facebook photo through Google’s reverse image search could lead to more online sources of a student’s personally identifiable information. “The threat to privacy will continue to grow, perhaps quickly, due to expanding facial recognition technology,” Rosenberg, added.
Rosenberg and his coauthors offer practical steps school leaders can take to mitigate student privacy risks:
- Never include students’ full names in posts.
- Ask parents to opt into the sharing of their children’s information on school social media (instead of asking them to opt out).
- Make it easy for parents to request that photos of their children be removed from school social media pages.
- Make school or district pages private.
Facebook and social media companies could help K-12 leaders better safeguard student privacy by changing their default settings so schools’ social media pages are made private automatically. This step would “drastically reduce” the risk of student information being collected at a large scale for unintended uses. “While parents and schools can take steps to protect student privacy, it is also the responsibility of social media platforms and the wider society to ensure that policies and regulations keep pace with rapidly evolving technology,” Rosenberg said.