9 min read
UPDATE, 10 July 2014: Matt Tullman from digedu commented to announce that digedu has updated their terms. I have not read through the new terms yet, and will update this post when I do. END UPDATE
I've been reading terms of service for a while, and I've seen some bad ones, but the terms of Digedu are just about the worst I have ever seen. If you don't want to wade through the details, please skip straight to the conclusion.
With Digedu, the issue is compounded because they list two separate terms of service and privacy policies. The text of these policies is not the same, which is a separate problem. For this review, I focused on the terms of service listed at- this is the login page linked from the home page of the Digedu site. The complete text of these terms of service are included as pdfs attached to this post for reference. The second set of terms are listed of their main site, at and .
They punt - entirely - on COPPA:
the school or district is solely responsible for complying with the Childrenâs Online Privacy Protection Act (COPPA) as concerns studentsâ use of the services. If you are below the age of 13, please do not send any personal information about yourself to us other than what we request from your school or what you enter through the app
In fairness, this is not abnormal, and districts should be central on COPPA compliance. But the Digedu request to students to not share information is both hollow, and is undercut to the point of absurdity by stating that sharing personal information through the Digedu app is okay.
When it comes to personal contact information, Digedu requires a first name, last name, unique ID, and appears to also collect emails:
(W)e require a userâs first name, last name, course rosters, and an individual identification number, either designated to each student by his/her school or randomly generated by digedu. This allows the Learning Engine to populate classes with the correct students. We may also require usersâ email addresses.
So, Digedu has solid contact information on each individual with an account in the site - this includes both teachers and students.
Moving on to encryption, they make the following curious statement:
We encrypt many of our services using SSL.
The qualifier "many" is odd here. Why not encrypt all their services? What services don't get encrypted? I suspect that this clause is in here because they reuse some content that they don't own, and is served from other sites that aren't encrypted. In any case, this is a curious admission. Given that they don't enforce COPPA and collect real contact info, the lack of end to end encryption is not good.
Moving on to the Terms of Service:
They collect a lot of information on everyone using the service. It's hard to see how this information is essential to running the services they provide. The information they collect seems like an unjustifiably egregious violation of privacy.
We may collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number).
You read that right: they collect phone numbers. Equally relevant: they collect the unique hardware ID of every device, as well as brand information.
When you use a digeduÂ® equipped device, such as the Google Nexus 7, we may collect and process information about your actual location, like GPS signals sent by a mobile device. We may also use various technologies to determine location, such as sensor data from your device that may, for example, provide information on nearby Wi-Fi access points and cell towers.
You read that correctly. They collect location information. Given their stance on COPPA and their partial encryption, this is problematic. Using this data, devices with the Digedu mobile app installed can track the location of their user. With this information, Digedu can get pretty accurate home addresses, and a good sense of where a person goes, during and after school. This is creepy. This applies to all users - both students and teachers. Given that their stance on COPPA allows users under 13 to use their app, this data could potentially be collected on kindergarteners.
We may collect and store information (including personal information) locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches.
The way this is worded leaves this open to at least two interpretations. The first is that they store data related to Digedu use on your device. If this is the case, they should specify that this data is stored securely (for many reasons, but Apple's location debacle comes to mind). A second read of this - which is far worse - is that the Digedu app scans and stores data from selected other apps - like web browsers - to grab a copy of all sites you visit, searches, etc. If this is the case, this is a horrible overreach. It's difficult to make the case that harvesting this information is of any value to the end user. This feels like Digedu buttressing the size of their data store, in direct opposition to the interests of their users.
Moving on, it keeps getting worse: they can change the terms of service without notice, and you can accept the changes you don't know about just by logging in.
1. We can change this Statement if we provide you notice (by posting the change on digedu).
2. Your continued use of digeduÂ® following changes to our terms constitutes your acceptance of our amended terms.
This is a common poison pill in terms of service, and Digedu's version of it is expecially noxious.
Moving on, we come to how Digedu treats content created ad shared by users. When you share content with Digedu, they own it, forever, even if you leave the site. This is especially troubling for student intellectual property (IP), which gets handed to the company forever. This is equally troubling for teacher IP - teachers can plan lessons using Digedu software, and the company now owns all of that teacher generated work. This potentially could violate contract terms between districts and teachers.
When you upload or otherwise submit content to our Services, you give digeduÂ® (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content. The rights you grant in this license are for the limited purpose of operating, promoting, and improving our Services, and to develop new ones. This license continues even if you stop using our Services. Make sure you have the necessary rights to grant us this license for any content that you submit to our Services.
Your personal information is Digedu's asset, and it goes with the company:
All of our rights and obligations under this Statement are freely assignable by us in connection with a merger, acquisition, or sale of assets, or by operation of law or otherwise.
Also, it sounds like Digedu can sell user information ("sale of assets") to anyone, at their discretion, with no notice to end users.
And if a point isn't covered in the terms of service? That means it belongs to Digedu.
We reserve all rights not expressly granted to you.
As it currently stands, digedu collects first name, last name, personal locations, and browsing history from all users in the site. They also collect emails and phone numbers from many of these users. They also collect intellectual property (lesson plans from teachers, work from students) from all users.
Digedu claims the right to use all of this information, and the right to change the terms how this information can be used without consulting any users. If the company is sold, user information is an asset in the sale.
To put this into more human terms, a student using Digedu for a year via their mobile app would have their location tracked every day of that year. Digedu would have a record of where that student went for the year, in school and outside school. Digedu would know that student's home address, their phone number. Digedu would have unlimited access and control over the students work. If the student wanted to look at what Digedu has collected they have no recourse. If the student wants to delete their information, they have no recourse. If Digedu gets sold or goes bankrupt, that student information is an asset to be transferred. And, according to the terms of service, data collected by Digedu can be sold
And, at any point during that year, Digedu can change the terms to anything they want, with no notice to end users.
For teachers, it's worse. Teachers have their location and personal information tracked just like students, but if teachers do original work that they distribute via Digedu, that work is then controlled by Digedu, even if the teacher deletes it.
Digedu could easily revise these terms and still run their service. One possible explanation for terms of service this bad is an organizational disconnect between their legal team and the education and engineering teams. If this is the case, I hope they address the terms of service and their security practices quickly, and take steps to protect and safeguard user information that has already been entrusted to them.