The head of Code.org is taking an unusual step – by deleting student emails.
Hadi Partovi, founder of the education nonprofit, told EdScoop in an email that he was prompted by near-daily news reports about cyberattacks to stop storing student emails in Code.org’s servers.
“The easiest way to protect sensitive data from hacking is to not have it stored in the first place,” he wrote in the email. “In today’s world, the more data you store, the more risk you bear.”
Partovi first announced the move to protect student privacy, which will go into effect in late August after public comment, in a blog post last week.
“We did this because the privacy and safety of student data is more important to us than the ability to contact our users,” he wrote in the post. “We hope other education web sites consider the same approach.”
He also wants other edtech companies and nonprofits to take note.
“Any CEO who says their web servers will never suffer a breach is misrepresenting today’s sad reality,” he wrote.
“I hope that education organizations, particularly nonprofits, would
consider the same approach as Code.org – to not store data in the first place to protect student privacy.”
With the new changes, students can log in to their accounts without sending their emails to Code.org’s servers. This was already in place for students under 13, but now it will be expanded to all 10 million students who have accounts in the system, Partovi wrote.