School Absolves Itself of Student Spying Laptops; IT Dept Blamed

A ten week investigation into the Lower Merion School District's (LMSD) use of webcams to spy on students with school-issued laptops has found that the school did nothing wrong -- aside from taking 58,000 images without consent.

The 72-page report (PDF) exonerates most higher-level school officials, concluding that there is no evidence indicating that anyone above the IT level "knew how TheftTrack worked or understood that it could collect large quantities of webcam photographs or screenshots." (Source: techdirt.com)

The report also confirms that 58,000 images were captured.

Report Chastises District for Being Overzealous

Despite the extra 58,000 images captured, plus emails alleging that school officials found the spy technology entertaining, and the fact that the system was discovered by a student that was being spied on, the report concluded that no evidence was found indicating that school officials used TheftTrack to spy on students.

Instead, the report (PDF) chastises the school district for its overzealousness in their use of the technology, and for having complete disregard for student privacy. (Source: techdirt.com)

Blame Placed on School's IT Personnel

The school-sponsored report places most of the blame on the school's IT personnel. The report states that the IT department withheld information about the capabilities and their use of TheftTrack from the Board, administrators, and students, and that certain board members or district and school administrators had some knowledge of the district's ability to track laptops, but did not seek information or advice, and did not sufficiently voice concerns they might have had.

The ten week investigation allegedly included the review of approximately 500,000 pages of documents, 42 interviews with LMSD directors, administrators and employees, interviews with other witnesses with potentially pertinent knowledge and the receipt of a report from L-3 Services, Inc., an independent computer forensic consulting firm.

The capabilities of the TheftTrack program were never disclosed to families of students that were issued laptops by the school and no official policies or procedures governing the use of the TheftTrack feature were adopted by the district's IT personnel.

Only two members of the district's IT department had the capability of activating TheftTrack, which happened 177 times during the 2008-2009 and 2009-2010 school years. (Source: google.com)

Visit Bill's Links and More for more great tips, just like this one!