Watch It!

By:

Lessons learned from Lower Merion’s “Webcamgate”

By Andrew Page


It was the story you couldn’t avoid, covered everywhere from blogs to newspapers to morning news programs. The headlines were dramatic. Laptop surveillance. A school spying on its students. Invasion of privacy. Some 58,000 photos taken without students’ knowledge. Possible FBI investigation. Class-action lawsuit. A Good Morning, America interview with the high-school student suing his school district brought the story into the nation’s living rooms. The foreign press made it international. Then came a second lawsuit, filed in midsummer by a recent graduate who said he was also photographed while using his school-issued laptop.

Privacy and technology seem to be on everyone’s minds these days. Mix in the universal concern about the protection of children online and you have a combustible mix that boiled over for the Lower Merion School District in February 2010.

Fast-forward seven months, though, and things look a lot different. On August 17, 2010, the U.S. Attorneys’ office announced there would be no criminal charges in the case. A month earlier, the efforts to mount a class-action lawsuit on behalf of every high-school student using a school laptop were unsuccessful. Parents of students in this top-ranked district have rallied around the school, chipping in to help rewrite the policies on laptop security in a unique partnership with their school district that has fostered an even stronger sense of community.

In this issue, the embattled school officials are for the first time speaking publicly about their ordeal, offering their side of the story as well as the valuable lessons learned through this wrenching process. In exclusive interviews, Lower Merion Superintendent Christopher McGinley and the district’s Director of Information Services George Frazier share the cautionary tale of how the technological leading edge can become the bleeding edge. Read how they’re working to heal the rifts and rebuild the trust of their extended school community.

Aside from the snowplows still clearing the roads after a recent blizzard, February 18, 2010, started like any other Thursday for George Frazier, director of information systems at the Lower Merion School District in Pennsylvania. Eight months into his job as the top technology administrator in a school district known for its progressive use of technology, Frazier drove through the white winter morning mentally preparing for the district’s weekly “cabinet meeting.”

Every Thursday morning, the senior administrative staff meet to keep one another up-to-date on the running of this affluent school district just outside Philadelphia and to discuss any problems. Because the Lower Merion School District has a national reputation for the innovative use of technology in education, Frazier is often asked to provide updates at the cabinet meeting. A former marine who still keeps his hair cropped within regulations, he imagined that he might be giving an informal report on the rollout of the district’s cutting-edge one-to-one initiative, in which high-school students take school-issued laptops home with them. Or maybe he’d have to field questions about Lower Merion’s database project, part of the strategic plan he had been hired to implement just eight months earlier. As he navigated past snowbanks and turned into the district’s employee parking lot, Frazier went over what he’d say if asked for an update on the integration of technology into the classrooms at the brand-new Lower Merion High School building, set to open in the fall.

At his office, he turned on his desktop computer to quickly scan his email. A message forwarded by one of his tech staff caught his eye. Reading it, Frazier was astounded to learn that at 11 o’clock the night before, the Web site BoingBoing.net had published an online article about a major lawsuit that had just been filed against Lower Merion alleging that there had been widespread laptop surveillance of students at the district’s Harriton High School. The article took a sinister view of what had happened: “According to the filings in Blake J Robbins v Lower Merion School District (PA) et al, the laptops issued to high-school students in the well-heeled Philly suburb have Webcams that can be covertly activated by the schools’ administrators, who have used this facility to spy on students and even their families.”

Frazier barely had time to click on a link and print a PDF of the court filing before he had to dash off to the morning’s meeting; he walked in to find the room buzzing with nervous conversation. The planned agenda was thrown out to deal with what was quickly becoming an international media firestorm.

Douglas Young, the district’s director of school and community relations, related that he had arrived at work to find his voice mail completely full of messages from reporters as far away as Hong Kong covering the story.

“The key was gathering as much information as possible; keeping our students, staff, and community informed; and moving forward with our students’ interests in mind,” superintendent Christopher McGinley says when asked what that first day of the crisis was like.

“At that point, we went right into fact-finding mode,” remembers Young, who drew on his early experience working in public relations for the NBA in managing the nonstop calls from reporters. “We recognized that there was going to be a lot of information shared out in the media, a lot of discussion online. For us, we wanted to make sure that when we went out with information from the school district, what we were sharing was factual and accurate.”

The media were demanding to know whether the district had really been spying on its students through the laptops it had issued them. The lawsuit filed in federal court alleged that a Harriton High student had been confronted with photos taken from his Webcam by school administrators in a move that supposedly violated everything from the United States Constitution to the Pennsylvania Wiretapping and Electronic Surveillance Act. To reporters, who were calling from as far away as Europe and Asia, the story proved irresistible. Widespread paranoia about privacy in an era of fast-changing technology combined with concern about protecting vulnerable children had newspapers, magazines, and television shows tripping over each other to get the district’s response. All of them wanted answers that same day.

Back at the Lower Merion School District’s cabinet meeting, all eyes were on Frazier. Everyone wanted to know as much as possible about the remotely activated Webcam feature mentioned in the lawsuit. It was part of a suite of remote-management software called LANrev that the district used to update the software, and monitor the location and activity, of laptops issued to the students. The Webcam activation feature is called TheftTrack, and it allows administrators to control a missing laptop’s Webcam to snap pictures that are then emailed back to the district to assist in the laptop’s recovery.

“For me, it was difficult and frustrating,” Frazier says. “The software had been implemented before I took this job, and I frankly didn’t know a lot about it at that meeting. It was a lot of ‘I’ll get back to you as fast as I can.’”


Lower Merion School District Superintendent Christopher McGinley

LANrev had been in use in the district well before the oneto- one program allowed students to take their school-issued laptops home with them. A starter pack of 50 LANrev licenses had been purchased by the Lower Merion School District on May 15, 2007, to use with the 300 laptop carts the district had bought in the 2006–2007 academic year for use within Harriton High and Lower Merion High School classrooms for math and English classes. The LANrev software continued to be used as the laptop program was expanded to include computers that students were allowed to bring home. LANrev’s TheftTrack feature had been activated from time to time when a laptop was reported lost or stolen, assisting in the recovery of six out of 13 stolen student laptops. Some employees in the IT department reportedly felt that it would be less effective if students knew of its existence, and so it was not openly discussed or well understood, even at the highest levels of the school administration. This degree of detail would come out in a report released on May 3, 2010, after several weeks of research, by investigators whom the school district had hired.

But on the day the story broke, this kind of detail was not at Frazier’s fingertips. As the cabinet meeting went on, an immediate and realizable goal came to the fore: disabling the theft-tracking function of LANrev. “One of the first orders was ‘Shut that down!’” Frazier says. “And we shut it down, because our immediate concern was the privacy of students and their families.”

By the end of that first tumultuous day of information gathering, the theft-tracking feature on LANrev had been turned off. An official announcement was posted on the Lower Merion School District’s Web site at 4:45 p.m. to provide some preliminary answers to the questions swirling in the wake of the media frenzy. “The laptops do contain a security feature intended to track lost, stolen, and missing laptops,” it read. “This feature has been deactivated effective today.”

“I’m a one-person office,” says director of school and community relations Young, who remembers the relentless calls by reporters on deadline and the district’s focus on getting accurate information out to parents. “I have to prioritize my communications, and the top priority, the first groups of folks to be brought in, were parents and students.”

“We never lost sight of the kids and the families,” Frazier says. “That was always our focus.”

At 9:26 p.m. that same day, a letter from Superintendent McGinley to parents was posted on the district’s Web site. After acknowledging the importance of privacy as well as the district’s pride in being a technology leader, McGinley set out an action plan: to immediately disable the security-tracking program, which had already been done, and to review existing policies for student laptops, TheftTrack’s security procedures and activations, and any other areas where technology and privacy intersected.

This was the first of several letters that McGinley would send out to parents in the days after the story broke. On February 19, he sent another, confirming that there had been a security program on every laptop. “While certain rules for laptop use were spelled out—such as prohibited uses on and off school property—there was no explicit notification that the laptop contained the security software,” he wrote. “This notice should have been given, and we regret that that was not done.”



Webgatecam certainly has created a lot of paperwork. Besides the lawsuits (right), the district completed a series of its own internal audits (left). It also recently released an entirely rewritten technology policy. Go to techlearning.com to read through it all.

Two days later, McGinley posted yet another letter, informing parents that the district had hired the law firm of Ballard Spahr to lead an investigation that would be headed by former federal prosecutor Henry E. Hockeimer, Jr., the district’s laptop policies and practices and to offer suggestions for improving the system.

The steady flow of information to parents posted on the district’s Web site came to a halt on February 22, however, when the federal judge issued an unusual order that set limits on what McGinley and other school-district officials were able to tell parents about the case because those parents were potentially part of a class action against the district. From twice-daily updates, the information coming from the school district slowed down in March and April to something closer to one announcement a month, though the occasional public meeting provided a forum at which parents could ask questions.

“We had made a commitment to communicating regularly,” Young says, “and without the ability to do that, it was very frustrating.”

Filling the information void were the parents themselves, some of whom became wary of the class-action initiative, which could become very costly for their school district. With the district limited by the federal judge in what it could say, parents shared available information among one another. Over the next few months, 400 of them would join a Facebook group called Reasonable LMSD Parents Refusing to Rush to Judgment. Another group, called lmsdparents. org, was organized pro bono by parents with legal expertise in “opposition to the class action that was filed in connection with the laptop/Webcam issue,” according to the FAQ page of the group’s Web site.

Meanwhile, investigators from Ballard Spahr, the firm hired by the district, began a top-to-bottom review of the policies and procedures associated with the high school’s one-to-one program. One of its first steps was to hire L-3 Communications, a New York–based computer company specializing in surveillance and security, to do extensive computer forensics to determine exactly how many times student Webcams had been activated. L-3 Communications analyzed the computers of the two tech administrators who had the power to activate the TheftTrack program, and the two—information-services coordinator Carol Cafiero and network technician Mike Perbix—were put on paid administrative leave, an action that school officials stressed was not assigning blame but simply being prudent during the investigation. Cafiero and Perbix remained on paid leave as this article went to press. According to Frazier, “it was simply a necessary step in an investigation of this magnitude.”

L-3 also examined the Lower Merion School District’s email servers, file servers, and security devices. The results of the district’s investigation were made public at a meeting on May 3, 2010. Among the main findings in the Ballard Spahr report: The district did not notify students and parents about the TheftTrack feature because “certain IS personnel believed students and parents should not know about the full capabilities of TheftTrack.” The report, which was also based on extensive interviews with Lower Merion’s board of directors, administrators, staff, and IS department personnel, also stated that TheftTrack was not fully understood by many of the district’s highschool administrators themselves, and investigators cited Superintendent McGinley’s misapprehension that TheftTrack was used only in connection with police investigations.


Lower Merion School District Director of Information Systems George Frazier, pictured in the district’s server room.

The investigation found that tens of thousands of images had been generated by TheftTrack from 179 activations of the feature on student laptops: a total of 57,986 images, to be precise. Though this number is alarming, investigators said that it was not in itself a sign of extensive spying, because the large volume of images was largely the result simply of failing to deactivate 12 Webcams (that had been turned on to aid in the laptops’ recovery) once they had been returned.

The report placed the blame on the laptop program’s rapidly being expanded without its policies and guidelines being reviewed. In the public meeting held to discuss the findings, Ballard Spahr’s lead investigator, Henry Hockeimer, said that “the IS department had no written guidance for activating TheftTrack” and that “IS staff activated TheftTrack inconsistently in the absence of formal guidance.”

The written Ballard Spahr report was definitive about its findings: “Notwithstanding the large quantity of images collected by LANrev TheftTrack, we found no evidence that the feature was used to ‘spy’ on students. Although there is no forensic method to determine with certainty how often images stored on the LANrev server were viewed, we found no evidence that any District personnel surreptitiously downloaded images from the LANrev server. Rather, the collection of images from laptops while they were in the possession of students resulted from the District’s failure to implement policies, procedures, and recordkeeping requirements and the overzealous and questionable use of technology by IS personnel without any apparent regard for privacy considerations or sufficient consultation with administrators.”

In April, parents were offered the opportunity to review any images taken of their children, after which those images would be destroyed. And while a settlement in the initial lawsuit has not been reached, the effort to mount a class action has been abandoned. [ED NOTE: On August 17, it was decided that there would be no criminal charges in the case.]

The momentum began to shift just weeks after the suit was filed, when a group called Parents in Support of the Lower Merion School District collected 791 signatures at the Web site ipetitions.com. The petition reads: “We are aware that the addition of security-tracking software to laptops on loan should have been clearly communicated to students and parents alike, but we do not believe that there was any malice or duplicity underlying the omission. It was a misstep that could have been avoided, but we do not believe that it was done deliberately. We understand that the feature was activated only when a laptop was reported missing, or when it had been removed without authorization, and that over one third of those laptops were recovered through its use without any complaint.”

In a court filing on May 12, the family of the student who brought the initial class action dropped their plans to seek monetary damages for all students in the Lower Merion School District, though they continue to seek settlement for the violation of their own child’s civil rights.

In the months since the report was released, the Lower Merion School District has continued to be proactive. Superintendent McGinley says, “The board hired SunGuard, a Wayne-based computer-services company, to help develop a comprehensive action plan addressing IT governance and policy development, including an audit of current policies and administrative regulations and procedures.” Security training for all information-system staff and procedural training for administrators are also being provided by the district. In addition, incoming high-school students are getting a special digital-technology “boot camp” course to learn the basics of Internet security, privacy, and social-media ethics.

In June, the school district decided to switch from LANrev to Casper Suite, a remote-management software suite that does not include any of the theft-tracking features of the software it replaces.

For IS director Frazier, the outside investigation of the technology and the top-to-bottom review of technology policies in light of privacy issues is just the latest “reinventing” of the IT department that he has seen in his decades of experience managing information technology in an educational setting.

“IT used to be about how many computers in the classroom, how many servers in the rack, how many lessons were being integrated,” he says. “Now, like HR or special education, it has to be considered for its legal implications as well.” Frazier has been educating himself on subjects relating to privacy that he says will only become more complex as education continues to expand into distance learning. Despite all the challenges the Lower Merion School District has experienced since February, there has been no retreat on the issue of technology in the classroom or on the aggressive rollout of the student laptop program.

“The district decided to implement the one-to-one program because it offered our students an unparalleled connection with technology and tools that we find to be enormously valuable in their learning,” McGinley says. “We realize that being on the cutting edge comes with certain challenges—and some hard lessons. With the help of technology experts and others in our community, we believe the district is now positioned to be a model for other districts.”

If there is a silver lining for this school district, which has incurred more than a million dollars in legal fees and countless hours of extra work, it may be that just as the advanced use of technology put it on the front lines of privacy issues, the same technology has proved itself a remarkable ally in connecting the district with its parents and students, who rallied around the shared mission to provide the most upto- date learning tools and environment. Whether it was Facebook groups or electronic petitions, Web sites or video broadcasts of public meetings, the solutions to the many challenges to the district’s use of technology came, in part, through technology itself.

In May, the same school at which the laptop-spying scandal broke, Harriton High, was the setting for the first meeting of a brand-new technology advisory council, a group of parents, students, and administrators who have volunteered to meet and discuss subjects raised by the district’s progressive embrace of technology for learning. Sixty volunteers attended the first meeting, which ran for three hours, and discussed everything from policy development to the overall strategy of using technology in the classroom. A special subcommittee on privacy and security was formed and had its first meeting in July.

IS director Frazier was there.

“One thing that has emerged from all this is that IT leadership is no longer hiding in the wiring closet,” he says. “IT leadership has to also think about it in terms of communicating with the students and parents, and how you can add value and decision making.”

-Andrew Page

NEW POLICIES IN PLACE

In August 2010, the Lower Merion School District adopted new policies for school-issued laptops that cover everything from acceptable student use to IS personnel training on procedures. Clearly defined roles for teachers, principals, and information-service staff were developed with input from a technical advisory committee of students, parents, teachers, administrators, and community members.

Here’s how their roles break down:

¦ TEACHERS AND ADMINISTRATORS: In their day-to-day interactions with students, they can bring concerns about stolen or missing laptops to the principal or assistant principals of their school.
¦ PRINCIPALS AND ASSISTANT PRINCIPALS: The decisionmakers in cases of stolen or missing laptops, they also are responsible for deciding how to handle questionable material on student laptops.
¦ IS PERSONNEL: Focus on daily network and computer operations, as well as maintenance of laptops.
¦ DIRECTOR OF INFORMATION SYSTEMS: Responsible for the functionality and security of the laptop program and for managing IS staff.
¦ THE NEW RULES ON LAPTOP RECOVERY: If a laptop is reported missing or stolen, a written report is filed with the principal’s office. Based on that report, the district can activate Internet Protocol (IP) tracking with parent and student consent to help retrieve the laptop. Key quote: “At no time will the Laptop camera be activated remotely nor will screen shots, audio, video or on-screen text be remotely monitored” reads a key line in the Lower Merion School District’s Policy number P893, second revision.

MORE RESOURCES

True to its commitment to using technology to foster communication and build community trust, the Lower Merion School District has put its extensive and newly revised laptop policies online:

http://www.lmsd.org/sections/about/depart/tech/default.php?t=departments&p=depart_tech_laptop_related&menu=depart_tech_laptop

The Lower Merion School District has also organized its official announcements regarding legal and procedural developments concerning privacy issues and the One-to-One laptop program:

http://www.lmsd.org/sections/about/depart/tech/default.php?t=departments&p=depart_tech_laptop

Parents of students in the Lower Merion School District created their own Facebook page called "Reasonable LMSD parents refusing to rush to judgment" and it can be viewed here:

http://www.facebook.com/group.php?gid=341639361762&v=wall

A group of parents with legal expertise have formed a group called "lmsdparents.org" and have sought a voice in the legal proceedings. Their website hasn't been updated since April, but they lay out their point of view in their statement and legal filings:

http://www.lmsdparents.org/Site/Welcome.html

 

 

Sponsored
Alert to All Users of the Disqus commenting system:
Because of a recent global security issue, the Disqus website recommends that all users change their Disqus passwords.
Here's a URL about the issue: http://engineering.disqus.com/2014/04/10/heartbleed.html
comments powered by Disqus

SUBSCRIBE

current issue

Game changer or vaporware?

CONNECT WITH US