Over the last decade or so, I have had the great pleasure to have worked with, and be supported by, some fantastic teams and individuals. From open communities, the sharing of best and innovative practices, peer review and support, heart-felt guidance and a leg-up on so many occasions. In return, I try to give others the same support that was given to me and so I have been continuing to work on some projects over the last 6 months as part of paying it forward.
The projects below are designed to help both schools and EdTech vendors work together and how that can also be made more transparent to all those involved, especially DPOs, staff, children, and their families. They aim to translate some of the languages and approaches you may find around data protection and privacy and ensure that it is clear where it all sits within the education landscape.
As always, the EdTech world is a large and thriving place, and I always welcome others to come along with me on this journey, taking over the work or projects at the right time. Some of these projects are clearly linked to my own consultancy, others are general ideas that have been worked on by many people over the years, and some to come are probably a tad bonkers, but worth exploring anyway. As I go through the stages of these projects I hope to blog updates about where they are and what difference I hope to make with them. If you are interested in getting involved in any projects (including taking any over) then drop me a line at [email protected] for a chat.
Open Source Data Processing Agreement Design Patterns
Over the last 5 years, I have been hunting for the most appropriate ways for EdTech vendors and schools to state the agreement between them for the handling of personal data. With Juro putting out their Open Source Privacy Notice Design Patterns project earlier this year, I approached them, and the consultant involved, to see if I could fork it off to create DPA design patterns. They said yes, so this has been slowly built on over 2021, to release the first beta in September 2021. More information will come over time, including a dedicated page, but if any EdTech vendors are interested in getting involved at an earlier stage I am more than happy for them to join in … and as this is open source and they will contribute to the project there are not consultancy fees! A working example of the Beta is now published through my work at my regular job with NetSupport and can be viewed HERE.
Open Source Request for Information Template
As part of previous work, I was lucky enough to be part of the community contributing to the DfE’s GDPR Data Protection Toolkit for Schools. As a spin-off from this, the DfE suggested the group runs its own website for resources and so Education Data Matters was published (unfortunately the group and site are now gone, but working on getting the resources live again). Out of many resources released by group members, there was a RfI for security and 3rd party information. This was based on materials used by ParentPay (at this time, the largest payments system used by schools) but was heavily security/ISO driven. As part of the continued work of the group, I have been tweaking and improving this, intending to have a RfI that helps answer queries on information security and data protection/privacy. This is due for release by the end of December and has already had a good response from those involved in the Beta stage of the project. A working example is available through my work at my regular job with NetSupport and can be viewed HERE.
The Children’s Code and EdTech Vendor Standards
With the upcoming ‘activation’ of The Children’s Code (oh yes, I have heard it referred to in that way. Don’t go there!), there are still so many questions on how does it apply to EdTech vendors, what are the legal ramifications, are there other standards that need to be looked at, who is running any other codes of practice of codes of conduct, and what guidance is definitive? There are still some answers yet to be publicly shared on this (there are some very public opinions, though we cannot be sure if they are right or wrong until final guidance is published for schools), but I have been part of groups deeply involved with discussions with the ICO team and other stakeholders. There is a range of options on how different codes could apply and several interested organisations. I continue to look for possible partners who want to lead on work around this, hopefully setting the pace that others have to catch up with.
I continue to play an active role in many communities. Educational, technical, privacy, data protection, leadership and safeguarding. I like to break down silos and ensure people can work together. If you are part of a community you think might interest me, or you want to expand your own network of communities, feel free to drop me a line. If you have projects you think I might be interested in or be beneficial to anything I am doing, then let me know. I might not be able to get involved (capacity, conflict of interests, etc.) but I will probably know someone else who would also be a good fit. I will continue to blog about these as items of interest come up, or share via LinkedIn, Twitter or other places.
I hope this gives a brief insight into what I am presently involved in outside of my work as part of the fantastic team at NetSupport. If you are interested in hearing about what I am up to over there, come over to https://www.netsupportsoftware.com and have a chat.
You can also Buy Me A Brew if you would like to.