Report blames IT staff for school Webcam 'spying' mess
Pa. school district's former IT head dismissed privacy worries of student intern in '08
Computerworld - The IT department of the Pennsylvania school district accused of spying on students using their school-issued laptops took the brunt of the blame in an independent report released Monday.
According to the report, which was commissioned by the Lower Merion School District and conducted by a local law firm, the IT staff not only failed to inform school officials and administrators of the tracking capabilities of the LANrev software, but argued that telling students about the software's ability to remotely trigger notebook Webcams would "defeat its purpose" as a way to recover lost or stolen computers.
The report also shed light on the incident that led a student and his family to sue the district, and revealed that privacy concerns had been raised by another student as early as 2008.
Lower Merion, of Philadelphia suburb Ardmore, Pa., was first sued by Michael and Holly Robbins, and their teenage son Blake, a high school student at Harriton High School, in mid-February after an assistant principal accused Blake of selling drugs and taking pills, and used a snapshot taken by the computer as evidence. Robbins claimed the pictures showed him eating candy.
The Robbins' lawsuit is ongoing.
Saying that the district's information services department had withheld information about LANrev's spying capabilities from the school board, administrators and students, the report noted that among themselves, the IT staff "expressed zeal for what TheftTrack could do." According to the report, people involved with LANrev's TheftTrack feature repeatedly told of tracking a stolen teacher's computer to a local residence, then to Pakistan, then back to Pennsylvania.
Since the Robbins' lawsuit, Absolute Software, LANrev's seller, has issued a patch that disables the function.
Virginia DiMedio, until June 2009 the district's director of technology, came under fire for not telling school officials of TheftTrack and its capabilities, although she allegedly had several opportunities to do so. DiMedio declined to be interviewed for the report unless she was compensated for the time her personal lawyer would be billed; the district refused to reimburse her.
In August 2008, a Harriton High student intern in the IT department raising concerns about the tracking feature with DiMedio. "I would not find this a problem if students were informed that this was possible, for privacy's sake. However, what was appalling was that not only did the District not inform parents and students of this fact...," the student wrote in an e-mail to DiMedio.
In the same e-mail, the student proved prescient. "I feel it would be best that students and parents are informed of this before they receive their computers. And while this only slightly sways my opinion on 1:1 [the district's program to provide a MacBook to every high school student], i could see not informing parents and students of this fact causing a huge uproar."
Both DiMedio and another IT staffer, Mike Perbix, dismissed the student's concerns in reply e-mails.
- Franken presses Ford on location data collection practices
- Justices let stand appeals court decision on border searches of laptops
- California lawmakers move to bar state help to NSA
- Appeals court again nixes Google's bid to overturn Street View case
- Older Mac webcams can spy without activating warning light
- Update: Judge rules NSA spy efforts may be unconstitutional
- Perspective: Privacy concerns could keep Amazon delivery drones grounded
- NSA collects data from millions of cellphones daily
- Perspective: Curbing data use is key to reining in NSA
- Lavabit-DOJ dispute zeroes in on encryption key ownership
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Gartner 2013 Magic Quadrant for Enterprise Backup/Recovery Software See why CommVault was positioned as the #1 leader in Gartner's 2013 Magic Quadrant for Enterprise Backup/Recovery software for the 3rd year in...
- Forrester Report: CommVault is a Leader in Enterprise Backup and Recovery In this report, Forrester takes a deep dive into the evaluation criteria, how CommVault is positioned and the features and functionality that make...
- Forrester Wave for Enterprise Backup and Recovery Read this report to see how CommVault continues to outpace its competitors and why Forrester positioned CommVault Simpana as the top backup and...
- Architecting the Network of the Future Networks need to change, as does the way IT thinks about and manages them. In addition to reliability, IT must now add higher...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Four Myths of High-Productivity App Dev Debunked Debunk the main myths surrounding high-productivity application development and how both platforms have overcome them. All Privacy White Papers | Webcasts