Hong Kong’s education authorities have asked the elite school to review its data-handling policy after it was suspected of collecting information from students’ computers and installing devices to monitor their activities.
The Privacy Commissioner for Personal Data also announced Thursday night that it would investigate complaints posted online about St. Paul Coeducational College’s collection and handling of students’ personal information.
The anonymous complaint surfaced on Instagram, and the mid-sized school recently began requiring students to hand over their devices to IT staff for inspection after discovering the devices were frequently used to play video games. he claimed.
Hong Kong schools hold National Security Education Day to educate students on Xi Jinping’s national security focus
The complainant also alleged that based on the first group of students whose computers were scrutinized, school officials backed up student data to USB drives and installed questionable surveillance equipment to check on student activities after school. .
In Hong Kong, personal data may only be collected for lawful purposes directly related to your job duties or activities. The data collected must be necessary and appropriate for such purposes, but not excessive.
Social media posts also indicate that the school’s inspections include scrutinizing personal account information, personal files, photos and chat records on devices, raising concerns on campus.
According to the complaint, school staff backed up student data to USB drives.Photo: Felix Wong
The complainant said it was unreasonable for the school to restrict students’ computer use after class, even though they paid about HK$7,000 (US$894) for each device, violating students’ privacy. criticized the school.
The Education Department announced Thursday night that it had contacted the school for more information and requested a review of its data handling policy.
In a statement to the SCMP, a school spokesperson said they are aware of student tablet computer usage, ensure the devices are used appropriately, and identify potential risks to campus network security. To prevent this, he said he recently conducted a “health check exercise” using sampling. Because viruses and malware may be downloaded accidentally.
The school said the computer tests were conducted in accordance with the Department of Education’s “bring your own device” policy, and consent was obtained from parents and students.
English teachers in Hong Kong will take IELTS instead of on-site assessment from next year
“During this process, only the students’ browsing history, installation history, and execution logs during class hours were collected using USBs,” it added. “Relevant raw data will be permanently destroyed after completion of the exercise and any necessary follow-up measures.”
The privacy watchdog said it had not received any complaints but would contact the school to gather further information and ensure compliance with privacy laws.
The school said it values student privacy and strives to provide a safe and conducive learning environment.
The school added: “When developing our measures and school policies, we have always put the best interests of our students first.”
