Education Apps – Learn or Learn from you..
Now days education apps have become essential tools for both students and educators. These apps are designed to help us learn—by providing interactive lessons, personalized study plans, and access to a wealth of resources. But the real question is, are these apps just teaching us, or are they also learning from us?
There has been an uptrend in the acceptance of technology in the field of education, and the trend picked even more pace due to the COVID lockdown when the entire education system became dependent on technology. Technological support deserves its fair share of appreciation for supporting society during COVID and helping children to cope with their curriculum. Some players were already present in this area before the pandemic, but looking at the opportunity size, many new players quickly entered this space and as expected, their applications got millions of downloads. Some of the well-known applications include Coursera, Remind, Udemy, Classmojo, Sololearn, etc
While these applications are expected to deliver educational material to learners, when security researchers inspected them closely, they found that these applications might actually spy on their subscribers by seeking more permissions than necessary. Some users may simply grant all the access that these apps demand during installation without understanding the underlying implications. However, security researchers have found that these apps are taking more control of the users’ devices and if compromised may be used to spy on their personal data, learning history, capturing photos and videos using device camera. The subscriber base of many of these applications is more than 10M and collectively it may be more than 100 millions.
Almost all such apps ask for camera and mic permissions. While it may facilitate in capturing images, videos, etc., for the learner to upload onto the application, it is a component of users’ device that can see their surroundings and capture their photos and videos, thus diving into users’ personal space which has little to do with the application. Some of the apps tested by researchers that were found to have camera and mic access were Coursera, Canvas, lingokids, blackboard, etc.
Coursera and Duolingo were found even to have access to device accounts. This is concerning as the permission to access device accounts clearly has nothing to do with the app functionality, but this can be abused to breach users’ privacy and obtain sensitive data. The apps can access user accounts registered on the device, such as their Google account, Samsung or Meta accounts. Users’ email addresses, usernames and account identifiers can be at risk when such abrupt permissions are granted.
Security researchers advise users to always review permission requests before allowing access. Pay attention to permissions that seem unnecessary for the app’s intended functionality. On the Android OS, you can manage and revoke app permission on your device’s settings by navigating to “Application Manager” or “Apps.” If the app requests unnecessary permissions for its functioning, it is better to avoid them totally. It is also crucial for regulators to frame policies to control the permissions these applications can ask for and what they actually need. Enforcing minimum control over the users’ devices is essential to protect the end users.
However, as these platforms learn more about us, it’s important to ensure our data is protected. Embrace the future of learning with confidence, but always prioritize safety and privacy when using educational tools. Stay informed, stay secure, and make the most of the digital learning revolution.
