Line by Line

Spycams: Is Bad School Policy Just the Start?

posted Mar. 17, 2010 (Written Feb. 28, 2010)

Tags: PC World, privacy

A recent blog post on PC World tells the story of a teenage boy who whose school disciplined him on drug charges because they saw him eating Mike and Ike.

Now as stupid as that is, the real issue here isn't a Zero-Tolerance policy gone wrong, but how and where the school saw him: In the privacy of his own home, courtesy of a shool-provided laptop with a webcam in it. Apparently the laptops come with remotely activated "security" software that phones home with a live feed from the camera. It's supposed to be used to track down stolen laptops. The FBI has gotten involved to see whether the school violated any privacy laws.

I got basically three main points out of the article and ensuing comment thread.

  1. What on earth gave them the right to spy in this instance? Even if they did have some reason to believe the kid was on drugs--which by the way has what to do with finding lost laptops?
  2. Could the school possibly have missed the major privacy issues? For one, what if students have the laptops in their bedrooms and people can see them changing clothes?
  3. How is using the webcams to find lost laptops even a good idea? Is the thief's face (hopefully) and the off chance that there's a recognizable landmark in the background really that much better than tracking the IP address?

This is all very serious. I hope that this program gets shut down and the idiots who thought this up (Thank you, public school system) get fired. Hey, if it's zero-tolerance for students...

But there's a larger issue here, one that the FBI can't solve. Sure, they could shut down this one program. A law could (could--I won't hold my breath) shut down any such programs across the U.S. But what's to stop malware writers from doing the same exact thing? It's bad enough that you can lose control of your information by clicking a bad link, but now we have to worry about being filmed!?

I think that any piece of hardware that can open you or your system to being compromised (in any of several senses of the word) should be placed completely in your control. That means it needs to come with a switch. Not an "If you don't mind, could you please shut down in a little while?" button like the power button on your computer. A switch that cuts the power to the camera (or microphone, wireless card, or whatever) so that it can't function no matter what the software tries to do.

Sorry, I may be on the verge of one of my "It's my computer, not Dell's" rants. I'm just a big believer in letting end users control their own systems. Power to the people!