Laptop-Spying School District Superintendent Covers Ass By Claiming Security Feature

Illustration for article titled Laptop-Spying School District Superintendent Covers Ass By Claiming Security Feature

Dr. Christopher W. McGinley, Superintendent of the Lower Merion School District—the district accused of invading students' privacy by accessing their laptop's webcams remotely—has sent an email to parents and guardians explaining why. Kind of:

————— Forwarded message —————
Date: Thu, Feb 18, 2010 at 9:33 PM
Subject: Email from Lower Merion School District

Dear LMSD Parents/Guardians,

Our history has been to go to great lengths to protect the privacy of our students; whether it comes to student health, academic or other records. In fact, many of you may remember the heated debate over whether to have security cameras monitor some of our food vending machines. Privacy is a basic right in our society and a matter we take very seriously. We believe that a good job can always be done better.

Recent publicity regarding the District's one-to-one high school laptop initiative, and questions about the security of student laptops prompted our administration to revisit security procedures.

Laptops are a frequent target for theft in schools and off school property. District laptops do contain a security feature intended to track lost, stolen and missing laptops. The security feature, which was disabled today, was installed to help locate a laptop in the event it was reported lost, missing or stolen so that the laptop could be returned to the student.

Upon a report of a suspected lost, stolen or missing laptop, the feature was activated by the District's security and technology departments. The security feature's capabilities were limited to taking a still image of the operator and the operator's screen. This feature was only used for the narrow purpose of locating a lost, stolen or missing laptop. The District never activated the security feature for any other purpose or in any other manner whatsoever.

As a result of our preliminary review of security procedures today, I directed the following actions:

• Immediate disabling of the security-tracking program.
• A thorough review of the existing policies for student laptop use.
• A review of security procedures to help safeguard the protection of privacy; including a review of the instances in which the security software was activated. We want to ensure that any affected students and families are made aware of the outcome of laptop recovery investigations.
• A review of any other technology areas in which the intersection of privacy and security may come into play.

We are proud of the fact that we are a leader in providing laptops to every high school student as part of our instructional program. But we need to be equally as proud of the safeguards we have in place to protect the privacy of the users, as well as to safeguard district-owned property while being used by students.

We regret if this situation has caused any concern or inconvenience among our students and families. If you have any questions or concerns, please email us at Additional information has been posted on our website,

Thank you for your time and attention.

Dr. Christopher W. McGinley
Superintendent of Schools
Lower Merion School District

Do Not Reply. This is not a reply e-mail address.

It's good to see that they have turned the spying software off. It's not so good—but understandable, given the legal situation—that he's not recognizing any wrongdoing, and instead trying to dress the whole thing as a "security feature."


He doesn't talk about the class-action suit, or the fact that students have been asking about this for as long as a year. Talking to Gizmodo, some Lower Merion High School students claimed that, when asked about the random activation of their MacBook's webcams, tech support explained that it was all a technical glitch. These two explanations don't match up. A technical glitch, which admits that it's happened, but accidentally, and the Superintendent's "never activated...any other purpose or in any other manner whatsoever" contradict each other. Which is it?

It has taken a class-action suit and massive media coverage to actually acknowledge than the technical glitch was actually security software, installed on purpose to "track lost, stolen and missing laptops." It's just too bad that, according to the students, they were using that software to randomly spy on them at their own homes. [Gizmodo]


Nick Burns, Your Company's Computer Guy

Working for a school district, in the IT department... I have actually brought this story up with our Network Admin. He actually agrees that they are almost completely in the wrong, what they should have been doing is to install monitoring software that tracks sites visited, logs keystrokes and what it is generally being used for.

It seems to me what they should have done was just buy laptops without webcams, none of this would have happened.

Enabling and taking screenshots of the webcam's view is beyond just a security measure for theft. If they really cared about theft, it would be easy enough to put a low-jack chip somewhere in the empty space within the laptop's shell.

It also should be stated to the students that by accepting to use a school owned laptop, like any business owned machine, it should be used only for business/school related activities, and that the school would have the right to track the websites visited and log keys. The school would also have the right, if deemed a security threat, to revoke use of their laptop if the policies were broken.

But, I also can't speak for a district in Pennsylvania, being that I work in Minnesota.