Investigation conducted by the Human Rights Watch (HRW) has found that the Malawi Government violated children’s right to privacy and other rights through online learning introduced during the Covid-19 pandemic as children’s data was being collected and sent to companies such as Facebook.
This is according to HRW’s submission to the UN Committee on Economic, Social and Cultural Rights regarding Malawi’s compliance with the International Covenant on Economic, Social and Cultural Rights.
In the submission dated January 2023, Human Rights Watch said it analyzed Notesmaster, an education technology (EdTech) website that was used by Malawi’s Education Ministry as its primary means of delivering online education to secondary school students during the pandemic. The website was developed in partnership with Notesmaster, its parent company of the same name.
As most Malawian children were not likely to have access to affordable, reliable internet access to the website was provided to students at no cost through a partnership with Telekom Networks Malawi, a major telecommunications provider in the country.
Notesmaster was found surveilling children not only within its online learning platform, but also tracking them across the internet, outside of school hours, and deep into their private lives.
The Human Rights Watch observed 14 ad trackers and 15 third-party cookies sending children’s data to a combined 16 advertising technology (AdTech) companies. In most instances, Notesmaster transmitted this data to domains owned by companies that are intended to receive and process incoming data for commercial or advertising purposes.
In addition, Human Rights Watch observed Notesmaster collecting and sending children’s data to Meta (formerly Facebook) through Facebook Pixel, an AdTech tool that could not only be used by Notesmaster to later target its child users with ads on Facebook and Instagram, but also allowed Meta to retain and use this data for its own advertising purposes. Notesmaster also sent children’s data to Google’s advertising platforms.
In doing so, Notesmaster permitted these companies the opportunity to stitch together and analyze the data they received to guess at a child’s personal characteristics and interests (“profiling”), and to predict what a child might do next and how they might be influenced.
“Profiling and targeting children on the basis of their actual or inferred characteristics not only infringes on their privacy, but also risks abusing or violating their other rights, particularly when this information is used to anticipate and guide them toward outcomes that are harmful or not in their best interest,” Human Rights Watch said.
Moreover, the Committee on the Rights of the Child has warned that such processing and use of children’s data “may result in violations or abuses of children’s rights,” and has called on states to “prohibit by law the profiling or targeting of children of any age for commercial purposes on the basis of a digital record of their actual or inferred characteristics, including group or collective data, targeting by association or affinity profiling.”
According to Human Rights Watch, it did not find evidence that Malawi’s Education Ministry took measures to prevent or mitigate children’s rights abuses through Notemaster’s data practices, or that the Education Ministry checked whether Notesmaster was safe for children to use.
As a result, children whose families were able to afford access to the internet and connected devices, or who made hard sacrifices in order to do so, were exposed to the risks of misuse or exploitation of their data.
The Education Ministry in Malawi did not respond to Human Rights Watch’s request for comment.
On its part, Notesmaster denied that it shares children’s data with third-party advertising companies and stated that it does not display advertising on its site.
In its response to HRW, Meta did not address whether it was receiving children’s user data from Notesmaster and said that it was their customers’ responsibility to comply with their policies and applicable laws that prohibit the collection of children’s data.
Meanwhile, HRW has told the UN Committee on Economic, Social and Cultural Rights to ask the Malawi Government on whether it plans to amend its proposed draft data protection law to incorporate comprehensive protections for children.
The committee has also been advised to find out the remedy the government will provide to children who have experienced infringements of their rights as a result of their use of Notesmaster and whose data remain at risk of misuse and exploitation.
For the Malawi Government, HRW has recommended that the government should require Notesmaster to immediately remove all ad tracking technologies from its website, and delete any children’s data collected during the pandemic.
Government has also been told to immediately notify and guide affected schools, teachers, parents, and children to prevent further collection and misuse of children’s data.
HRW says government should require AdTech companies to identify and immediately delete any children’s data they received from Notesmaster during the pandemic and ensure that any services that are endorsed or procured to deliver online education are safe for children.
The Malawi Education Ministry has been advised to work with other relevant institutions and require all actors providing digital educational services to children to identify, prevent, and mitigate negative impacts on children’s rights, including across their business relationships and global operations.
The Ministry has also been told to require child data protection impact assessments of any educational technology provider seeking public investment, procurement, or endorsement.
Follow us on Twitter:
