Doug Levin has a great piece on a real case of curious students exploring their K-12 district’s network. Of course, they “shouldn’t” have done that, right? Every adult in the room knows that, and the kids knew it, too. But the temptation was just soooooo great.
So do read The Case of ‘Joseph Jones’ and the Rochester Community (Michigan) Schools. Doug and I have long been on the same page that districts’ responses to bright, curious students, can make or break a child’s future. And hacking out of curiosity vs. hacking to change grades or cause malicious damage are very different things. Then, too, what responsibility do we assign to adults who are not being diligent nor transparent with the community? As Doug writes:
To wit: when 12 year-olds can breach the IT systems of organizations with $100 million+ budgets, how should we assign blame? Penalties and disciplinary actions for students who violate acceptable use policies are established, but what of the consequences to school districts. At what point could district leadership be considered negligent? What obligation do schools have to be forthright with their communities about their digital security shortcomings? How might schools react differently to these incidents, in ways that are more proactive and even humane? These are hard questions, no doubt, but given the frequency of ‘students hacking their schools’ incidents, I believe it is time we more forthrightly address this complicated issue.
Read Doug’s thoughtful post and see what you think.