The Ventura Unified School District has disabled Google Chrome extensions on student Google accounts

On March 23, the Ventura Unified School District permanently closed the Google Chrome Web Store (CWS) to VUSD student Google accounts. This prevents the use of extensions on school chrome books such as Grammarly and offline access to Google Drive. 

VUSD Educational Services Executive Director Dr. Greg Bayless said, “After consultation with district administration and technology services personnel, I made the final decision [to close the Chrome Web Store]. I currently oversee both VUSD’s Technology Services department and secondary instructional programs.”

The CWS first started in 2010 and it is a marketplace for Google Chrome applications, browser themes and extensions. It is a web store similar to the Apple App Store, with users able to review programs along with having access to both free and paid software.

Bayless said, “There are two primary reasons the CWS was recently closed, both of which relate to our district’s legal obligation to conform to the federal law known as CIPA, which stands for the Children’s Internet Protection Act. CIPA requires school districts that receive federal monies to have internet safety protocols that 1.) block/filter access to web content that is inappropriate for minors and 2.) prevents unauthorized disclosure/collection of a minor’s personal data. Virtual Private Networks (VPNs) and proxy extensions that are downloaded in the Google Web Store allow students to circumvent the internet content filter that we are required by the CIPA law to have and maintain; so first and foremost, VPNs and proxy extensions in schools presents the possibility that a district is inadvertently in a violation of federal law. Second, school district’s are also legally required to have CSDPA’s (California Student Data Privacy Agreements) with any vendor/developer/application/software that legally ensures student data gained through the use of the application/extension/software will not be sold or misused, and in the case of a data breach they agree to notify the school district within a specific timeframe, all in addition to committing to other data practices the reduce the likelihood of a data breach.”

VPNs allow people to hide their online activity, including browser history and IP address. VUSD uses iBoss web filters to enforce the CIPA. VPNs allow students to bypass iBoss CIPA web filters, as iBoss uses IP address as one of its criteria to filter (which VPNs mask). 

VUSD Technology Integration TOSA Curriculum and Instruction Mariefe Bouwman said, “Access to the Chrome Web Store (CWS) has been closed, so students no longer have access to Chrome extensions.  Some students were using the (CWS) to download VPNs that enabled them to circumvent our district firewall. This is a violation of the VUSD Student Acceptable Use Policy.”

Junior Heather Lory said, “I have used chrome extensions before for school related extensions such as Grammarly. I think that the decision to ban them was one of the worst mistakes they’ve ever made and truly hinders my and others educational experience. I would like extensions to be unbanned because it would make my life so much easier especially when writing essays or doing other school projects.”

Bayless said, “The CWS will never be totally accessible again. Even if CIPA were overturned somehow in a federal court (not likely) or if a new, less restrictive set of federal and state laws were passed that superseded it (again, not likely in my opinion) district’s still are under a strong ethical obligation to ensure student safety/data privacy when on district devices. So, I would argue that independent of even severely unlikely events as above, this will be/should the appropriate decision to make by a district. I was told by one of our VUSD technology managers who meets regularly with other technology managers at districts in our county that all districts have closed CWS access (if they are Google Workspace districts). So, moving forward, we can whitelist specific extensions that are requested by teachers that are used for academic/instructional purposes when we have a signed CSDPA with that vendor/organization/creator.”

VUSD can approve Chrome extension requests from teachers (students cannot request them directly). The district also must consider them educational, and they can not be VPNs. The company behind the extension must also sign a data privacy agreement with the district. 

Bayless said, “School districts have a legal and ethical responsibility to maintain the safety of our students, who are minors (or in the case of an 18 year old, in our care/supervision), when on our campuses and when on our devices. Perfect/complete safety and perfect/complete unfettered access to the web are always in tension; teachers and students need a reasonable degree of access to the internet for instruction/learning, and districts need to maintain a reasonable degree of safety when students are on the internet. On this spectrum where total access and total control lie the opposite ends, VUSD now lies somewhere in the middle, in my opinion.”