If so much edtech is bad, how do K-12 LMSes rate?

How do K-12 LMSes like Edsby compare?

Researchers warn a lot of edtech doesn’t measure up

For years, educational technology apps had been widely assumed to be beneficial. But there’s been a recent flurry of research suggesting not all are doing their job… with many edtech systems characterized in recent months as unsafe, some even exploitative. So how do the most well known learning management systems (LMSes) in K-12, including the popular Edsby social learning platform for K-12, stack up?

Data privacy and efficacy

A new report from LearnPlatform, just published as of this writing, asserts that only 25% of the most popular edtech products are effective—i.e. deliver clear, quantifiable value—and interoperable. Abstracting the report, an article from District Administration wrote:

Only 19% of edtech apps received a “pass rating” from Common Sense, an organization that seeks to make such technology safer and more equitable, while 42% received a “warning rating.”

How are the most popular learning management systems in K-12 rated by Common Sense? Here are the org’s current ratings as of this writing. Higher is better:

Platform Common Sense Link & Rating Common Sense assessment
Edsby 93% Pass
Canvas 71% Warning
BrightSpace 80% Warning
Schoology 50% Warning
Moodle 43% Warning
Seesaw 84% Pass


The same District Administration article above writes most edtech isn’t interoperable, according to the same report’s data.

Using five indicators of interoperability from two trusted organizations, the report suggests most apps miss the mark in this area.

1EdTech standards:

8% are Common Cartridge certified.
8% are LTI Advantage certified.

Project Unicorn standards:

27% have signed the Project Unicorn Interoperability pledge.
Only 5% have earned Project Unicorn’s Interoperability Certification.

How do popular K-12 learning management systems rate on these interoperability criteria? Here’s how each currently stands up:

Platform Common Cartridge certification LTI certification Project Unicorn signatory Project Unicorn certification
Edsby No Yes Yes Yes
Canvas Yes Yes No No
BrightSpace Yes Yes No No
Schoology No Yes Yes No
Moodle No Yes No No
Seesaw No No Yes No

Marketing student data to advertisers

In May, 2022, Human Rights Watch published a study asserting that many edtech companies exploit children’s data for advertising revenue.

Of the 163 EdTech products reviewed, 145 (89 percent) appeared to engage in data practices that put children’s rights at risk, contributed to undermining them, or actively infringed on these rights … Most online learning platforms installed tracking technologies that trailed children outside of their virtual classrooms and across the internet, over time …

Most online learning platforms sent or granted access to children’s data to third-party companies, usually advertising technology (AdTech) companies … Access to these insights could then be sold to anyone—advertisers, data brokers, and others.

The biggest platform of risk here is Google Classroom, used by some educators as a lightweight LMS. Google has a 10 year history of improper management of student data. For example, see this, this and this. Educators who use products from Google do so at their and their students’ risk. Google is the largest media company in the world with a business model to monetize the data it assembles. As a result, some jurisdictions have moved to prohibit their educators from using Google products, such as all schools in Denmark, the Holland region of the The Netherlands, and Germany and France (the latter two of which have banned Google AND Microsoft’s cloud-based products for education.)

No mainstream learning management system shares information with advertisers. LMSes are generally intended as closed, private platforms, supported by annual licensing fees paid by educational organizations. An exception was the free, but now-defunct, Edmodo, which actively marketed its 100 million users’ data to ad partners and even subjected users to ads in its platform as its primary revenue model in later years.

As a leading K-12 LMS provider that makes it clear it does not monetize student data, Edsby includes the following language in its Services Privacy Policy: “Edsby Service usage data is never collected by a third party, hosted elsewhere or shared with other parties or monetized. We do not sell your Personal Information or the content you provide. We do not subject users to any advertising, contextual, personal or otherwise. There is no marketing to opt-out of, as the company does not send marketing messages to end users. Edsby does not make offers to end users like sweepstakes or contests. And we do not sell, rent or otherwise share any Personal Information with any third party that does.”

Data sharing with other parties

In December of 2022, Internet Safety Labs published a report scoring 96% of all apps used in schools as “do not use” or “high risk”, primarily for sharing children’s personal information with third parties without the knowledge or consent of users or schools.

Of these apps, an article by THE Journal referencing the report wrote:

74.9% of the apps tested were scored “very high risk” for having SDK components that were “likely to share data with high-risk entities,” ISL said.

The SDK (“software development kit,” or pre-built tools that provide a software developer with shortcut features that they don’t have to build themselves) most criticized by the ISL were Google SDKs. The top five SDKs used most widely in edtech investigated by the ISL were from Google, which it characterizes as a high-risk entity given its poor record of student data handling. Google’s Firebase Analytics SDK was the top SDK used, with 67% of all apps found to be using Firebase Analytics.

Mainstream LMS users, or prospective customers, should ask their vendor whether their products incorporate the Google Firebase Analytics or other problematic SDKs.

For its part, Edsby discloses the following: “[We ensure] any software libraries used in our application are never sent Personal Information. For example, Edsby uses Google Firebase Cloud Messaging (FCM) for push notifications, but Edsby Services never send private information in notifications, simply using them to redirect the user to the secure, authenticated Edsby Services. We only use the minimal Firebase messaging toolkit, and do not engage Firebase’s analytics or wider features. Nor does Firebase ever get associated with a user’s Google account. And while Edsby uses Google’s ML Kit for QR code scanning in our mobile apps, processing is fully on-device and we ensure any data available to ML Kit is anonymous and de-identified.”

In conclusion

There’s understandable scrutiny of edtech applications today, and for good reason, according to the three latest reports cited above.

In K-12, student data must be held sacrosanct. It’s the law in most developed countries. If the applications you’ve chosen, or are considering, aren’t transparent and convincing about their handling of student data, demand to work with a vendor that is.