Slack Questions

After reading the communication thread, I think I would like to try out Slack with our team. I have a few questions though.

  1. Does anyone know if Slack has signed on to COPPA? I feel at some point, my tech crew will ask and kick us off if it did not.

  2. How do you all set permissions, and

  3. Does anyone have a sample chatbot setting we could use as a model/ jumping-off point?
    Thank you.

Edit: This may address my first question. The Harker school lists their account services vendors and Slack is on it. While they do not say they strictly work with vendors who either follow it or do not collect information, they seem to imply it.

1: coppa is a federal law, not sure what “signed on to” means in this case. slack ToS states

The Services are not intended for and should not be used by anyone under the age of 16. Customer must ensure that all Authorized Users are over 16 years old.

2: slack help article tldr you can make restricted access channels and only add x,y,z people to it

1 Like

We’re also struggling with our ‘Slack’ decision. Most recently because there are frequent enough instances where Slack has been unable to send messages, sometimes for multiple hours. The platform has become decidedly less robust in the last year and it’s impacting our team’s comms. Coupled with the inability to get a complete archive of all channels and DM’s (required by our school board); it’s a can we can no longer continue to kick down the road.

Our mentors have discussed installing a Mattermost instance on a VPS so we can be fully in control of our team comms. We have mentors who run public-facing servers in their day jobs so server admin is not an issue and we have students who are interested in learning more about that too.

But we have too much inertia to actually do it yet.

1 Like

Thank you. Most of the COPPA compliance pieces are beyond me, but as I understand it, there is a section of COPPA specific the safeguards the company will put in place in respect to data of people under the age of 18. Those standards are strict, and some companies (ADOBE is one) said they cannot guarantee they will commit to it. They are not in violation of the law if they do not follow the protocols. But the school is in violation if they offer the services to students and the company gets hacked. That is how our tech department explains it. I have asked them, but they have yet to respond.

Edit: Thank you. I did find 16 in their TOS.

Edit2: @hpeyerl That is really cool, but I think it is a bit beyond our reach at the moment. However, I will keep it in mind.

FInal edit. Their tech department did get back to me and I thought I would share for anyone else who comes looking.

We don’t yet offer the features that enable compliance with the Children Online Privacy and Protection Act (COPPA) and our tool is not for individuals below the age of 16. This is outlined in our Terms of Service here: Customer Terms of Service | Legal | Slack.

While we have a Slack for Education program set up, this discount is targeted for users above the age of 16 still. I apologise that I don’t have better news.

In NYS, any app, program, or platform that collects any personal information at all is not legal to use with students, by classroom teachers or extracurricular advisors/coaches. Companies have to sign on and commit to not collecting that sort of data before any NYS team can use the app/program/platform, and any teacher/advisor/coach caught using such things anyway risks discipline up to and including firing and revocation of their teaching license. This is new legislation as of this past summer.

Other states will of course vary in this regard, but it really, really, REALLY behooves you to know what the laws and education statutes are in regard to this sort of stuff before using any program or app.

1 Like

so like, side questions: how do they do remote learning? google docs etc, canvas, all that stuff collects some kind of personal info? heck, even emails, or services like remind. How is a teacher expected to stay in contact w their pupils remotely? seems like a case of the people making the laws not understanding the tech imo

i’m all for privacy, but imo the right move would have been mandating the deletion of data within x months of graduation or similar.

3 Likes

Our school went through the same issue. We weren’t allowed to use slack because we couldn’t disable direct messaging, and their ToS says no one under 16. The main reason was that we couldn’t have a school-provided communication platform that didn’t monitor direct-messaging, especially if there were adults (our mentors) on the platform that weren’t hired by the school.

We switched to something called MatterMost. It’s basically Slack, but open source - they even market themselves as the “alternative to slack.” We set up our own server and we control the data. All we had to do to make our tech team happy was write a script so that any and all messages are sent to the guidance counselors once every day so that it goes through the security system. It has its quirks, but it works great for what we do!


Under the Manage Members tab, you can set workspace admins and members. To control what they can each do, go under Workspace Settings.

I’m not exactly sure what you mean by a sample chatbot setting, since that’s pretty much what slack is on its own. If you hover over ‘Channels’ on the left hand side, you can add channels for whatever subteam, project, etc. you’d like.

Thank you all. I did a bit of research, and your responses combined with those from Slack leads me to believe we will not be able to use it.

A bit of info and clarification about what I was asking. I did some research, and when I asked about COPPA agreement, that, for us, is irrelevant since COPPA only affects students under the age of 13. Though some teams (even us in the past) have members this young, they cannot access most of the tech tools we use (other than Google Classroom due to COPPA).

It seems when our tech department says “They did not sign the COPPA agreement, therefore you cannot use their product” what they are really talking about is the SPDC. Because of RSA 189:66(HB1692) , the school is required to enforce that we only have apps that comply with the SPDC’s requests which are pretty much exactly what @zxsq suggests (and then some of course). Anyway, tldr, Slack did not sign it because as has been said, to sign it implies they would abide by FERPA rules, which they cant for people who are between the age of 13 and 16.

For me, the real piece even if legal did not get in the way is the inability to limit and monitor private messages. I feel that in it of itself is a non-starter. Thank you for your help. I will look into MatterMost, but I do not know about running a server right now on top of everything else.

Google is compliant with Gmail, Classroom, Docs, etc, etc. So is Zoom, and Microsoft’s Zoom-clone, whatever that’s called.

A huge majority of online apps agreed to the terms and explicitly signed off on them; some explicitly did not.

(Please note that my “expertise” in this regard ends exactly at what I’ve been told by my administrators vis-a-vis what I’m allowed to use and why.)

1 Like