Not long ago, Google came under fire for collecting student data through both Chromebooks and their suite of education apps. Skeptics wanted to know why the data was being collected and what would be done with it, as well as what was being done to protect it. With all this going on, Google quietly gave their Play For Education suite the axe, though that was supposedly unrelated to the controversy. United States Senator Al Franken decided to send a letter to Google personally asking for some answers. Google's reply came in a letter dated February 12, where they clarified some of their policies regarding student data collection and the reasons the data is collected.
For the core services in the Google Apps For Education suite, such as Gmail and Drive, data is collected any time a student is signed in, whether using the services or not. The data collected only includes basic things like the IP addresses of devices accessing the service and the student's name and email address on the service. This data is not used for advertising, but rather for Chrome Sync, which allows a student to sign into any Chrome browser or Chromebook and instantly make it feel like their own. As far as disclosure, school administration can ask for the data. Beyond the core services, when using things like YouTube and Maps, Google keeps data that the student gives to Google, along with things like hardware model and usage data for the apps, such as YouTube viewing history and Maps search history. Most GAFE services don't show ads at all and those that do are not targeted. This means that any data Google receives that it knows is from a K-12 student is never used for advertising.
On a Chromebook, data collection is similar to use of Google services on any other platform, aside from anonymous usage statistics and crash reports. The data collected is used strictly to enable student and teacher access and collaboration to the services, in essence; the anonymous data collected on Chromebooks is used to improve Chrome OS. Data is only shared with third parties as required by law or at school administration's request. Google also detailed their processes for securing user data that is sent unencrypted over GAFE, and clarified that this data remains as private and secure as any other GAFE data they receive. This clarification may not be enough for hardcore critics of the service, but Google appears to be in the clear, according to applicable law.