Endlösung Wrote:
-------------------------------------------------------
> Wonderful. A database of children.
"Wonderful" indeed. :-/
So we hafta ask, what assurances do parents, PTA/Os, and FCPS have that the information that parents put into Booster's web site is secure?
Does Booster's web site undergo some sort of security analysis?
Or maybe we're just relying on the threat of immediate cancellation of the central FCPS-Booster contract to motivate Booster to keep their web site secure?
From the contract (bolding mine)...
1.6 The Contractor shall maintain the confidentiality of all personal information obtained as a
result of providing services under this contract. Personal information includes, but is not
limited to, name, address, phone number, work/school location, etc. [...] Failure to comply
with this requirement will result in immediate cancellation of this contract.
(Link to contract:
http://www.fairfaxcounty.gov/cregister/ContractDetails.aspx?contractNumber=4400003780 )
Well, whatever we're relying on,
it's not working.
Attached is a copy of a kid's funrun.com page from a while back where we see the child is identified as "Kaylee C".
But her last name was revealed either by clicking on the Email link at the top-center of the page, or - if your browser isn't set up to launch
an Email app - by viewing the HTML (aka, Page Source) by pressing ctrl-u. In this attachment, I've replaced the girl's family name with X's.
An FCPS principal let Booster and the FCPS Office of Procurements know. This problem was later remedied.
Here's the link to the kid's page as it exists now at funrun.com:
https://funrun.com/sponsor/a6e4b79384c682a557a87a8c8e2e1bed07682c6d
(She's a student at Lemon Road ES.)
(Some elements of my attached web page are missing because the page is not coming from the same web server as those elements, not because I was overzealous with my editing.)
No word on whether the status of the contract has been duly altered.
Also, I have no update on what happened to the other issues referred to the FCPS Office of Contracts and Procurements for possible enforcement action:
http://www.fairfaxunderground.com/forum/read.php?2,1687747,1806814,page=2#msg-1806814
I'm not anti-Booster Enterprises, believe it or not. And I get that revealing family names may have been an oversight on Booster's part.
But what message would it send if FCPS gives Booster a "pass"?
"Children should not be the primary means of soliciting within fundraising activities."
"The anticipation of a successful fundraising event should not cloud the judgment of the PTA or be exploited by those outside the PTA who may have something to gain privately."
"And children should never be exploited or used as fundraisers."
National PTA - http://www.pta.org/mobile/OCArticle.cfm?ItemNumber=4192
" The regular school day schedule should not be disrupted, nor should the children be expected to give up their free time"
" A PTA or PTSA is not a moneymaking or money-raising organization."
" Material aid to the school is not the function of a PTA or PTSA."
VA PTA - http://www.vapta.org/new-unit-document-package/doc_download/2345-section-04-financial-management.html (PDF)
Boost the Children
Attachments: