E-learning in Greece: While our children were accessing Webex, Cisco was entering our lives

“We are ready: Distance learning begins. We support the teaching community with technologically advanced tools”.

Those were the introductory phrases of a press release, issued by the Hellenic Ministry of Education and Religious Issues, on March 13 2020, the day when hundreds of thousands of Greek families entered the era of distance learning. That is about 1.5 million people -students and teachers.

In the same press release, the Ministry also thanked Cisco, Google and Microsoft for kindly offering their platforms -free of charge- for the purposes of distance learning.

The agreement between Cisco and the Greek Government

In the case of Cisco though, as NEWS 24/7 reported last Monday, the offer might have been “kind”, but it definitely wasn’t free of charge, as the tech company not only received 2 million euros for Cisco’s “Webex for Education” user license (which was paid for by the ministry of Digital Governance), but it also gained access to the personal data of more than 1.5 million Greek citizens, being allowed to use them freely for an indefinite period of time.

Beyond the -quite obvious- illegitimate technicalities, like the fact that Cisco’s donation was personally accepted by the minister, Niki Kerameus, without being published, this agreement -resembling more a private agreement than a public procurement document- has affected the lives of Greek families in various ways.

The data Cisco obtains

Families with children attending public elementary schools, were notified a year ago to create an account on the Cisco Webex platform, in order to be able to attend classes while at home. When the kids logged on to the Webex platform they gave access -as provided for by the Greek government’s agreement with Cisco- to more important data than just their name or age. They provided Cisco with two of the most essential metadata elements: a. their MAC address, the serial number for every device connected to the internet and b. their IP address, their internet protocol address. These two are responsible for every last trace we leave behind during our internet activities. These can reveal our favourite webpages, the amount of time we spent on them, our on-line purchases, even, under certain circumstances, our geo-location. It is a data-treasure that can lead to extremely valuable conclusions for their owner.

In the Greek government-Cisco case, the tech company gained access to a great number of devices -some estimate it at around 80% of all digital devices in the country- since it is very likely that children use more than one device in order to attend e-classes.

Furthermore, these metadata continue flowing towards Cisco even after classes have ended, transferring information and personal data that can be used to create patterns extremely useful for digital marketing of all sorts. From a pair of shoes you searched for, and the news outlets you prefer that affect your political behaviour, to those weird friend requests after you visited a porn site.

There are many dark areas in the agreement between Cisco and the Greek Ministry of Education. What we have already seen is just the tip of the iceberg. The ongoing research will shed some more light on the question whether the Greek state acts as a personal data broker, in exchange for “emergency” services, like those used for distance learning during the pandemic.