Your Child's AI Tutor Is Watching: The EdTech Data Crisis Nobody Wants to Talk About

The law that was supposed to protect children's data online was written in 1998, when Google didn't exist. EdTech has spent 25 years finding the gaps. In 2023, Epic Games paid a $275 million FTC settlement for COPPA violations — the largest in history. But in the broader landscape of children's data collection by educational technology platforms, it was a relatively modest case. Epic collected data to sell games. EdTech platforms collect data to understand children's minds — their learning styles, cognitive patterns, emotional states, attention spans, and behavioral tendencies — inside schools, with legal cover that COPPA explicitly provides, often without any meaningful parental awareness. What COPPA Actually Says (and What It Misses) The Children's Online Privacy Protection Act (1998) prohibits collecting personal information from children under 13 without verifiable parental consent. For the internet of 1998, this was reasonable. For AI-powered EdTech in 2026, the gaps are enormous: