Recover stolen Chromebooks. Without surveilling the ones in use.
A kiosk Chrome App that auto-launches only on Chromebooks an administrator has marked stolen. Captures location and screenshots to assist law-enforcement recovery. Never touches devices in normal use. Never opens the webcam. Ever.
Districts lose Chromebooks every week. Most never come back.
For a 5,000-device district, even a 1% loss rate is 50 devices a year. The industry default is to deprovision and write off the loss — because the alternative was always either a webcam-spying surveillance app the family can never trust again, or no recovery at all. We built a third option.
How recovery works
Four steps. The thief never sees the seams. Districts stay in control end-to-end.
Admin marks stolen
From the device detail page in the UAG dashboard. Records reason, reporter, optional police case number. Audit-logged.
Device moves to /StolenDevices
An OU with sign-in disabled and the kiosk app set to auto-launch. Effective on next reboot — usually within minutes.
Kiosk launches, captures begin
In covert mode, the kiosk presents a normal-looking browser surface. In visible mode, a "return to school" banner. Either way: location and screenshots stream back to your dashboard.
Recovery — or purge
Real recovery: data archives for 30 days then purges. False positive ("kid borrowed it"): one click purges the captured data immediately.
What Theft Recovery never does
The privacy story is the product. Every restriction below is contractually committed in our Data Processing Agreement, Article 6.5.
No webcam capture
The kiosk does not request, declare, or hold the camera permission.
Search the source — zero references to mediaDevices.
No keystroke logging
No global keyboard hooks, no input event capture, no IME interception.
No surveillance of in-use devices
The kiosk app physically cannot launch on a device outside the /StolenDevices OU. Devices in normal use are unreachable.
No persistent local storage of captures
Screenshots and location relay to your tenant in real time. No sensitive data is left on the device.
No retention beyond 30 days
Hard ceiling. Earlier purge on recovery confirmation, immediate purge on false-positive recovery.
No third-party data sharing
Captures live in your tenant only. We are a processor, not a controller. No analytics resale, no model training.
Already using GoGuardian Beacon?
You can reasonably do both. The honest comparison:
Where Theft Recovery is different
- Activates only on stolen-marked devices, not the whole fleet
- Webcam permission is not declared in the manifest
- 30-day retention ceiling, with a "purge on false positive" path
- Auditable in-product: every dispatch writes to your activity log
- Bundled with the rest of UserAuthGuard's device management
Built for the K-12 procurement gauntlet
Pre-signed paperwork. The same DPA covers the rest of UserAuthGuard, so legal review is one round, not three.
FERPA
Education records covered under §99.31 school official exception.
COPPA
Captures are device-bound, not user-bound. No collection of children's PII.
SDPC NDPA
Standard student data privacy addendum compatible.
State laws
Aligns with NY Ed Law 2-d, CA AB 1584, IL SOPPA, NJ NJSA 18A:36-35 et al.
Ready to stop writing off stolen devices?
Pilot rollouts run 30 days, no commitment, with white-glove setup of the /StolenDevices OU on your district's Google Workspace.