I'm sorry I have to disagree.
Just because something is designed for business does not mean young people will not use them. Their "fun" and "exciting" branding guarantees appeal. I can pretty well guarantee they will become a problem of some sort in schools.
"One could argue that leaving your always-password-protected poken lying around would be far less damaging than a stray mobile phone full of sensitive data" No - once contact has been made between the two pokens, as I understand it, the two users information is then exchanged and by going on the internet the users have access to the other person's data.
You are assuming that the device will always be used in "friendly" situations... ... it is too easy for the devices to be used without one party's consent. Once that private information is exchanged there is no way out and no way of saying "no, actually I don't want that person to have my details"
Meeting face-to-face does not make this Child Protection friendly. Child abusers groom by winning a youg person's trust and by finding a way of making themselves a constant in every aspect of the young person's lives.
In my view the process should be as follows:
Pokens touch and exchange tags
Pokens are connected to the internet by their respective users.
At this point, the user should be asked, for each individual contact, whether they give permission for the other person to receive their contact details.
If this is refused, the contact is dropped, otherwise the information can be exchanged.
This means that when Teacher A connects his Poken to the internet and sees that Student B wants his information and the teacher can deny that information being passed on.
Similarly, Student B can deny his information going to School Bully D.
What I object to is that once these devices have made contact the exchange of information is the default... there is no going back before the exchange of details.