Is Student Data Privacy the New Black?
Student data, education and privacy are not new topics, but in 2014 we seemed to debate them everyday. Has student data privacy suddenly become fashionable? Maybe. It certainly dominated the headlines and students and parents are now central participants in the conversation.
So what happened to make Student Data Privacy the “it” thing?
Possibly the biggest story of the year was inBloom’s collapse. inBloom stood to be an efficient, scalable and economic solution for school districts that did not have adequate infrastructure for hosting and managing student data. Arguably the most misunderstood project in 2014, inBloom shut its doors in April. Was student data privacy saved? I don’t think so. Underfunded schools continue to lack the resources wealthy districts have when implementing student dashboards. And while inBloom closed, most school districts are still struggling with the same privacy concerns that existed before inBloom appeared on the scene.
Google began the year wrapped in controversy when we read how they were “data mining” student emails sent through their Google Apps for Education package. There was a lawsuit, but most importantly, Google changed their Terms of Service and stopped scanning emails for the purpose of targeted advertising. This is positive news particularly in light of the New York City Department of Education’s recent announcement that it had approved the use of Google’s Chromebooks for use in the city’s public classrooms. That is about 1.1 million students in NYC using Google products. With so many students using Apps for Education parents need to be assured their children’s emails will not be used for any other purpose other than what the school environment calls for.
New York state also contributed to the debate in 2014 by appointing the first State Chief Privacy Officer for Education. This was big news and it ought to be a valuable resource for parents and schools. Uniform best practices across the state should certainly benefit most students. However, here’s the rub, NY still doesn’t have a permanent appointee to the position. So we must wait and see. New York also issued a Parent’s Bill of Rights for data privacy. Unfortunately it fails to dig into the issues of data ownership, opt out consequences and parental consent for certain data collection. But it is a step in the right direction, and I am hopeful that during the year to come NY’s CPO will clarify the many questions surrounding the handling and protection of student data.
Even lawmakers paid attention. In 2014, 110 education data privacy bills were introduced and 28 were signed into law. Most noteworthy, California’s Student Online Personal Information Protection Act was called the first law in the nation to strengthen privacy protections for the personal information of California students and permit innovation in education and technology. Senators Edward Markey (D-Mass) and Orrin Hatch (R-Utah) introduced the Protecting Student Privacy Act, an effort to update the 40 year-old FERPA student privacy law. Not without controversy, some argue the bill is not strong enough, others argue it is unnecessary to revamp FERPA. Unfortunately, the bill has not moved, remaining in the “let’s see what happens” stage. And though the federal Department of Education issued guidelines on student data privacy, most answers in the guidelines boiled down to “it depends” and we’re still trying to figure it out.
In 2014, ed-tech companies were debated, attacked and praised. Most didn’t think they were doing anything wrong until parents brought their concerns to their attention, forcing them to take a closer look at their privacy policies.
In response to that, the Student Data Privacy Pledge came into being. Once again, not without controversy. An initiative from the Future of Privacy Forum and the Software & Information Industry Association, the pledge commits service providers to the secure handling of data for K-12 students. While some privacy advocates argue the Pledge is a mere PR move because it is not a legally binding document, I’d argue that if companies violate their own public representations they would be subject to enforcement by the Federal Trade Commission for deceptive trade practices. So there’s that.
Near and dear to my heart the website FERPA|Sherpa was launched, aimed at providing a one-stop shop for education privacy-related information of interest to parents, schools, education service providers and policymakers . And I started to write my blog (shameless plug) which has allowed me to dig and opine on topics of great interest to me.
There was a lot of discussion of student data privacy in 2014. It does seem this was the year student data privacy became fashionable. I hope it’s a trend that is here to stay. A timeless classic…