Parents Rights To Student Data Privacy

FUTURE OF PRIVACY FORUM INTRODUCES DIGITAL GUIDE TO EQUIP PARENTS WITH KNOWLEDGE, UNDERSTANDING OF LAWS GOVERNING STUDENT DATA USE AND PRIVACY

New Website Developed in Partnership with National PTA, ConnectSafely.org

 

WASHINGTON, D.C. – Monday, April 27, 2015 – As the digital revolution continues to transform students’ learning, how teachers instruct in classrooms, and the way schools gather pupil data and information to improve education, the Future of Privacy Forum (FPF) today unveiled a new, timely web resource to provide clear and straightforward overviews of parents’ rights to student data under the various relevant federal laws in effect.

 

“A Parent’s Guide to Student Data Privacy Rights”, developed and published in partnership with the National PTA and ConnectSafely.org, is a valuable tool for parents seeking answers and guidance related to major federal laws on education privacy, such as the Family Educational Rights and Privacy Act (FERPA) and the Children’s Online Privacy Protection Act (COPPA), as well as other laws and policies. It is also designed to help parents better communicate on these topics with teachers, schools and school districts.

 

“As data and technology use expands to improve educational outcomes, the focus needs to stay on parents and students, and it is essential for parents to understand how their children’s information is being handled and used,” said Jules Polonetsky, Executive Director, FPF. “We developed this guide with the National PTA and ConnectSafely to help parents understand the laws that protect student data and their rights under these laws.  We live in an increasingly connected world, but whether the information is online or on paper, the basic privacy and access rights remain the same.”

 

The free, digital guide also includes a list of additional resources on topics related to student privacy from organizations such as:

 

 

Some of the common questions that are answered in the guide include:

 

 

“Technology and the Internet are powerful tools for teaching and learning, but at the same time, it is imperative that students’ academic and personal information is protected,” said Otha Thornton, Jr., President, National PTA. “It is a top priority of National PTA to safeguard children’s data and make certain that parents have appropriate notification and consent as to what and how data is collected and used. National PTA is pleased to collaborate with the Future of Privacy Forum and ConnectSafely.org to bring the Parents’ Guide to Student Data Privacy to families nationwide to ensure they are knowledgeable about the laws that protect student data as well as students’ and parents’ rights under the laws.”

 

“As schools increase the use of technology and student data, parents have privacy concerns regarding their children’s information,” said Olga Garcia-Kaplan, parent and advocate for student data privacy. “This guide provides a clear and concise explanation for parents to understand their rights and laws that are in place to protect their privacy.”

 

The guide is part of FPF’s “FERPA|SHERPA” website, which provides service providers, parents, school officials, and policy makers easy access to laws, best practices, and guidelines that are essential to understanding privacy issues in education and how to responsibly use student data.

 

About Future of Privacy Forum

The Future of Privacy Forum (FPF) is a Washington, DC based think tank that seeks to advance responsible data practices. The forum is led by Internet privacy experts Jules Polonetsky and Christopher Wolf and includes an advisory board comprised of leading figures from industry, academia, law and advocacy groups. For more information, visit fpf.org

 

Media Contact

Nicholas Graham, for Future of Privacy Forum

[email protected]

571-291-2967

Rise of the Drones

This morning, the Center for Strategic and International Studies presented a panel conversation on some of the challenges – and opportunities – around domestic drone use. After following the issue for years, it would appear that drone policy’s day has finally arrived. According to the FAA, nearly 4,500 comments were submitted in response to the agency’s proposed rulemaking for drones, or unmanned aircraft systems (UAS), and the NTIA received over 50 comments specifically on privacy issues around drones.

While the Future of Privacy Forum continues to think about how best to address these issues, there is little question that domestic and commercial drone use offer tremendous societal benefits. At the panel, Brian Wynne, President of AUVSI, a leading robotics trade association, explained that drones will create over $83 billion in economic activity in their first decade, and promise to generate tens of thousands of jobs. Wynne suggested that it is “almost impossible to anticipate all the different ways we can utilize UAS moving forward.”

Even the ACLU’s Jay Stanley, who remains concerned about law enforcement’s eagerness to use drone technology, admitted that drones could be a “generative technology” in the private sector.  He noted that privacy issues on the commercial side are incredibly complicated, not only implicating the First Amendment but perhaps lacking the sort of privacy-invasive incentives that could exist in law enforcement. Indeed, his “nightmare scenario” is a world where drones could be used for persistent surveillance, while members of the public, including journalists and entrepreneurs, will be hamstrung in their ability to use UAS technologies.

Stanley applauded the “outpouring” of interest on privacy with drones. He echoed notions that drones are more salient among the public. “It’s not hard to see the privacy issues with a drone with a camera on it,” he said. “Things like big data are more abstract.”

Adam Cox, from CSIS and an advisor to DHS’ Advanced Research Projects Agency (HSARPA), suggested that privacy and drones presents a “technically sexy problem.” “A lot of people are interested [in the technology],” he explained, and because drones allow everyone to engage in flight, “people are going to want to put new things on this.” He encouraged technologists to work hand-in-hand with policymakers, recommending both geofencing solutions and education efforts toward both manufacturers and operators of drones.

On that front, the Future of Privacy Forum is eager to engage. Last week, we filed comments with the NTIA on our thoughts on privacy and domestic drone use. A wide variety of individuals and organizations also submitted comments ahead of a new drone privacy multistakeholder effort, and it is clear that there are a number of ideas in play for how to address data collection and use by drones, as well as the address public concern about a loss of privacy from above.

In addition to several procedural recommendations, our comments focus on the value of transparency and training to address privacy concerns. We recognize that drones present different types of transparency challenges, both in terms of general practice and then individual drone flight. In both instances, we support conversations about what sort of information could be communicated to consumers in a way that does not place significant burdens onto individual UAS operators. Further, while drone operation will require at least some degree of safety training, we are hopeful some type of privacy training can be incorporated into that.

As today’s panel and all these comments suggest, there is much work to be done to figure out how general privacy principles can be applied to a diverse array of UAS technologies. While we support a technology neutral approach, it is clear that consumers, businesses, and policymakers all need to have a voice in determining how commercial drones can and should take flight.

-Joseph Jerome, Policy Counsel

FPF Senior Fellow Peter Swire Provide Comments to the FCC on Broadband Consumer Privacy

Later today, Peter Swire, FPF Senior Fellow, will participate at the FCC’s public workshop on broadband consumer privacy. He also prepared written comments expanding on his thoughts. Professor Swire summarizes his research as follows:

First, I examine the effect of the Section 222(a) definition of “proprietary information” as compared with the Section 222(c) definition of “customer proprietary network information.” (CPNI) My conclusion, based on some analogous provisions from HIPAA and GLBA, is that the Commission should be cautious about founding any additional regulatory requirements under this proceeding based on the language in 222(a).

Second, I examine the intersection of privacy and competition law, drawing on my previous writings in the area. New entry into online advertising, including by broadband providers, could be a new source of competition on privacy attributes. My recommendation to the Commission is to consider the effects of this potential competition on privacy and other non-price aspects of competition, along with price aspects of competition, as part of the overall assessment of how to govern the use of CPNI for broadband providers.

Third, I address priority uses of information that I believe should be permitted in the CPNI context. Although I do not seek to create a complete list of possible exceptions to the general CPNI rule of consumer opt-out, I do emphasize three areas where an opt-out is not generally appropriate – anti-fraud, cybersecurity, and research on network usage. I also analyze the role of de-identification and aggregate information under Section 222, suggesting strategies to preserve the utility of de-identified and aggregate information while protecting privacy. In this discussion, I do not take a position on whether a rules-based, principles-based, or other approach should be adopted by the Commission. Instead, I emphasize that important interests such as anti-fraud and cybersecurity should be taken into careful consideration in whatever approach the Commission pursues.

He concludes that translating Section 222 privacy protections to the broadband sector is far from a simple task, noting the “considerable technical and market differences from the telephone market governed by the 1996 CPNI rules.”

Professor Swire’s full written comments are available here.

Future of Privacy Forum Releases Statement on FTC's Settlement with Retail Tracking Company

“Today’s settlement by the Federal Trade Commission with Nomi, a mobile location tracking company, demonstrates the need for companies with emerging technologies to be clear about the choices they provide consumers”, said FPF Executive Director Jules Polonetsky.

The need for transparent privacy policies in the field of mobile location analytics was the genesis behind the development of FPF’s Mobile Location Analytics “Code of Conduct”. Signatories of this binding set of privacy principles must provide consumer with clear opt-out options for tracking by MAC address or similar identifiers.

Consumers can easily and quickly opt-out of mobile location analytics by entering their device’s Wi-Fi or Bluetooth MAC addresses at www.smart-places.org.