Privacy in Higher Education: A Conversation with Sara Collins


Innovation in higher education is increasingly fueled by data. From financial aid applications, to online classes, to student success initiatives, college students provide an extraordinary amount of data to schools, companies, and the government. This data provides unprecedented insights into student behavior, and colleges are using it to shape curricula, processes, and services to meet students’ needs.

In this week’s edition of FPF at 10, Sara Collins explains how data continues to transform the higher ed landscape, and why sound privacy practices are needed to ensure a safe, enriching academic experience.

Our 10th anniversary celebration will be on April 30. RSVP here.

Sara Collins is a Policy Counsel on FPF’s Education Privacy Project focused on higher education. While K-12 student privacy is the subject of much proposed legislation and public debate, less attention is focused on higher ed, which Collins hopes to change.

What drew you to the world of higher ed privacy? Which questions were you interested in exploring?

Prior to joining the Education Privacy Project, I was an attorney at the Department of Education’s Federal Student Aid in the Enforcement Office, and prior to that I was the Legal Director at Veterans Education Success. Both of my prior jobs involved analyzing how well colleges were serving their students, and that could only be done with comprehensive and accurate data. Our higher education system is fueled by data, and one persistent question that has shaped my career is, “How can we use this data to improve students’ education experience? “FPF recognizes that using data can change higher education and make it more beneficial for students, but also wants to answer the question: “How do we meaningfully protect student data?”

Why is it important to think of college students as a distinct population when it comes to data privacy?

Colleges and universities have massive amounts of data on their students. We don’t talk about this enough, but most modern college campuses have turned into miniature smart cities. Not only are schools increasingly using Massive Open Online Courses (MOOCs), which depend on data collection, often by third-party vendors, to run efficiently, but the infrastructure of campuses is full of new systems that collect data. When used correctly, this information can assist colleges in determining what capital improvements to make, managing traffic on campus, or improving graduation rates. But school administrators and third-party contractors must be aware of the challenge of collecting that data in a responsible manner and safeguarding it once it is collected. As we move forward, FPF hopes to put out more resources to help both schools and ed tech vendors manage these systems with an eye toward privacy and security.

How is FPF helping to provide these resources, and what privacy developments in higher ed will unfold in the next 10 years?

We regularly hold student privacy bootcamps for small and startup ed tech companies to provide training on privacy laws, best practices, and advocates’ concerns. We also run a higher education privacy working group to explore privacy concerns related to predictive analytics, big data, ethics, and data infrastructure in higher education. FERPA|SHERPA has other resources for higher ed officials, companies, and policymakers.

As far as the future is concerned, I imagine we’ll see major developments with regards to Title IX proceedings.

Title IX proceedings often involve highly sensitive data raising the question of how to balance due process, privacy, and transparency. And with the Department releasing new draft regulations, this conversation will only become more important.

Beyond Title IX, I think universities, companies, and the government will have to grapple with what privacy is and why it matters. For instance, federal initiatives like FSA Next Generation and the Pell Grant program mandate data collection. However, Federal Student Aid has not provided much transparency into its data collection, use, retention, and destruction practices. In April of 2017, FSA experienced a hack of its online FAFSA tool, which took them months to resolve. The lack of communication from FSA, as well as its cavalier attitude toward the data they collect, have forced students to make the choice of either getting money for their education or safeguarding their data.

As universities and colleges continue to grapple with how to best integrate technology in education, they will need to determine how to measure privacy harms, how to centralize administration of their sprawling data collection systems, and, above all, how to harness the potential of new technologies to enrich the lives of students under their care and instruction.