U.S. Department of Education Opens an Investigation into Pasco County’s Predictive Policing Program

This post was originally released on studentprivacycompass.org, and can be found here.

On Friday, the U.S. Department of Education opened an investigation into the data-sharing practices between Florida’s Pasco County sheriff’s office and school district. First uncovered in November 2020 by reporting by the Tampa Bay Times, the Department will be investigating the school district’s partnership with the sheriff’s office, which allowed the sheriff to use student grades, attendance, disciplinary records, and aspects of their home life to identify and target students “at-risk” of criminal activity. FPF applauds the Department’s decision to investigate this concerning partnership. Any school data-sharing partnership must value student privacy and build in community trust and transparency—before the Tampa Bay Times story, parents and students in Pasco County were completely unaware of the sheriff’s practices. 

In December 2020, FPF analyzed the sheriff’s public documentation and contract with the school board, concluding that the sheriff’s office unlawfully accessed and used student records for their database in violation of the Family Educational Rights and Privacy Act, FERPA, as well as their contract with the school board. Amelia Vance, FPF’s Director of Youth and Education Privacy, was quoted in the original Tampa Bay Times article revealing the program, noting that

“The law does say school resource officers can access education records because they can be considered ‘school officials.’ But under most circumstances, they can’t share the records with the rest of the department. And they can’t use them in a law enforcement investigation without permission from a parent, unless there is a court order or a health and safety emergency.”

The Department’s announcement follows significant public outcry. Unfortunately, the Department has refused to share the letter during the early stages of its investigation. In January, Representative Bobby Scott (D-VA), Chair of the House Education and Labor Committee, called on the Department to investigate the program for FERPA violations. In his letter Rep. Scott decried the program, noting “this use of student records goes against the letter and spirit of FERPA and risks subjecting students, especially Black and Latino students, to excessive law enforcement interactions and stigmatization.”

Future of Privacy Forum Releases New Youth Privacy and Data Protection Infographic

WASHINGTON, D.C. – The Future of Privacy Forum (FPF) today released a new infographic, Youth Privacy and Data Protection 101 which provides an overview of the opportunities and risks for kids online, along with potential protection strategies. It also features young people’s voices from around the world on their preferences and attitudes toward privacy.

“We all want to keep kids safe online, but the desire to shield them from risk can also limit their access to important opportunities,” said Amelia Vance, FPF’s Director of Youth and Education Privacy. “When considering any protection strategies, policymakers must carefully evaluate both opportunity and risk in order to foster the development of a robust, thriving online ecosystem that is also suitable for kids. We hope that this infographic effectively conveys that challenge, as well as the diversity of approaches to youth privacy protections being considered and implemented around the world.”

View the infographic and an accompanying blog post here

Risks for youth online include well-known concerns such as coming across age-inappropriate content, encountering predators, and being a victim of cyberbullying or cyber harassment. Other, less visible risks include commercial exploitation through profiling and targeted marketing as well as societal shifts such as surveillance normalization, as young people may become accustomed to constantly being watched and recorded.

Of course, there are also a wealth of opportunities for youth online. With school closures due to the pandemic, many students now access their education virtually. Unable to connect with their friends and communities in person, young people rely on social media and other online tools to play, build their communities, explore their identities, and participate in civic and political forums. Online spaces are also integral to fostering creative expression and providing resources related to health and well-being.

The Youth Privacy and Data Protection 101 infographic highlights the range of strategies that governments, online service providers, educators, parents, and others can use and encourage to find that appropriate balance between protecting kids online and not limiting their opportunities. These strategies include things like limiting access to age-inappropriate content, requiring age verification prior to accessing a service, and incorporating privacy into services by default. Those strategies and others that policymakers may wish to consider are discussed in detail in FPF’s latest blog post, available here.

FPF Testifies on Maryland Student Data Privacy Bill

Amelia Vance, Director of Youth and Education Privacy for FPF, recently testified before the Maryland House Ways and Means Committee on HB 1062. The legislation proposes several updates to the state’s Student Data Privacy Act, and an extension of the Maryland Student Data Privacy Council, which Vance was asked to serve on when it was created in 2019.

While Vance applauded many of the proposed updates in HB 1062, her testimony focused on two recommended amendments: clarifying how the bill defines Operator, and the scope of the Council’s recommendations. 

Vance urged the Legislature to consider aligning the definition of Operator in the bill with the full definition as proposed by the Council, noting: 

The Council’s definition was carefully crafted to ensure that companies have adequate notice that their products are subject to this law. Some companies are not aware that their tools are used in an educational context, such as general audience services used to assist special education students. HB 1062’s current definition could compel companies to either ban the use of their products by schools, or push companies to collect and link more identifiable user data to determine whether their product is used in Maryland schools.

Clarifying the definition of Operator would also ensure that it does not unintentionally apply to other entities such as education researchers, whose work is as crucial as ever as educators look to measure learning loss and other student challenges during the pandemic. 

Finally, Vance noted that the original intent and scope of the Council is to provide expert recommendations on student privacy laws as they relate to edtech products and companies – not to schools. While the reporting requirements for County Boards outlined in HB 1062 could be useful, Vance cautioned that overly burdensome transparency requirements often end up making well-intended student privacy legislation ineffective or even counterproductive by overwhelming parents with information that doesn’t help them make educated decisions about their children’s privacy.  She recommended specifically tasking the Council, whose mandate would be expanded by this legislation, to “provide expert recommendations on this topic [to] help ensure the right balance.”

Read Vance’s written testimony on HB 1062 here and watch the testimony here (add YouTube link teed up to the right time code). For more background on Maryland’s Student Data Privacy Council, statutorily created in 2019, click here.