FPF Offers Input on Massachusetts Student Data Privacy Proposal
On October 30, FPF provided testimony before a hearing of the Massachusetts Joint Committee on Education regarding H.532/S.280, an Act Relative to Student and Educator Data Privacy.
Our testimony focused on highlighting relevant FPF resources for policymakers (including a case study on student privacy in Utah, our state student privacy laws tracker, and a series of student data privacy ethics training scenarios), and sharing our thoughts on both things we believe the bill does well, as well as recommendations for changes and improvements.
FPF’s Director of Youth & Education Privacy, David Sallay, discussed his previous experience as chief privacy officer for the Utah State Board of Education and applauded policymakers for calling for the creation of a similar role in H.523/S.280. During the hearing, he also highlighted how the role could help address several of the other bills that were discussed, including providing support to rural schools and to Massachusetts’ educator-to-career data center. By designating privacy-focused personnel and requiring training, Massachusetts has an opportunity to improve structure, transparency, and consistency for schools, districts, and parents.
FPF’s testimony also included several recommendations and improvements, including expanding the bill’s student data privacy training requirements beyond educators, as procurement, IT, and other administrative staff often also have access to covered data. One component of the bill that will likely prove to be controversial is the broad private right of action included in the enforcement provisions. We expect this to be the subject of continued discussion and debate in the legislature. Citing his experience in Utah, David noted that granting the chief privacy officer role the authority to investigate alleged violations of student privacy laws, could help streamline and simplify enforcement.