The Top 10: Student Privacy News (May – June 2017)

The Future of Privacy Forum tracks student privacy news very closely, and shares relevant news stories with our newsletter subscribers.* Approximately every month, we post “The Top 10,” a blog with our top student privacy stories.

The Top 10

1. FPF has relaunched FERPA|Sherpa! The site now includes:
   • Revamped sections for parents, schools and districts, ed tech companies, and policymakers;
   • New sections for students, educators, state education agencies, and higher education privacy;
   • A chart of all state student privacy laws passed since 2013;
   • A searchable resource bank with over 400 education privacy resources, allowing reference searches by who the resource is aimed at, the type of resource, and tags like “FERPA” or “parental rights”; and
   • Weekly blogs from a variety of contributors, including educators, teachers, parents, companies, and other stakeholders. So far, our blogs have focused on “Effectively Communicating Student Data Privacy to Parents;” “From Teacher to Entrepreneur: Lessons Learned about Data and Privacy;” “There Can Be No Privacy Without Security: Emerging Lessons from the K-12 Cyber Incident Map;” and “Student Data Privacy for Classroom Teachers.” Look for a new blog every Thursday!
2. The House Subcommittee on Early Childhood, Elementary, and Secondary Education is holding the hearing “Exploring Opportunities to Strengthen Education Research While Protecting Student Privacy” on June 28th. If this sounds familiar, that’s because a very similar hearing was held on March 22nd last year. Check out my op-ed on this topic. Could the scheduling of this hearing foreshadow a FERPA re-write (re-)introduction?
3. As reported in the previous newsletter, both the House and Senate have introduced the College Transparency Act, which would overturn the current federal ban on having a student-level data system at the U.S. Department of Education. There was a hearing on the CTA in the House, and many people continue to weigh in on whether the CTA is a good or bad idea.
4. Following in the footsteps of the ACLU of Massachusetts, the ACLU of Rhode Island released their research on a lack of privacy protections in 1-1 programs in Rhode Island schools. It will be interesting to see the reverberations from the report. Already, Rhode Island schools are changing their policies and the ACLU is pushing its model bill to fix this problem. EdSurge reports on the Rhode Island report and other student privacy issues: “From High School to Harvard, Students Urge for Clarity on Privacy Rights.” While not specifically about privacy, this article, “California law spurs reforms after heartbreaking student suicide cluster,” has implications for the discussions many advocates and schools are having about when schools should be accessing student devices (either 1:1 devices or BYOD). In related news, too much district filtering can actually undermine student willingness to use a 1:1 device, as one district in Texas discovered.
5. There have been a couple big breaches in higher ed in the past month, including a major breach at the University of Oklahoma where a student journalist discovered that she was able to access sensitive information like student financial aid records and grades through the school’s use of Microsoft Delve. Following the discovery of the breach, the U.S. Department of Education contacted the school to “further assess the institution’s compliance with its data security safeguard requirements according to the Gramm-Leach-Bliley Act.” Don’t know much about that law? Check out the FSA’s letter (and second letter) to institutions.
6. The U.S. Department of Education’s Privacy Technical Assistance Center has a fantastic newly designed website and a new data breach response training toolkit. There is also another important federal update this month: the FTC has updated the COPPA compliance plan for businesses.
7. The Consortium for School Networking has released an updated version of their incredibly useful privacy toolkit – I highly recommend that everyone reading this newsletter check it out!
8. There was a fair amount of focus this month on philanthropic tech funders in education. Natasha Singer from the New York Times wrote about “The Silicon Valley Billionaires Remaking America’s Schools,” Inside Philanthropy asked “Can Technology Turbo-Charge K-12 Learning? Chan Zuckerberg Is Betting On It,” and EdWeek reported “Gates, Zuckerberg Philanthropies Team Up on Personalized Learning.” The Economic Times also reported “Mark Zuckerberg, Bill Gates try opposite paths to education tech in India.”
9. “Schools are watching students’ social media, raising questions about free speech” and privacy, via a feature on PBS NewsHour on June 20. This relates to privacy and surveillance questions I discussed in my report on that topic.
10. IEEE has formed a working group to develop a “Standard for Child and Student Data Governance.” You can contact them at this website if you are interested in joining.

*Want more news stories? Email Amelia Vance at avance AT fpf.org to subscribe to our student privacy newsletter.

Image: “20111105-student2-2” by Devon Christopher Adams  is licensed under CC BY 2.0.