Student Privacy Boot Camp for Ed Tech Vendors

ReThink Education  and Future of Privacy Forum

invite start-ups, and small, and medium-sized ed tech companies to an intensive and comprehensive program designed to ensure vendors handling student data understand privacy laws and best practices.

Resources From Event :

Panel: Overview of Basic Privacy Principles for Edtech Services
Panel: FERPA and COPPA
Panel: State Laws/Proposed Federal Legislation
Panel: SOPIPA (slides); SOPIPA Curriculum; SOPIPA-at-a-Glance; Targeted Advertising and SOPIPA
Panel: Needs of the Buyer
studentprivacycompass.org; particularly Quick Privacy Tips for Vendors and Quick Security Tips for Vendors
FPF White Papers: Student Data Privacy – Trust Transparency and the Role of Consent and De-Identification and Student Data
Student Privacy Pledge

Other Resources:

Berkman Center for Internet & Society, Student Privacy Initiative – particularly Snapshot of K-12 Cloud-Based Ed Tech
Common Sense Media – particularly Kids Action Education and Technology
Consortium for School Networking (CoSN) – particularly Clear Privacy Practices for Schools and Security Questions to Ask
Congressional Research Service – FERPA: A Legal Overview
Department of Education – Revised FERPA Regulations, December 2011
Federal Register, December 2011 – 34 CFR Part 99 FERPA update
Privacy Technical Assistance Center (PTAC), U.S. Dept of Ed – Transparency Best Practices and Protecting Student Privacy While Using Online Educational Services

Agenda

Thursday, March 3, 2016

8:30 Light Breakfast
9:00 Welcome Comments and Introduction

• Jill Bronfman, Director of Privacy and Technology Project, Institute for Innovation Law
• Brenda Leong, Senior Counsel & Director of Operations, Future of Privacy Forum

9:15-9:30  Overview of Basic Privacy Principles for Edtech Services

• General US Privacy Law – Consumer Protection Laws.  This presentation will provide the background and context of U.S. privacy law and lay the foundation for the understanding of specific requirements for education service providers.
  • Brenda Leong, Senior Counsel & Director of Operations, Future of Privacy Forum

9:30-10:30 FERPA (applies to schools) and COPPA (applies to businesses) – This presentation will provide the details of FERPA, how it applies to schools and guides their policies and practices, and its impact on vendors who share the school’s role in collecting, maintaining, or processing student data, as well as an overview of COPPA, what its requirements are for vendors generally, and in more detail as it applies to vendors operating via school contracts or direct contact with students.

• Emily Tabatabai, Privacy Attorney, Orrick, Herrington, and Sutcliffe, LLP
  

10:30-10:45 Break
10:45-11:30  View from the Regulators – This panel will review minimum requirements and desired standards from the government regulatory point of view and will discuss the Model Terms of Use developed for ed tech vendors in dealings with school and school districts.

• Kathleen Styles, Chief Privacy Officer, Department of Education
• Joanne McNabb, Director of Privacy Education and Policy, Office of the AG, CA DOJ
  

11:30-12:15 SOPIPA – This discussion will cover trends in state law covering schools and vendors in regard to student data privacy and security requirements, particularly focused on a detailed overview of the 2014 California student privacy law (SOPIPA).

• Linnette Attai, Founder, PlayWell, LLC

12:15-1:15 Lunch
1:15-2:00 State Laws/Proposed Federal Legislation – This discussion will cover trends in state law covering schools and vendors in regard to student data privacy and security requirements, with a brief overview of recent developments in federal legislation.

• Rachel Anderson, Senior Associate, Policy and Advocacy, Data Quality Campaign
• Alan Simpson, Policy and Communications, iKeepSafe

2:00-2:45 Needs of the Buyer – Privacy Policies and the Role of Contracts – This session will discuss the legal requirements from the “buyer’s” (school or school district) point of view, what technology officers or other district representatives look for, and how contracts can be used cover the legal obligations for both parties.

• Jim Siegl, Technology Architect, Fairfax County Public Schools
• Aden Fine, General Counsel and Chief Privacy Officer, Edmodo

2:45-3:00  Break
3:00-3:45 Understanding Parent, Advocate, and Policy Concerns – This panel will present parent and other stakeholder perspectives on student privacy, addressing current hot topics such as fear of data breach, and misuse of student personal information. They will also discuss how schools deal with issues from media, and parent/advocacy group concerns.

• Moderator: Kobie Pruitt, Education Policy Manager, Future of Privacy Forum
• Olga Garcia-Kaplan, Parent Blogger, FERPA|Sherpa
• Beatriz Arnillas, Director, IT – Education Technology, Houston ISD
• Alan Simpson, Policy and Communications, iKeepSafe
• Girard Kelly, Policy Analyst, Common Sense Media

3:45-4:30 Security – This session will cover the technical requirements of good data security practices and policies.

• Alex Smolen, Lead Security Engineer, Clever
• Jill Bronfman, Director of Privacy and Technology Project, Institute for Innovation Law

4:30-4:45  Break
4:45-5:30 “Unconference” sessions – several privacy leaders from ed tech companies or educational institutions will host breakouts based on audience priorities.

• Aden Fine, General Counsel and Chief Privacy Officer, Edmodo
  
• Manoj Lamba, Partnerships and Marketing Lead, Class Dojo
• Jim Siegl, Technology Architect, Fairfax County Public Schools
• Mohit Gupta, Project and Technical Lead, Infrastructure, Clever

 
To sponsor programs like this, or for more information, contact Brenda Leong, [email protected], or 202-792-8801.