California parents, educators, and, hopefully, the governor, are concerned about privacy guidelines for operators of Internet websites, online services, online applications, and mobile applications, and are worried as well about contracts between educational agencies and third-party technology vendors. Two bills, SB 1177 and AB 1584, have been sent to Governor Jerry Brown, according to Christine Kern of BusinessSolutions. Brown has until September 30 to sign or veto these bills.
Already in place is an array of federal student privacy legislation, which include the Federal Educational Rights and Privacy Act (FERPA) and the Children’s Online Privacy Protection Act (COPPA), which do address student data privacy. But educators, privacy advocates, legislators, and industry members cannot agree whether the legislation is broad enough to protect privacy in our current digital age. Even though new legislation was introduced in July of this year, many states have taken the responsibility of addressing this problem on the state level. At this time, there are 83 bills in 32 states being considered since April, according to the Data Quality Campaign.
“There really was very little if any protection that would guard the security, the privacy, the confidentiality of student information,” said Rick Pratt, chief consultant to the Assembly Education Committee, “and so hopefully bills 1584 and 1177 will provide some security and privacy where it doesn’t exist in current law right now.”
SB 1177 was created to stop companies that have built student data profiles for advertising use. Earlier this year, Google scanned student email for advertising purposes, though it later eliminated this policy. The bill was introduced by Senate President pro tem Darrell Steinberg (D-Sacramento).
Joan Buchanan (D-Alamo) introduced AB 1584 this year to prevent third-party mobile app developers from using student data without informing parents. These two bills will provide stronger privacy protection to students, provide clear rules for vendors, and regulate third-party contracts with local educational agencies.
“Together, it’s really a landmark regulatory scheme,” said Joni Lupovitz, vice president of policy for Common Sense Media, which supported the bills. “The whole idea is not to stop education technology; the idea is to create a trusted online environment so kids can just be kids and focus on learning.”
Although the collection of student data can be a boon to teachers and researchers, it may come at a cost when private firms profit from sensitive information, says Jessica Meyers of the Boston Globe. In Washington state, the encouragement of technology use in classrooms creates a struggle between privacy assurance and digital learning.
“Parents are right to ask, ‘Who holds the information to this website and what are they gathering about my kid?’ ” said Tracy Novick, a Worcester School Committee member who limits the online activities of her three school-age daughters at home.
Those responsible for protecting school-age children are in a quandary. The Boston School Department writes privacy provisions into its contracts, but online tutoring assignments and research applications may fall between the cracks.
In May of this year, ConnectEDU, an online tool for helping students choose careers, could have caused 20 million student records to be available to anyone as a result of a bankruptcy case. InBloom, a nonprofit funded partly by Bill Gates, shut down because it could have created a student database that might easily be hacked.
FERPA may or may not extend to online protections. New York has created a chief privacy officer; Idaho required the state board of education to turn in annual reports of student data; and in Massachusetts, some districts, like Boston and Cambridge, have hired chief information officers to monitor technology.
In New York state, elementary teachers can use an app to keep track of students’ behavior. In Georgia, some lunchrooms use a biometric identification system for students to pay for their lunch. And, nationwide, school athletes use social media sites to exchange contact information and game locations, writes Natasha Singer of The New York Times.
James P. Steyer, chief executive of Common Sense Media, a children’s advocacy and media ratings group in San Francisco, said the bills were ultimately intended to shore up parents’ trust in online learning.
“You can’t have an education technology revolution without strong privacy protections for students,” said Steyer, whose group spearheaded the passage of Steinberg’s bill. “Parents, teachers and kids can now feel confident that students’ personal information can be used only for educational achievement.”
Last year, the sale of education technology software for prekindergarten through the 12th grade reached an estimated $7.9 billion, according to the Software and Information Industry Association. A recent study at Fordham Law School showed that some public schools in the US allow vendors to collect any kind of information they want to collect and may use those details in any way they like.
Adrienne Hill of Marketplace writes that from the time a child swipes her ID card and climbs on the school bus, to when she is working on her digital lessons, to when she acts out in class, to P.E. class, when she puts on her Fitbit-style wristband, to when she gets back on the bus to come home, there are hundreds of ways that data is being compiled about a child.
“We live in a 24/7 data mining universe today,” says Jim Steyer, CEO of Common Sense Media. “And I think most of us parents and teachers and kids don’t realize how much of our data is out there and used by other people.”