The issue of student data privacy has moved to the legislative forefront in the past year due to increasing concerns about how digital data is being used by schools, governments and third parties.
Because of the growing presence of learning apps in the classroom that tailor themselves to student needs, more data on students is being collected and analyzed than ever before. Even President Obama mentioned it in his State of the Union Address, writes Jordan Shapiro of Forbes.
State legislatures nationwide are making efforts to protect students from data mining. So far this year, 182 bills dealing with student data have been introduced in 46 states, according to Natasha Singer of the NY Times, with 15 states passing a total of 28 laws. Five bills at the federal level have been introduced in Congress.
This is a significant difference from two years ago when Oklahoma was the only state with data privacy policies. Last year, California led the trend with a law that prevented student data from being used for "non-school purposes," including personalized advertisements.
Parents and legislators are concerned that school districts don't have the ability to monitor effectively how data is being used, nor the know-how to properly de-identify student information when they do share it, write Benjamin Herold and Michelle R. Davis of Education Week. Paige Kowalski, the Vice President for Policy and Advocacy at the Data Quality Campaign, said that increased use of data comes with a responsibility to consider its impact:
If we are going to look at new ways of holding schools accountable — Are they helping kids learn? Are they preparing them for what's next? — we need more than just reading and math scores. Folks are looking at social-emotional indicators, and that has raised concerns.
Some of the digital systems that might be logging more information than students, parents, and educators are comfortable with sharing include educational apps, homework tools, cafeteria payment systems, e-mail accounts, digital calendars, and file-sharing apps.
According to Rich Lord and Megan Henney of The Telegraph, one app, Glogster EDU, collects users' "name, address, email, date of birth, gender, country, interests, hobbies, lifestyle choices, groups with whom they are affiliated (schools, companies), videos and/or pictures, private messages, bulletins or personal statements" and can share this information with "consumer products, telecom, financial, military, market research, entertainment and educational services companies."
Joel Reidenberg, a Fordham Law School professor who completed a study on the subject in 2013, said that long-term data handling matters, too:
Parents are very nervous, and rightfully so, when third parties are empowered to build dossiers on their children. Unless they have a means of learning what data is being collected, they have no way to independently assess the risks to their children, and whether this is a good product or a bad product.
If you're sitting on a data trove for years, it increases security risks, because it can be hacked or lost. The default [policy] should be destruction.
About 170 technology companies including Apple, Google, and Microsoft have voluntarily pledged not to use data from student services for personalized advertising.
Opponents of the policies point out that it may give education start-ups a disadvantage by trying to make sure their services are legal according to varying state guidelines.