School districts have progressively been turning their attention to online educational services recently. They say that this can help them collect and analyze facts about how specific students learn. There is a huge security risk here, as a lot of parents and legislators have raised serious doubts about the system’s security measures. They say that the personal information that is being collected from these online educational systems could get into the wrong hands. They want to ensure that the federal government does everything in its power to make sure that this kind of sensitive information is not leaked.
The Department of Education came up with an answer on February 25, and they were quoted saying: “It depends.” It has been seen that the Department’s statement came as part of a new agency guidance. This new agency guidance has been seen to lay out requirements and recommended practices for school management of online education services. This will involve either the students or their parents, writes Natasha Singer of The New York Times.
There was a report by “student privacy researchers” published recently. The regulators appeared to approve the report that claimed that some school districts in the U.S. adopted education technology faster than they had introduced policies.
“In particular, the information sharing, web hosting and telecommunication innovations that have enabled these new education technologies raise questions about how best to protect student privacy during use,” the Education Department guidelines were quoted.
Anyone who is going to follow the guidelines will help themselves protect their personal data, such as contact info that is contained in a student’s education record.
If a student’s information is going to be shared, then their parents are going to be asked before the information of their child is released. This happens in institutes that are federally funded, and it comes under the federal law known as the Family Education Rights and Privacy Act.
There is an exception under which it is possible that the school can give away student data without the parent’s consent, but then the school would have to outsource functions.
These schools can outsource the data, but they must always make sure that they are the only ones that maintain direct control over the data. This means that they can restrict companies at any time from accessing the student’s personal data.
For example, let’s say the operator of a cafeteria where children’s meals would be paid by parents through their online account. They cannot sell the student’s personal info from a the student’s education records to specifically target the student with a food-related advertisement.
We see that the guidelines are quite clear: online education services must not use any of a student’s information that they obtain “for any other purpose than the purpose which it was disclosed.” The latest document by the education department recommends that schools districts should, at all times, have direct control over a student’s personal data.