Sheila Kaplan is one of the leading authorities on privacy rights of children. She was invited to testify on the issue in Missouri, but was unable to appear due to the weather. She shares here her testimony with readers of this blog.
Here is a key point that she makes: “Given this new landscape of an information and data free-for-all, and the proliferation of data-driven education reform initiatives like Common Core and huge databases of student information, we’ve arrived at a time when once a child enters a public school, their parents will never again know who knows what about their children and about their families. It is now up to individual states to find ways to grant students additional privacy protections.”
You can reach her at: Sheila Kaplan
http://www.educationnewyork.com or sheila@educationnewyork.com
FERPA, COMMON CORE STATE STANDARDS & DATA-SHARING
As the 45 states that have adopted Common Core Standards begin implementation serious concerns are being raised about the impact on the privacy of students and their families.
The federal Family Educational Rights Privacy Act, or FERPA, was enacted in 1974 to protect the privacy of education records and directory information, which includes name, address, phone number, date of birth, and e-mail address, among other personally identifiable information.
Schools are a rich source of personal information about children that can be legally and illegally accessed by third parties. With incidences of identity theft, database hacking, and sale of personal information rampant, there is an urgent need to protect students’ rights under FERPA and raise awareness of aspects of the law that may compromise the privacy of students and their families.
In 2008 and 2011, amendments to FERPA gave third parties, including private companies, increased access to student data. It is significant that in 2008, the amendments to FERPA expanded the definitions of “school officials” who have access to student data to include “contractors, consultants, volunteers, and other parties to whom an educational agency or institution has outsourced institutional services or functions it would otherwise use employees to perform.” This change has the effect of increasing the market for student data.
For example, the amendments give companies like Google and Parchment access to education records and other private student information. Students are paying the cost to use Google’s “free” servers by providing access to their sensitive data and communications.
The 2011 amendments allow the release of student records for non-academic purposes and undermine parental consent provisions. The changes also promote the public use of student IDs that enable access to private educational records.
These amendments are critical to supporting initiatives like Common Core that depend on collection of student data to monitor implementation and measure success. Schools across the country will contract with third-party vendors to provide products, programs, and services in order to meet the Common Core requirements — and government agencies and researchers will be mining student information for studies and databases. The FERPA amendments are paving the way toward greater accessibility to student data while providing no meaningful sanctions or protections against breaches of student privacy. As amended, FERPA will loosen privacy protections while helping to promote the business of education.
How can we stop this invasion of student and family privacy in the name of education reform?
The Electronic Privacy Information Center, or EPIC, is one national group that is sounding the alarm on these changes to FERPA. EPIC filed suit against the U.S. Department of Education claiming that the Department lacks the statutory authority to amend FERPA to make student data more available and accessible to third parties — effectively changing the privacy law. EPIC vs. Department of Education is pending in federal district court in Washington, D.C.
In bringing suit EPIC mentions the numerous education organizations as well as private citizens who submitted comments against the changes during the Department’s public comment period in 2011. They included the American Council on Education. ACE stated that: “We believe the proposed regulations unravel student privacy protections in significant ways that are inconsistent with congressional intent.”
The comment by ACE was echoed by other influential groups, including the American Civil Liberties Union, the Privacy Rights Clearinghouse, the Center on Law and Information Policy at Fordham University Law School, and the World Privacy Forum, which stated that “Student and parental records will be scattered to the winds to remote and untraceable parties, used improperly, maintained with insufficient security, and become fodder for marketers, hackers, and criminals. The confidentiality that FERPA promised to students and their families will be lost.”
The American Association of Collegiate Registrars and Admissions Officers also raised a number of concerns about the changes, charging that “The proposed regulations have been overwhelmingly influenced by the single-issue lobbying of a well-financed campaign to promote a data free-for-all in the name of educational reform.”
It is important to note the interests of those who submitted comments in favor of the FERPA amendments. For example, the Software & Information Industry Association, which represents more than 500 leading high-tech companies, argues in favor of easier access for vendors to student data. The College Board supported the amendments because they facilitate “the robust educational research and evaluation needed to improve opportunities and outcomes for all students along the P-16 continuum.” This means the College Board would have greater access to student data to, in their words, “validate our tests, assessments, and educational programs” — their primary business.
The Education Information Management Advisory Consortium of the Council of Chief State School Officers noted that the FERPA changes will “allow us to facilitate better research and evaluation using our statewide longitudinal data systems.” And the Western Interstate Commission for Higher Education supported easier access to student data to develop a multi-state longitudinal data exchange that incorporates secondary and post-secondary education data and workforce data. This project is supported by the Gates Foundation.
Note that protecting the privacy of student information is not the primary concern of those commenting in favor of the amendments.
What lies ahead for student privacy when private companies, government agencies, and a wide range of researchers have greater access to student data and information? I mentioned earlier the “business of education.” This phrase was used by the Council of Chief State School Officers in their comment in support of FERPA changes. Business is booming and groups like CCSSO are benefiting. Technology startups aimed at K-12 schools attracted more than $425 million in venture capital last year.
CCSSO initiated the creation of a $100 million database with funds from the Gates Foundation to track public school students‘ information and academic records from kindergarten through high school. This is called the Shared Learning Infrastructure and it is now being run by an organization called inBloom, specifically created to operate the system.
The SLI will collect and maintain a range of student data in two “buckets” —
the first will include names, demographic information, discipline history, grade, test results, attendance, standards mastered–the list goes on. While schools may already have much of this data, this information is not usually stored in one place.
The second “bucket” will store information about instructional content and materials that will be linked to student test data in the SLI. Using Learning Resource Metadata Initiative meta-tags and the Learning Registry indexing (both aligned with the Common Core State Standards) this bucket will point to web-based resources.
So how will this work? First student data is shared with vendors. Then the vendors will align their products to Common Core. Internet searches on standards and instructional materials will point to Common Core-aligned resources developed by these vendors. Soon, when you search for education on the Internet, the bulk of the search will be Common Core related.
Clearly this narrows the education enterprise and raises issues of anti-trust and control of the Internet. And what will be the impact on the privacy of students‘ records? inBloom has stated that it “cannot guarantee the security of the information stored … or that the information will not be intercepted when it is being transmitted.” The question is: Should we compromise and endanger student privacy to support a centralized and profit-driven education reform initiative?
Given this new landscape of an information and data free-for-all, and the proliferation of data-driven education reform initiatives like Common Core and huge databases of student information, we’ve arrived at a time when once a child enters a public school, their parents will never again know who knows what about their children and about their families. It is now up to individual states to find ways to grant students additional privacy protections.
Privacy expert Daniel Solove said: “Privacy is rarely lost in one fell swoop. It is usually eroded over time, little bits dissolving almost imperceptibly until we finally begin to notice how much is gone.”
Diane Ravitch's blog 
Sheila, thank you for all of your hard work and dedication. We need more people like you!
Thanks, Shelia. I shared this with my school board colleagues and wife, who teaches in another district.
This is yet another example of the tentacles of corporate greed and the creeping amoeba of their “neo-classical” capitalist utopia that is smothering our democracy. I completely agree that the affect of this will be the coup de grace of the public liberal education, and the completion of the program begun by the business interests at the end of the 19th century to mold American public education into a job-training and indoctrination program to produce a passive worker class.
But of course our legislators will do everything to protect the privacy of concealed gun owners, corporate lobbyists, and “dark money” political campaign donors. No need to worry about those folks!
Reblogged this on Crazy Crawfish's Blog and commented:
I was working on a post for this, but this summary by Sheila Kaplan is an excellent synopsis of the dangers soon to be facing our children and the treachery of the Federal department of Education. If you have children, or were once a child, you should definitely read this.
Thanks for posting this, Diane.
Thank you to those who took/take the time read & share.
Let’s hope EPIC is successful in their lawsuit against the US Department of Education.
There are links on my website to the lawsuit (type EPIC in search engine) or visit EPIC’s website where you can see every document submitted by EPIC & US ED’s responses to claims.
A win by EPIC is a win for children & families.
Valerie Strauss writes about EPIC v US ED in today’s column:
Lawsuit charges Ed Department with violating student privacy rights
http://www.washingtonpost.com/blogs/answer-sheet/wp/2013/03/13/lawsuit-charges-ed-department-with-violating-student-privacy-rights
Reblogged this on Transparent Christina.
“Technology startups aimed at K-12 schools attracted more than $425 million in venture capital last year.” What is your source for this figure? I’d like to use it but I know I will get asked this question.
K-12 student database jazzes tech startups, spooks parents
http://www.reuters.com/article/2013/03/03/us-education-database-idUSBRE92204W20130303
I have been protecting student information as a special educator for many years. I cannot comprehend that this is happening and done so secretly, carelessly and without ethical conflict, only with total disrespect of our children and their families. I am speechless and outraged! It may be too late to un-ring that bell. Hackers did not even have to lift a finger. Only greed allowed this to happen. Another sad day in education. There are so many sad days now. The people behind this trampeling of student confidential information do not worry because their children are protected in private schools.
Education’s Wikileak without the outrage.
Sad day!
Thank you Sheila and Diane….forwarding to many.
It’s about children, Linda. We’re on the right side. Thanks for forwarding.
Shelia,
Thank you.
Re : the comment above, for one party it is about students, for the other though, it is all about the money.
Have we no shame?
From our friends at NYSED:
Education Data Portal Privacy Parent FAQ
http://usny.nysed.gov/rttt/data/edp-privacy-parent-faq.html
& inBloom’s privacy commitment
https://www.inbloom.org/privacy-commitment
Wow, nice find. I’ll look for you on twitter & retweet. Can’t wait to read…
NYSED eloquently tells parents they are giving vendors their children’s confidential school records. 24% of the population is under 18 yrs. 24% of the population’s PII/PHI are at risk because of FERPA.
Sadly most parents dont even know there is a big scary problem. We have also lost our medical info privacy, what next? This story is kind of stuck in academia and needs to reach the masses of parents who love their children and their families and America.
How does that happen in time to shut it down? This is Soviet style and we know how that ended but common core presents communism as a viable option. I have the worksheets to prove it.
What is the “do now” in all this as a parent? Do we “opt-out” of directory information?
My district is also giving students learning style surveys as well as personality surveys – we plan to opt out of those. Personalized learning aside, it is a scary thought that a school could actually collect years of academic data, then add data points about personality and preferences, pass that on to a state/federal agency who might then contract the services of an outside vendor to create predictive models of something maybe not so good for our children.
Yesterday’s Financial Times wrote about predictive models being written by a Microsoft-backed company using Facebook data!
What are the options for parents?
I plan to write a letter for my local paper about this, but what steps can parents take?
Definitely OPT-OUT of directory information, although for this year the data is is out there. Also,
DISSENT posted this on Data Privacy Day. It’s great advise:
10 Questions to Ask Your Child’s School District on Data Privacy
http://www.pogowasright.org/?p=32852
Here’s some OPT-OUT Information that may be helpful:
Click to access 022813-1.pdf
It’s so disturbing how many ways the DoE serves corporate profiteers at the sake of our nation’s children. This is just one example. Circumventing the 10th amendment with the Common Core requirements in RTTT is another. I sure hope the lawsuit regarding their changes to the FERPA regulations is successful. Anyone know if a lawsuit regarding the Common Core’s violations of the 10th amendment has been filed, too?
I have shared Sheila’s information with Florida advocates, who are shocked by Florida’s bill on the database and sharing if student information. This bill is speeding through Florida’s Senate. Sheila is a national expert!
Thank you Sandra. I try my best. I don’t know if that qualifies me as expert. Mostly I have an idea of where to find answers to privacy questions.
I do appreciate your words of support. : )
Sheila – Is this a concern for all of the schools who have embraced “the cloud” as their way to store and exchange student and teacher work? It seems to me that putting that data out for others to search at will is the wrong choice.
Also, semi-related, what does the use of cloud-storage do the the ownership of the work? Does student created work that is stored in the cloud suddenly become “owned” by the storage resource of choice?
Thanks!
Good questions, Matt. Do you want to email me directly since this is an older post? Or if you want to stay just ‘matt’ I will try to answer here.
Sheila- Happy to take the conversation offline for more detail. you can email me at mattdix@tierneybrothers.com
THanks!
CORRECTION:
[For example, the amendments give companies like Google and Parchment access to education records and other private student information. Students are paying the cost to use Google’s “free” servers by providing access to their sensitive data and communications.]
Should read:
[For example, the amendments give companies like Google and Parchment access to education records and other private student information. As the Electronic Privacy Information Center (EPIC) points out: “Students are paying the cost to use Google’s ‘free’ servers by providing access to their sensitive data and communications]
Thanks.
Watch out, Missouri!
Click to access Fordham.pdf
The following is testimony of Michael J. Petrilli, executive vice president of the Thomas B. Fordham Institute, to the Education Committee of the Missouri State Senate
Prepared for Delivery March 6, 2013
Chairman Pearce, Vice-Chairman Rupp, members of the committee: It’s an honor to be with you today. My name is Mike Petrilli; I’m the executive vice president of the Thomas B. Fordham Institute, a right-of-center education policy think tank in Washington, DC that also does on the ground work in the great state of Ohio. We promote education reforms of all stripes, with a particular focus on school choice and standards-based reform. I was honored to serve in the George W. Bush Administration; my boss, Chester Finn, served in the Reagan Administration. Perhaps most importantly, I was raised right here in Missouri, in Chesterfield, and attended public schools in the Parkway School District.
I suspect that not all of my friends agree with me, but I am glad that you are holding this hearing and debating the issue of whether Missouri should stick with the Common Core. These standards were developed by the states, and to be successful, they need to be owned by the states. Our educators are all too familiar with the “flavor of the month”—reforms that come and go. They are wondering if they should wait this one out too. By having this open debate on the Common Core you can settle the issue once and for all, and either change course or move full speed ahead.
I am here today to urge you to stay the course with the Common Core, for four reasons:
1. First, the Common Core State Standards are significantly stronger than the Missouri standards they replaced.
2. Second, you have already invested time and money into implementing the new standards. They have momentum. Calling for a do-over would waste the millions of man hours already invested—and potentially cost the state of Missouri more money than proceeding with the Common Core.
3. Third, it’s doubtful that returning to your old standards would put Missouri on a path toward higher student achievement. Regrettably, over the past two decades, Missouri has made some of the smallest gains in the country on the National Assessment of Educational Progress. You need a different way forward.
4. Fourth, if you decide to opt out of the Common Core, you will be opting Missouri’s teachers and students out of an opportunity to participate in the incredible wave of innovation that these standards are unleashing. It’s as if the whole world is moving to smart phones and tablets while you’re sticking with a rotary.
Let me say more about each point. First, though, let me acknowledge that Common Core critics raise at least one legitimate concern. They are right that President Obama politicized the standards by using federal Race to the Top dollars to coerce their adoption by the states. It doesn’t help that the president took credit for the common standards every time he had a chance on the campaign trail, and did it again in his recent State of the Union address. These standards started out as state standards, and they need to remain state standards. Washington needs to butt out.
The Common Core Standards are Very Strong
For more than fifteen years, we at Fordham have been evaluating state academic standards. We come to the task from a relatively traditional perspective. We believe in the importance of solid academic content—of students being expected to master a body of knowledge and skills. In English, for example, we want young students to master phonics and older students to study important works of literature. In math, we think young children should know their times tables and older students should be on a path to college-level calculus.
Yet, regrettably, most states—including Missouri—failed to put such solid expectations in place. In our most recent review of state standards, in 2010, the Show Me State’s standards earned lowly Ds for both English and mathematics. About the English standards, our reviewers wrote:
The Missouri ELA standards include some important K-12 content. Unfortunately, this content is buried among vaguely worded and repetitive standards that fail to provide the kinds of content-rich expectations that teachers need to plan robust, college-prep curricula, instruction, and assessment.
More specifically:
Missouri fails to include examples of texts, discussion of text difficulty, samples of texts or authors, including any mention of foundational works of American literature or any other information that would help educators ensure that they are teaching progressively rigorous texts across grade levels.
And about Missouri’s math standards, our reviewers wrote that they “are well presented and organized, but the statements are often very broad and difficult to interpret. In K-8, arithmetic is covered reasonably well, but not sufficiently prioritized. In high school, the standards are vague and do not cover some essential content.”
The Common Core standards, on the other hand, earned honors grades from our reviewers—an A-minus for mathematics and a B-plus for English. The math standards are particularly strong in the elementary grades, with a heavy focus on basic arithmetic and fractions. And the English standards expect students to read a demanding sequence of texts, including great works of American literature and the country’s founding documents.
Missouri raised the bar dramatically when it adopted the Common Core. Why lower it again?
Maintain the Momentum
As I’m sure you’ll hear several times this afternoon, Missouri educators are already hard at work implementing the standards: Engaging in professional development, developing new curricular resources, vetting textbooks, and so forth. Changing horses in the middle the race would be incredibly disruptive.
It might also be very expensive. You’ve probably heard from the Pioneer Institute about its cost estimate of Common Core implementation. We at Fordham commissioned a similar cost estimate, and it reached many of the same conclusions. Implementation will not be free, particular if it is to be meaningful. But it need not break the bank either. And because you’ve already been moving toward the Common Core, many of the hard costs have already been sunk.
In our study, we looked at three cost levels for implementation:
• Business as Usual. This “traditional” approach to implementation means buying hard-copy textbooks, administering paper student assessments annually, and delivering in-person professional development to all teachers.
• Bare Bones. This is the lowest-cost alternative, employing open-source materials, annual computer-administered assessments, and online professional development via webinars and modules.
• Balanced Implementation. This is a mix of approaches, some of which may be more effective than others while also reducing costs. It uses a blend of instructional materials (e.g., teacher self-published texts and/or district-produced materials), both interim and summative assessments, and a hybrid system of professional development (e.g., train-the-trainers).
As expected, cost projections vary widely, depending on the approach chosen. We estimate that for Missouri, Business as Usual costs roughly $280 million, Bare Bones roughly $70 million, and Balanced Implementation roughly $120 million.
But note that Missouri is already spending significant sums every year on instructional materials, assessment, and professional development. Can much of that be repurposed as you move to the Common Core? We think so.
We estimate that Missouri already spends about $89 million annually on these activities. So if you subtract that amount from our estimates for Common Core implementation, you get much more modest estimates of the true additional costs of the Common Core. For Business as Usual (the most expensive approach) it’s about $190 million, for Balanced Implementation it’s $26 million, and for Bare Bones you could actually save $21 million by moving to the Common Core.
Spur Student Achievement
Another reason to stay the course with the Common Core—perhaps the most important reason—is to raise student achievement. I can’t guarantee that—it depends on aggressive implementation at the local level. But I can tell you that what you were doing before Common Core wasn’t working.
According to an analysis by Eric Hanushek, Ludger Woessmann and Paul Peterson, Missouri was toward the back of the pack when it came to test score gains on the National Assessment of Educational Progress in reading, math, and science from the early 1990s until today.
Moving to the Common Core gives you the opportunity to combine strong standards with much higher expectations for passing state tests. This pressure—the kind that we’ve seen in states like Massachusetts that have made big gains on the NAEP—can go a long way.
Join the Online Revolution
Finally, staying the course with the Common Core gives you the opportunity to take advantage of the huge amount of investment that other states, private foundations, and private companies are putting into Common Core-aligned textbooks, e-books, professional development, online learning, and on and on. As Tom Vander Ark, a onetime Common Core skeptic, argued recently, the standards have unleashed “an avalanche of innovation.” Simply put, online learning is coming; it’s going to open up a world of choices for students and families; and it’s going to be aligned to the Common Core, not to separate state standards. Do you want Missouri’s students and educators to be a part of that, or not?
***
As with all public policy decisions, there are trade-offs and risks associated with adoption of the Common Core. To be sure, you had excellent standards in place before the Common Core came along.
And by all means, the federal government has been heavy handed with this reform, and deserves to be chastened. But don’t let your frustration with President Obama lead you to lash out at the kids of Missouri. All things considered, the Common Core is the smartest path forward. That should be the only consideration. Thank you.
Protecting Student Data at the State Level: A Proposal for CPOs in DoEs
Click to access DoE_CPO_trackerPost_final-1.pdf
This article was originally published in the IAPP’s Privacy Tracker blog.
Diane: Thank you and your followers for getting the word out on this issue. There is now a petition with the White House on WhiteHouse.gov to ask the President and Department of Education to reverse course on these dangerous moves to reduce child privacy protections and share data with lots of groups, including private corporations. Thank you!
https://petitions.whitehouse.gov/petition/protect-child-privacy-rights-and-data-restoring-strengthening-family-educational-rights-and-privacy/CrRb2KtS