One of the goals of Race to the Top was to create a national student data base, one collected from every state. Creating such a data base was one of the conditions of eligibility for Race to the Top. One of the companies formed to mine the data was created by the Gates Foundation and the Carnegie Corporation and called inBloom. InBloom intended to use software created by Wireless Generation (part of Joel Klein’s Amplify, owned by Rupert Murdoch) to aggregate this personally identifiable information and put it into the “cloud,” that place in cyberspace where all data lives forever. There would have been 400 data points for each student. Parents organized in states and districts to prevent this breach of their children’s privacy, and state after state, district after district, dropped out because the plan was indefensible (New York state, led by John King, was the last to drop out, and then only because the Legislature commanded him to do so).
Now a letter has become public, from John Kline to Arne Duncan, warning Duncan about the dangers of creating a national data base of student information.
There is a federal law called FERPA that is supposed to protect the privacy of individual students, but Duncan changed the regulations to make data mining possible.
Diane Ravitch's blog 
Diane, I am very concerned about student privacy. Folks can read here about issues and battles I’ve had with my own district about student privacy. In my case against VDOE, one of the main issues was how to protect student identities even if the student id is anonymous (prevent other forms of aggregation/identification).
Can you give us specifics into the law and how FERPA might have been undermined? It’s an important issue. Are you saying individual student information (names, etc.) was to be stored in the database? Or just information about anonymous students? Just curious as to the context. Thanks.
LikeLike
There are lots of questions about this endeavor. I worked with VDOE to generate data sets of SGP scores. Even though each student ID was anonymous, we both agreed that certain data must be suppressed. If you had a very small sample set (< 10 students), it became increasingly possible to identify which student received which score (if you could identify 6 scores that belonged to 6 students even though you could not determine which belonged to which, it was below the minimum "N" size and was suppressed).
I actually do similar work for the DoD as we don't want to maintain PII but need to determine individual service men and women. One way hashes can prevent reverse engineering but they require the algorithm/key to be shared among all the agencies. For example, the dept of welfare services would have to use the same hash on an SSN as the dept of education in order to match up the anonymous IDs.
In theory, as long as you use the same hash algorithm in every state, you could match the resulting anonymous IDs against each other without ever releasing PII. The problem comes back to the suppression data. How many students attended school in 3rd grade in Nevada and then moved to Texas in the 4th grade and then to Lousianan in the 6th grade. Or the more states that have the same algorithm without controls in place to secure it, the greater the chance that the algorithm is compromised. In these systems, as long as you have the algorithm/key, you can take PII and turn it into the anonymous ID needed to identify the student.
It gets a little more complicated. Data sets are given to researchers in Virginia after they sign confidentiality agreements. But each researcher is given a different set of anonymous IDs as a unique key is used in the hash algorithm for their data set. But when you are linking across states and constantly need to match anonymous IDs, I can't imagine the controls are as rigorous.
I encouraged VDOE to put our their rules to the public similar to encryption rules. Let everyone see the rules, if not the algorithm/keys, to ensure that it was safe. They declined. More to this story after they released their second data set but I'll save that story for another time.
Bottom line: don’t let fools go build a system that could compromise privacy without some fairly smart people taking a look first to make sure it’s not an illicit data miner’s dream.
LikeLike
Is there a link to the letter?
LikeLike
Can you provide a link?
LikeLike
I added the link! Sorry, my error, and not the first time.
LikeLike
Yes, which letter, when , what does it say,why is it just becoming public now?
LikeLike
Ah, the “stern letter” method of regulation. That always gets “results”.
Congress has huge power under our Constitution. They can do a heck of a lot more on oversight than have aides draft stern letters after the fact. Any of us can write a letter. Thank goodness there wasn’t a huge breach while Duncan was completely ignoring this letter for 7 years.
There’s a 3 letter definition for stern congressional warnings- CYA.
LikeLike
The players behind the idea of inBloom tell the whole story.
LikeLike
How can Duncan “just change regulations within federal law”??? Possible that this was illegally done I wonder?
LikeLike
Ed Markey also wrote to Arne Duncan; you can find the letter here….http://www.markey.senate.gov/documents/2013-10-22_FERPA.pdf
Arne Duncan took 3 months to respond to Markey’s letter (bureaucratic stalling).
In essence duncan said “you have all the flexibility ” in the world that you are entitled to and (b) Duncan put the onus on the local school boards to ensure due diligence that these “vendors” collecting the data operated with integrity and obeyed FERPA etc… but that is impossible. The contract for PARCC was authorized from Washington with state governments… then you are going to ask a local school board to be accountable that they are not invading privacy of families (which they are already doing because the state assigns a number to each child at birth and the firms are gathering that data across the human services — not just public schools.) How is a school committee in a local district going to ensure accountability when they have no control over the award of the contract or the SPECS for the computer system etc and then the governor and the commissioner says “you will do this or lose funds and we will shut you down”…. A gun to the head or a dead horse’s head in your bed.
LikeLike
I see this letter as chilling evidence that the Clinton, G.W. Bush and Obama administrations had an agenda with step by step goals to strip democracy from the United States Republic and replace that form of govenrment with an authoritarian system that would have for-profit corporations watching all of us all of the time cradle to grave. In fact, maybe this agenda reaches back to the Nixon and/or Reagan administrations and the war on drugs and then the beginning of the privatization movement that started with the prisons.
LikeLike
Indeed. Check out what the TPP is all about also.
LikeLike
Agree! And TRUE.
LikeLike
Brave New World exemplified.
Surveillance on ALL of us and now even on our children.
I thought our Constitution was supposed to protect us from this.
LikeLike
This is more of a reaction from the heart than the head…
Rheephormsters say they are for “civil dialogue”—that would involve an exchange of information and views, right? Yet when someone in a position to get the attention of a prominent rheephormster (i.e., Arne Duncan) attempts to call his attention to an incredibly important matter—the reaction is to bury the issue, full steam ahead, no self-reflection or self-correction.
Combine that with deliberately misunderstanding verifiable criticisms and damaging facts on the grounds and you have what happens over and over and over again with rheephorm initiatives and mandates—disasters that are predictable and obvious to everyone but those mandating failure.
Sometimes it seems that the only response by the rheephorm establishment to the failures they inflict on us is the mind-set revealed by the NJ Comm. of Ed: “Whatever we’re doing, we need to double down.”
Just my dos centavitos worth…
😎
LikeLike
This will be interesting to watch? Will anything be done about this?
LikeLike
By extension teachers and parents also lost their right to privacy. The Bill of Rights is under attack. They all stand or fall together. It is a critical juncture in our history.
LikeLike