Leonie Haimson and Rachael Stickland of the Parent Coalition for Student Privacy created a toolkit for parents to defend against the invasion of children’s privacy by commercial and governmental interests. The toolkit was devised in collaboration with the Campaign for a Commercial-Free Childhood.
Haimson and Stickland explain why they developed the free toolkit and why parents should use it.
They write:
“Despite a clear desire among many parents to protect their children’s sensitive data, few resources exist to help them navigate the confusing patchwork of laws and regulations that govern student privacy. Most guidance is aimed at schools and districts, not parents, and what has been produced is often filled with legal and technical jargon. To compound the problem, most widely available student privacy resources are often written by organizations funded or supported by the growing ed-tech industry and who advocate for increased data sharing rather than reducing it.
“In fact, millions of student data points are currently soaked up every day by schools or their vendors and shared with third parties, including for-profit companies, government agencies, and researchers, without parental knowledge, and with few or uncertain security protections. The personal data collected from children may include students’ names, email addresses, grades, test scores, disability status and health records, suspension and discipline data, country of birth, family background, and more. Other digital data collected may include internet search history, videos watched, survey questions, lunch items purchased, heart rate and other biometric information measured during gym class, and even classroom behavior, such as being off-task or speaking out of turn.
“This information, whether collected by schools directly or by contractors supplying online learning platforms, classroom applications and websites, are often merged together and analyzed via algorithms to profile a student’s skills, strengths, abilities and interests, and to predict future outcomes. How this sensitive data may be used, with whom it can be shared, and how it can be protected are questions on many parents’ minds. Finding answers can be hard; schools often find themselves caught in the middle.”
They developed the parent toolkit to help parents protect their children.
“Our toolkit, available on the PCSP [Parent Coalition for Student Privacy] website, offers clear guidance about what student privacy rights exist under federal laws and what steps parents can take to ensure these laws are enforced, suggests questions they can ask to learn more about their schools’ data policies, and recommends best practices that parents can urge their school and district officials adopt, all with the goal of protecting and securing this data. We also suggest tips that parents can use at home and sample opt out forms to minimize the risk that their children’s privacy will be breached or abused.”
Diane Ravitch's blog 
I’m glad they’re doing this. If you read ed reformers it is amazing how hard they are pushing “personalized learning”:
Standing room only for a panel on personalized learning at #nsvfsummit”
It’s literally a craze. Public schools should take a deep breath and ask themselves if these folks have offered solid advice in the past.
Look at what happened in LA. They spent a bundle on tech at the urging of ed reformers and then they blamed their political opponent for voting for it.
Fair warning. If schools climb on this bandwagon they will regret it. The only people who are “demanding” more ed tech are the people who are selling ed tech.
When Duncan pushes it he talks about an “8 billion dollar industry”. Just be clear- they are pushing product. They are in business to make money. Don’t kid yourself with all the touchy-feely marketing the tech industry does- this is a business. In that sense it’s no different than a defense contractor. Choose wisely and beware of miracle claims.
Am wondering if people are aware that the military recruiters (Pentagon) utilize various vehicles to gather private and personal information on our young people. These include having high school students take the Armed Services Vocational Aptitude test, the part of the “No Child Left Behind” section 9528 where if a student or parent does not “opt-out” then the recruiters may legally obtain data on eligible students. The Pentagon also has a program called JAMRS – the Joint Advertising Market Research Survey that allows the military to collect personal info on students as well. Apparently, the military is exempt from FERPA. Anyone else care to comment on this kind of insidious assault on our children and their parents/guardians private information?
The beat goes on!
And no, I’m not talking about the song but the beating/the militarization of our supposed democratic republic.
There is no insurance that any of the data are safe, either from insiders (possibly looking to cash in) or from outside hackers.
Just this past week, we saw how hackers are now ransoming data.
There is huge potential for this happening with data obtained by schools (to say nothing of by third party “personalized Learning”)
The idea that we can rely on software and people to keep the data secure is simply not reasonable. We have all seen just how insecure software can be (eg, from Microsoft, which has more holes than the average colander) and people are corruptible.
So we really need to be talking about limiting the data about our children that are allowed to be collected and saved.
It used to be a joke that “that will go in your permanent record”, but it is no longer a joke. This stuff will follow today’s children for the rest of their lives. And if it is not secure, it may follow them out in the open.
I wonder if my tech crazed, reformy LAUSD principal would mind my sharing the toolkit with the parents of my students.
I just posted it on my school’s web site.
SomeDAM Poet is correct about data privacy, but the Parent ToolKit is still a worthwhile effort. Here are some examples of the problems.
On April 17, 2017, EdSurge reported “Schoolzilla ‘File Configuration Error’ Exposes Data for More Than 1.3M Students, Staff.”
Schoolzilla is a data management platform that offers varied services for schools. Kapor Capital, an early investor, says that “Schoolzilla delivers timely, actionable insights to teachers, principals, and district leaders through a SaaS data and business intelligence platform. By merging data from dozens of disparate sources such as attendance, test scores, online learning tools, human resources and financial accounting, Schoolzilla empowers educators to make smarter, faster decisions to increase student achievement.”
One of the most interesting features is the promise of “INTEGRATIONS,” making “it easy to get data into your Schoolzilla environment with over 75 connectors and new ones added each week.” Those 75 connectors are to other vendors of data management tools, tests, and instructional packages for online learning. As soon as these are accessed through a Schoolzilla account, new security notifications may be in play, but that might not be obvious to a casual user.
In any case, the CEO of Schoolzilla, Lynzi Ziegenhagen, said the April security breech was discovered by a “white hat security “ specialist who had access to the “cloud” warehouse for Schoolzilla. https://www.edsurge.com/news/2017-04-20-schoolzilla-file-configuration-error-exposes-data-for-more-than-1-3m-students-staff
Read the report from the “white hat” security monitor. The most disturbing part of this report is that Schoolzilla’s contract with the Palo Alto School District allowed for the entry of social security numbers and test scores for individual students. This is the account from the “white hat” security monitor. https://mackeepersecurity.com/post/schoolhouse-data-breach There are additional accounts of security breeches at this website.
Then there is the Edmodo hack reported May 11, 2017. According to motherboard vice.com, data from millions of Edmodo accounts is now for sale on the so-called dark web, also known as the dark market.
According to the Edmodo website, it has 78 million members and is “the world’s largest K-12 social learning community where teachers, students, and parents can connect safely and securely.” The site permits teachers, students and parents to work on homework, plan lessons, find resources and work on other “social learning” together.
Motherboard vice.com discovered this: “A vendor going under the name of nclay is currently listing the Edmodo data on the dark web marketplace Hansa for just over $1,000. In all, nclay claims to have 77 million accounts, and according to LeakBase, around 40 million include an email address.”
I could not follow-up on this report because LeakBase charges fees for disclosing the “leaks” they have found. https://motherboard.vice.com/en_us/article/hacker-steals-millions-of-user-account-details-from-education-platform-edmodo
Digital Citizen Alliance.org is a public interest group tracking breeches of security and sales on data on the dark market. A recent report tracked the theft of university email addresses that end with .edu. http://www.digitalcitizensalliance.org/clientuploads/directory/Reports/DigitalCitizens_CollegeInfoTheft.pdf
This is to say that data theft is a business. And data security beyond the fine print in school contracts may or may not be worth anything but there is a market for it.
I think there is far more pontificating about student data security than anyone should take seriously, especially if the hype is coming from a school or district that has a policy wherein digital vendors are invited in as “partners” and students are available for marketing research (in the name of improving student learning). Here is a map showing where those schools and districts are. http://digitalpromise.org/initiative/league-of-innovative-schools/districts/.
Also in the works is the College Transparency Act of 2017, a bipartisan effort that would allow students and parents access to a “best-value customer service” website. It will show the user which postsecondary schools and programs, including majors, are likely to have the best price and return on investment at several time intervals after completing the program. The new website will have information about a half-dozen federal loan programs and debt repayment plans. The proposed legislation is supposed to streamline the application process for student loan benefit programs available to a borrower and…. Integrate data available from different Federal data systems.
The bill fails to mention what these “different data systems are, but they can be discerned if you look at the current Application for Federal Student Aid form,(FAFSA®) . This form asks students/parents to have the following information ready to put into the online application. 1. Your Social Security number, 2. Your parents’ Social Security numbers if you are a dependent student, 3.Your Alien Registration number if you are not a U.S. citizen, 4. Your driver’s license number if you have one, 5. Federal tax information* or tax returns including IRS W-2 information, for you (and your spouse, if you are married), and for your parents if you are a dependent student (IRS 1040, 1040A, 1040EZ), 6. Foreign tax return and/or Tax return for Puerto Rico, Guam, American Samoa, the U.S. Virgin Islands, the Marshall Islands, the Federated States of Micronesia, or Palau, 7. Records of your untaxed income, such as child support received, interest income, and veterans noneducation benefits, for you, 8. As in 7, for your parents, if you are a dependent student, 9. Information on cash; savings and checking account balances; investments, including stocks and bonds and real estate but not including the home in which you live; and business and farm assets for you, and 10. As in 9 for your parents, if you are a dependent student. https://studentaid.ed.gov/sa/fafsa/filling-out
Unlike several attempts at this kind of “college scorecard,” the proposed legislation would include students who do not have federal loans, estimated to be about 40% of postsecondary students and include private postsecondary programs.
I am certain that Bill Gates is jumping for joy because the proposed legislation allows for the creation of a “student unit record system” with personal identifiers (e.g., student social security numbers) linked to postsecondary education data now collected by the National Center for Education Statistics and by the Integrated Postsecondary Education Data System (IPEDS). Gates has pour big money to getting student data from multiple sources into one national system to determine the (economic) worth of a degree.
At least part of the impetus for the bill has been the rising debt load of students who pursue higher education. But this bill it is also shaped by a belief that the monetary worth of an educational program is the only good reason to invest in it. The College Transparency Act of 2017, is offered by Senators Orrin Hatch (R-UT), Elizabeth Warren (D-MA), Bill Cassidy (R- LA), and Sheldon Whitehouse (D-RI). The House version is from Paul Mitchell (R-MI) and Jared Polis (D-CO).
A predictable consequence of the bill, and perhaps intended, is to discourage students from choosing majors that do not have a high monetary return on investment. Multiple websites will tell you that you can expect low monetary returns on postsecondary studies in the arts, humanities, and occupations devoted to the public welfare and social services….Including most work in education.
Gates is behind a multi-state longitudinal study of students’ personal information such as behavior incidents, health details, country of birth, etc. It’s supposed to comprise all student data through college. The template is finished, but I’m not sure how close it is to launch. You can look it up on this site:
http://www.ode.state.or.us/search/page/?=1755
If this bothers you, then contact your legislators, school boards and PTO’s. One of our legislators is concerned colleges or employers could regard these records as reason to brush off applicants, leading to a downward spiral of unemployment and crime. Or ICE could use it to deport students and families.
With this new administration it’s an especially bad time to collect such sensitive information.