Privacy & Security

InBloom Sputters Amid Concerns About Privacy of Student Data

By Ben Kamisar — January 07, 2014 8 min read
  • Save to favorites
  • Print

The education nonprofit inBloom burst onto the scene last February, touting a program to synthesize student data to help target the needs of individual children and revolutionize personalized learning. Backed by $100 million in grants from the Bill & Melinda Gates Foundation and the Carnegie Corporation of New York, the company formed partnerships with nine states that together have more than 11 million students.

But instead of leading a nationwide movement to improve the use of student data, inBloom has sputtered. Six states initially listed as partners with inBloom dissolved their relationships with the company, leaving only Illinois, Massachusetts, and New York—and those ties are now uncertain. The state school board in Illinois recently announced that districts’ use of inBloom was optional, plans to move forward in Massachusetts are unclear, and a lawsuit threatens inBloom’s plans in New York.

Concerns about the security of student data housed online and the involvement of third-party vendors in storing the data have triggered most of the defections—even as the company and some observers say any risks are overstated.

“The conversation [around inBloom] has gotten very polarized and divorced from facts,” said Douglas A. Levin, the executive director of the State Educational Technology Directors Association. “InBloom, in some respects, has become a lightning rod for these issues, but they didn’t create the issues, and these issues aren’t going to go away, even if inBloom goes away.”

To Partner or Not

InBloom provides school districts and states with a service that allows them to store data in an encrypted, cloud-based system. Educators can access that centralized system to pull together data that is usually stored in many different locations, often by third-party vendors. Though current clients are using its service for free, the company is phasing in a charge of $2 to $5 per student by 2015.

Organizers of inBloom, which is based in Atlanta, say their aim is to ease the burden on districts and teachers that devote significant resources to integrating and managing data across various educational applications. The company set out to offer a hub for states, districts, and schools to more easily manage the student data they choose to collect, and to help educators use such data to provide more personalized instruction, according to inBloom officials.

(The venture’s main philanthropic supporters, the Gates Foundation and the Carnegie Corporation, have also helped underwrite Education Week‘s coverage of the K-12 marketplace and innovation in education.)

Privacy issues are not the only reason inBloom has gotten the brush-off.

For the Chicago school system, one of inBloom’s largest potential district clients, the decision to opt out of a partnership was strictly practical: The 404,000-student district had enough resources to manage student data on its own.

“For us, this isn’t about inBloom or any third party per se,” said Becky Carroll, the chief communications officer for the Chicago schools. “We have the means and resources to implement the program on our own, and therefore felt that there was no need for third-party involvement.”

But parental concerns about the privacy of student data did prompt the 86,000-student Jefferson County, Colo., district to drop a pilot project with inBloom in November.

Superintendent Cynthia M. Stevenson said that a number of parents felt anxious about the prospect of storing data outside the district. While the critics weren’t the majority, she said, the board of education decided to end its partnership with the company.

Organized Opposition

Criticism of inBloom brings together a group of allies across the ideological spectrum. Conservatives and libertarians who worry about students’ privacy rights have joined with liberals who share such concerns but who are also deeply skeptical of a private company playing a primary role in collecting data on public school students.

Partnership Problems

Six of the nine states that inBloom originally listed as partners have completely cut ties with the student data management company.

  • Colorado: The state began a pilot program with inBloom in Jefferson County. But the district’s school board voted to cut ties with the company in early November.
  • Delaware, Georgia, and Kentucky: Despite being listed as original partners with inBloom, the three states only participated as observers and had never made any concrete plans with the company.
  • Illinois: After the state board of education decided that a partnership with inBloom would be optional, Chicago Public Schools decided to opt out. Without the largest district in the state participating, other districts must decide whether to stay with inBloom or follow suit.
  • Louisiana: State Superintendent John White removed student data from inBloom in May and said that the department would continue internal discussions about data-storing best practices.
  • Massachusetts: The state is considering whether it will move forward with inBloom now that the pilot program at the 6,700-student Everett Public Schools is complete, according to JC Considine, a spokesman for the state education department.
  • New York: The Empire State is currently the only state with full involvement with inBloom. However, two lawsuits are pending that would halt the state’s partnership, and state Assembly Speaker Sheldon Silver and the chairwoman of the chamber’s education committee, Catherine Nolan, are among almost 50 Assembly members who backed a letter asking the state education department to put the plans on hold.
  • North Carolina: While an inBloom pilot program was selected for the 74,000-student Guilford County schools, district officials have since dropped out.

Source: Education Week

In New York state, the fight against inBloom has an organized face: Class Size Matters. The education advocacy organization has become the rallying point for everything anti-inBloom. The group helped brief lawyers who filed legal action against the state education department, hoping to dissolve the state’s agreement with inBloom, and its website is filled with criticism of the online data program.

“InBloom is only the tip of the iceberg,” Leonie Haimson, the executive director of Class Size Matters, said. “It may be the most egregious example, but it is not the only example of companies that have their eyes on personal student data and are going to be data-mining.”

Storing private student data on the Internet, or in the hands of third-party companies that participate in the data-sharing process without specific parental consent to allow access to personal data, is a serious concern for Ms. Haimson. She contends that districts and state boards of education should not be the ones to decide whether to share sensitive personal data with anyone, especially considering Internet-privacy concerns.

Ms. Haimson also fears that by aggregating a slew of student data, inBloom could become an attractive target for hackers. If the information falls into the wrong hands, hackers could release disciplinary records, disability information, or other pieces of data that could “severely damage a child’s future forever,” she warned. And even if that information remains secure, she said, she questions assurances by inBloom that the data will not be shared with other companies, outside of those authorized by schools.

“You don’t build a $100 million company, which is what the Gates [and Carnegie foundations] put into it, not to share the data, just to collect it,” she said.

InBloom spokesman Adam Gaber countered in an email that the company believes that technology can play an important part in education, and that the privacy and security of student data is a “top priority” for the company. He added that the company’s contract, as well as existing laws in certain states or districts, hold inBloom liable for privacy breaches.

“If a security breach were to result from inBloom’s failure to comply with these requirements, inBloom would be liable to the state or school district in accordance with the terms of its contract,” he said in the email.

District Decisions

Sharren Bates, the chief product officer for inBloom, said in an interview that the company provides a safe way for schools to take ownership of the student data they choose to collect and to maximize the effectiveness of that data. By standardizing their data collection, she said, schools can cut down on individual program-integration costs and free up time for educators to use those tools to teach instead of worrying about uploading data.

She said safeguards ensure that the company does not have independent access to student data or the ability to grant others permission to see or use that information. InBloom gives the customer—a state, a district, or a school—the ability to access the encrypted data and allows only the customer to approve additional users.

“The school districts make all of the decisions about what users go in, what users have access, and what applications have access; inBloom makes none of those decisions and has none of that access,” Ms. Bates said. “We don’t use the data, we don’t do analysis on the data; [we] can’t even access the data unless we are directed to look at specific data by a customer while providing technical support.”

But Ms. Haimson said that, in practice, the policy doesn’t amount to the freedom districts expect. InBloom turned down a request from the Pearl River, N.Y., superintendent to delete data for that district’s 2,700 students. Because the company entered into an agreement with New York state, inBloom contends that such decisions are reserved for the state to make.

Many critiques of the company amount to a fundamental disagreement over the importance of data-driven education. While to some educators and advocates, inBloom’s approach could help fulfill the promise of personalized learning, to Ms. Haimson and others, there could be significant consequences in providing teachers with a data overload.

“It’s a self-fulfilling prophecy,” Ms. Haimson said. “The teachers that know which kids have had discipline problems or academic problems treat those kids a different way, and it really can affect your child’s future in a lot of negative ways.”

For Ms. Stevenson, the criticism brings up good points about the security and privacy of student data. But since the issue has become wrapped up in a national movement against inBloom, the Jefferson County superintendent said, some worries have evolved into a “mythology” that distorted her district’s true plans.

“Of course, we wouldn’t sell children’s data,” she said. “A, it’s illegal, and B, unethical.”

“Everything got connected that wasn’t connected,” she said of the opposition in her community. “And here we have these pure motives, that we want to give teachers good information and do a better job with kids, and it became something completely different than that.”

Future Adjustments

As states and districts have broken off from inBloom, questions have remained about their commitment to developing personalized learning programs, as most such plans rely on robust digital platforms. If districts are unwilling to use third-party companies like inBloom and unable to develop their own in-house alternatives, it is still to be seen how districts will manage digitized student data for dashboard-type programs, which aggregates student data for teachers to use to customize learning.

While the Jefferson County school board voted to dump inBloom, it specifically instructed the Colorado district to continue implementing its classroom data dashboards. Forced to shift gears, Ms. Stevenson estimates it will take at least six months to develop a new plan.

“The issue is, now we have to either build or do [a request for proposals] for ‘middleware'—"data-management tools similar to what inBloom provides—"because you need storage of data, and you need learning analytics that integrate the data and connect it to standards and grade-level expectations,” Ms. Stevenson said. “When you are going to do the work from scratch, it’s a whole different world.”

Looking ahead, Mr. Levin of the state technology directors’ group said: “I think, in many respects, the vision that was being sold by inBloom is one that might come true down the road if lots of other things happen. Some people were attracted by it, and some people were scared by it and confused.”

A version of this article appeared in the January 08, 2014 edition of Education Week as InBloom Sputters as Data Privacy Hits the Spotlight

Events

Jobs Virtual Career Fair for Teachers and K-12 Staff
Find teaching jobs and other jobs in K-12 education at the EdWeek Top School Jobs virtual career fair.
Ed-Tech Policy Webinar Artificial Intelligence in Practice: Building a Roadmap for AI Use in Schools
AI in education: game-changer or classroom chaos? Join our webinar & learn how to navigate this evolving tech responsibly.
Education Webinar Developing and Executing Impactful Research Campaigns to Fuel Your Ed Marketing Strategy 
Develop impactful research campaigns to fuel your marketing. Join the EdWeek Research Center for a webinar with actionable take-aways for companies who sell to K-12 districts.

EdWeek Top School Jobs

Teacher Jobs
Search over ten thousand teaching jobs nationwide — elementary, middle, high school and more.
View Jobs
Principal Jobs
Find hundreds of jobs for principals, assistant principals, and other school leadership roles.
View Jobs
Administrator Jobs
Over a thousand district-level jobs: superintendents, directors, more.
View Jobs
Support Staff Jobs
Search thousands of jobs, from paraprofessionals to counselors and more.
View Jobs

Read Next

Privacy & Security Q&A Why One Tech Leader Prioritizes Explaining Student Data Privacy to Teachers
Jun Kim, the director of technology for an Oklahoma school district, helped build a statewide database of vetted learning platforms.
3 min read
Jun Kim, Director of Technology for Moore Public Schools, poses for a portrait outside the Center for Technology on Dec. 13, 2023 in Moore, Okla.
Jun Kim, is the director of technology for the Moore school district in Moore, Okla., He has made securing student data a priority for the district and the state.
Brett Deering for Education Week
Privacy & Security A Massive Data Leak Exposed School Lockdown Plans. What Districts Need to Know
More than 4 million records held by school safety software company Raptor Technologies were left inadvertently exposed online.
5 min read
Concept image of security breach, system hacked alert with red broken padlock icon showing vulnerable access.
Nicolas Herrbach/iStock/Getty
Privacy & Security As Cyberattacks Mount, Lawmakers Double Their Efforts to Protect Schools
But the legislative push is not matched by funds to build better cyber defenses.
2 min read
Conceptual illustration of computer with a pixelated lock on screen.
Nanzeeba Ibnat/iStock/Getty Images Plus
Privacy & Security 3 Superintendents Share Cybersecurity Best Practices
Cyberattacks cause major disruptions to learning, but school districts are still struggling to put in place effective protections.
3 min read
Image of a red glowing caution sign over a dark field of data.
Getty