School Climate & Safety

Ed. Industry Groups Outline Steps to Protect Privacy of Student Data

By Michele Molnar — April 14, 2014 5 min read
  • Save to favorites
  • Print

The education industry and K-12 schools are struggling to plot their way out of what has quickly become an emotionally charged and polarized atmosphere around issues of student-data privacy.

Several groups are working to establish more clarity and guidance with new policies and practices, digital badges and privacy ratings, checklists, decisionmaking flow charts, and self-assessments—all designed to better align schools and companies on what is allowed and what is not in the use of student information.

Guidance is coming from Washington-based trade groups, such as the Software & Information Industry Association or SIIA, and organizations representing school professionals, like the Consortium for School Networking or CoSN, an association for district technology leaders; from nonprofit advocacy groups, such as the Internet Keep Safe Coalition (iKeepSafe), an alliance of organizations that makes recommendations about how young people can safely use digital devices and technology platforms; and from school districts themselves, notably the 210,000-student Houston district.

Their goal is to create frameworks to review the terms of agreement and privacy policies that govern software companies’ and app developers’ interaction with schools, to see where there might be vulnerabilities around private student data, and to provide transparency so that school leaders and parents can easily understand what kind of access companies are gaining to students’ personal information, and how that access could be used.

“Cloud computing has come up so fast in the past few years, and people have not been thinking about the data that’s out there,” said Keith A. Bockwoldt, the director of technology services for the Township High School District 214 in Arlington Heights, Ill.

For his 12,000-student district, Mr. Bockwoldt recently started a spreadsheet that lists 32 of the hosted technology applications it uses, with online subscription services to be added soon. The spreadsheet details information like the vendors’ privacy and security policies; and compliance with appropriate laws.

It’s a long and growing list of online services to assess, but Mr. Bockwoldt hopes to be able to share the information with parents on the district website this summer.

Houston’s Rating Matrix

The Houston Independent School District has launched just such a microsite with a rubric called “Software Ratings for Parents,” explaining what types of information are collected online about students in the district.

Lenny Schad, the district’s chief technology officer, said he is “formalizing a working group of school systems that will be reviewers of the rubric,” with a plan for the initiative to eventually become a national repository to which other districts could contribute.

Houston’s ratings system includes whether and how personally identifiable information is shared; whether email is required, or if cookies—encoded messages that web servers pass to a web browser when someone visits Internet sites—collect personal information; whether third-party ads are part of the package; and whether anonymous posting is permitted.

Brad Jefferson

“I think we’re going to end up with a solid product vendors can embrace,” as a way of ensuring that schools’ data-privacy requirements are addressed, Mr. Schad said. “Because if they don’t [embrace those requirements], we will not do business with them.”

Companies Respond

Education Week got in touch with some of the companies listed on the rubric, including EasyBib, which was ranked “medium,” and Animoto, which was rated “low” in the levels of privacy protection they provide.

A representative of Imagine Easy Solutions LLC, the New York City-based parent company of bibliography generator EasyBib, responded with a prepared statement: “We do our best to be user driven for our customers’ needs, and plan to continue to build upon the privacy and security of our applications. What Houston ISD is doing will set the standards high for all businesses.”

Brad Jefferson, the CEO and co-founder of Animoto, a New York City-based company that turns slides and photos into video and works with schools, disputed some aspects of his company’s low rating.

“Any decent website is going to collect cookies and IP [Internet Protocol] addresses to make the user experience better. No company’s going to share that information, unless you’re really devious,” he said in an interview.

Another sore point for Mr. Jefferson was the Houston district’s statement that “all uploaded content can be used at the discretion of the company.”

Mr. Jefferson countered: “We don’t have the right to use individual content at all. We have to have your permission to render videos. It’s actually diametrically opposed to what [the district] said.”

“What this has prompted for me is that we should make it a bigger deal on our education pages exactly what we do, and what our practices are,” said Mr. Jefferson, whose company has 10 million registered users, including 2 million in K-12 education.

Educational technology companies are being called on to do exactly what Mr. Jefferson is considering: to be more transparent by clearly explaining their companies’ often-complex privacy and security practices. It’s one of the actions that the SIIA recommends as a “best practice” in the list of five it released in February.

Transparency is among the requirements for app developers to receive a “Know What’s Inside” digital badge from the Association for Competitive Technology, which represents app developers, and Moms With Apps, a community of parent app developers creating educational apps they would approve for their own children, which created the badge.

The SIIA best practices, broadly written to make recommendations for industry self-regulation, list these areas of guidance: defining the educational purpose in collecting students’ personally identifiable information, or PII, from schools; transparency in what kinds of PII is collected and why; an agreement that PII be collected and used only as authorized by schools or required by law; an understanding that reasonably designed security policies and practices be used for what is collected; and for data-breach notification policies and procedures to be in place.

“Transparency speaks to all of these areas,” said Andrew L. Bloom, the chief privacy officer for McGraw-Hill Education, in New York City, who served as one of the reviewers during development of the SIIA’s best practices.

But that kind of transparency is scarce, said Jim F. Siegl, a technology architect for the 180,000-student Fairfax County, Va., schools.

He uses a car-buying analogy to explain what schools are up against: If, by law, he said, you could only buy new cars that get 50 miles to the gallon, but if gas mileage was not included on window stickers, how could you comply with the law?

“That’s pretty much the state we’re in right now. You really have to take apart the car to figure out if you’re in compliance,” Mr. Siegl said. “Not a lot of schools have the ability or the time to do that.”

Staff Writer Benjamin Herold contributed to this article.
A version of this article appeared in the April 16, 2014 edition of Education Week as In Data Area, Groups Push More Clarity

Events

Jobs Virtual Career Fair for Teachers and K-12 Staff
Find teaching jobs and other jobs in K-12 education at the EdWeek Top School Jobs virtual career fair.
English-Language Learners Webinar English Learners and the Science of Reading: What Works in the Classroom
ELs & emergent bilinguals deserve the best reading instruction! The Reading League & NCEL join forces on best practices. Learn more in our webinar with both organizations.
This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Sponsor
Teaching Webinar
Challenging the Stigma: Emotions and STEM
STEM isn't just equations and logic. Join this webinar and discover how emotions fuel innovation, creativity, & problem-solving in STEM!
Content provided by Project Lead The Way

EdWeek Top School Jobs

Teacher Jobs
Search over ten thousand teaching jobs nationwide — elementary, middle, high school and more.
View Jobs
Principal Jobs
Find hundreds of jobs for principals, assistant principals, and other school leadership roles.
View Jobs
Administrator Jobs
Over a thousand district-level jobs: superintendents, directors, more.
View Jobs
Support Staff Jobs
Search thousands of jobs, from paraprofessionals to counselors and more.
View Jobs

Read Next

School Climate & Safety School Dress Codes Often Target Girls. What Happens When Male Teachers Have to Enforce Them?
Male teachers say the task can put them in a risky and uncomfortable position.
11 min read
Image of articles of clothing on a coat hook outside a school entrance.
Laura Baker/Education Week via Canva
School Climate & Safety Are School Buses Safe? An Expert Explains
A perennial concern is getting new attention.
4 min read
Photo of rescue workers and turned over school bus.
Brandy Taylor / iStock / Getty Images Plus
School Climate & Safety Jury Finds Michigan School Shooter’s Mother Guilty of Manslaughter
Jennifer Crumbley was accused of failing to secure a gun and ammunition at home and failing to get help for her son's mental health.
2 min read
Jennifer Crumbley arrives in court on Feb. 5, 2024 in Pontiac, Mich.
Jennifer Crumbley arrives in court on Feb. 5, 2024 in Pontiac, Mich.
Carlos Osorio/AP
School Climate & Safety A School Removed Bathroom Mirrors to Keep Students From Making TikToks. Will It Work?
The desperate strategy for keeping students in class illuminates the challenge schools face in competing with social media.
5 min read
Empty blue school bathroom showing the bathroom sinks without mirrors.
iStock/Getty