From guest blogger Dakarai I. Aarons:
A new study released today raises concerns that states are collecting more information than needed in a quest to build education-data warehouses and are not doing enough to protect students’ personal information, including Social Security and health data.
The study’s author told The Washington Post that he’s concerned about the future implications for students.
Ten, 15 years later, these kids are adults, and information from their elementary, middle, and high school years will easily be exposed by hackers and others who put it to misuse," said Fordham University law professor Joel R. Reidenberg, who oversaw the study. States, he said, "are trampling the privacy interests of those students."
Some states, the Fordham University Center on Law and Information Policy‘s study found, are regularly passing information from local to state agencies without following federal privacy laws. Others are outsourcing the data-warehouse development without any explicit privacy restrictions put on the vendors.
Most states began building data warehouses as a way to keep track of the disaggregated student-achievement data they are required to report annually under the federal No Child Left Behind Act, which was enacted in 2002. In the intervening years, states have begun to look at more uses for the data, including measuring college-readiness outcomes. The economic-stimulus law provides $250 million in competitive grant funding to help states build better data systems.
State education departments in states such as Tennessee plan to collaborate with other state agencies to develop better understandings of populations of young people who end up in the juvenile justice system or need some sort of social-service assistance.
Florida, as I wrote in our Diplomas Count 2009 report, is seen as a leader among states in data use. Like other states, it has moved from using Social Security numbers as a primary identifier.
According to Jeff Sellers, Florida’s deputy education commissioner for accountability, research, and measurement, 17 “identifiers” are used to confirm a student’s identity before he or she is assigned a random, alphanumeric identification for use in the data warehouse. This allows state officials to use the data to run analyses of student performance without running afoul of student-privacy laws.
“It gives us a lot more flexibility as we do our analysis,” Sellers told me this spring. “We can look at programs and policies and impacts on education while we have another layer of protection as far as confidentiality goes.”
The study recommends that states hire a chief privacy officer to manage privacy issues and collect data only that is being used for a clearly articulated purpose.
A version of this news article first appeared in the Inside School Research blog.