Federal

Ed. Dept. Makes Protecting Student Data a High Priority

By Benjamin Herold — March 04, 2014 6 min read
  • Save to favorites
  • Print

Seeking to help schools protect students’ privacy without inhibiting the use of digital technologies in the classroom, the U.S. Department of Education released new guidance last week on the proper use, storage, and security of the massive amounts of data being generated by new, online educational resources.

“This can’t be a choice between privacy and progress,” Secretary of Education Arne Duncan told a gathering of privacy advocates and ed-tech leaders who gathered for a “summit” on the hot-button issue.

The guidance comes amid a flurry of activity around student-data privacy. Also in recent weeks, a leading technology trade group issued its own recommendations for protecting such data; major state legislation was proposed in California; U.S. Sen. Edward J. Markey, D-Mass., announced that he will soon introduce a federal bill; and the San Francisco-based nonprofit Common Sense Media hosted the high-profile “School Privacy Zone” summit here.

James P. Steyer, the CEO of Common Sense Media, said the confluence of efforts is a good sign.

A Flurry of Recommendations

February was a busy month for a wide cross-section of groups interested in student-data privacy:

Federal Government
The U.S. Department of Education released new guidance to help schools and districts interpret major student-privacy laws and implement best practices. Sen. Edward J. Markey, D-Mass., announced that he will soon introduce new legislation on the issue.

State Government
California state Sen. Darrell Steinberg, a Democrat, sponsored a new bill that, among other goals, would prohibit providers of online educational services from using or disclosing student data for commercial purposes, such as marketing. Bills in Kansas and a number of other states are also under consideration.

Ed-Tech Industry
The Software & Information Industry Association released “best practices for the safeguarding of student-information privacy and security for providers of school services.” The recommendations focus on limiting the use of personally identifiable student information to “educational and related purposes” and improving policies related to transparency, contracting, security, and data-breach notification.

Privacy Advocates
The nonprofit Common Sense Media hosted a “School Privacy Zone” summit in Washington attended by dozens of advocates, ed-tech leaders, and government officials, including U.S. Secretary of Education Arne Duncan. The group recently conducted polling research on U.S. voters’ attitudes about student-data privacy and is promoting a set of “fundamental principles” related to the issue.

“I’ve never felt that industry self-regulations were sufficient to protect the interests of kids and families,” said Mr. Steyer, whose organization is known for evaluating media and educational technology intended for use by children. “We want the best [private] actors to step forward, but we also need legislation and regulation and advocacy. It’s the combination that works.”

For its part, the federal government will seek “vigorous self-policing by commercial players” handling sensitive data about children, Secretary Duncan said, but it is “not going to wait for industry or rely on promises” to protect that information. The federal guidance is nonbinding and contains no new regulations; instead, it offers interpretations of existing laws and encourages “best practices” by schools and districts.

The 14-page document highlights the challenges of securing students’ data in the rapidly evolving digital education landscape. The Education Department’s short answer—"it depends"—to two frequently asked questions by school officials about how federal statutes apply to the sharing of sensitive student information with third-party vendors left some privacy advocates unsatisfied.

“The guidance really underscores the fact that student-privacy rights are under attack,” said Khaliah Barnes, a lawyer for the nonprofit Electronic Privacy Information Center, based in Washington.

Representatives from the software industry, meanwhile, commended the department’s guidance.

Crafting Protective Measures

In his keynote address at the summit, Mr. Duncan touted the “extraordinary learning opportunities” associated with new digital learning tools and the vast amounts of information they generate. He cited examples of schools’ use of technology and data to personalize student learning, free up teachers’ time for high-value instructional activities, and engage parents.

But the secretary also stressed that “school systems owe families the highest standard of security and privacy,” and he sharply criticized some common industry practices, including “take-it-or-leave-it” contracts with districts that allow companies to unilaterally and without notice change their privacy-protection practices.

“It is in your best interest to police yourselves before others do,” Mr. Duncan said in a direct message to ed-tech vendors.

Many policymakers, advocates, and even industry officials say a baseline standard should be that third-party vendors use student information only for educational purposes.

The new federal guidance, however, makes clear that defining “educational purposes” in the digital age is a complicated endeavor, and that student-privacy statutes now on the books are straining to meet the challenges presented by “big data” and ubiquitous digital learning tools.

Take, for example, the “metadata” collected on students via digital devices and online learning programs, which can include keystroke information, the time and place at which a device is being used, and more.

Under some circumstances, such metadata are not protected under the Family Educational Rights and Privacy Act, or FERPA, a 40-year-old law intended to protect children’s educational records from disclosure. According to the new guidelines, it may thus sometimes be permissible for vendors to use such information for data-mining and other noneducational purposes.

The circumstances under which students’ personally identifiable information may be used by third-party vendors can also be murky. As a result, the Education Department suggests that “schools and districts will typically need to evaluate the use of online educational services on a case-by-case basis to determine if FERPA-protected information is implicated.”

Some privacy advocates, though, criticize the department as having weakened FERPA by regulatory changes made in recent years.

“In the process of encouraging a market in data-mining software and the outsourcing of education into private hands, [the department] seems willing to sacrifice our children’s privacy,” said Leonie Haimson, the executive director of the New York City-based nonprofit Class Size Matters and a frequent critic of industry involvement in student data-sharing initiatives.

Outlining Best Practices

Dozens of bills addressing data privacy have been proposed in a number of states in recent months, and at the federal level, Sen. Markey said last week that he would seek “new, updated rules” to protect sensitive student information that is transferred to private companies.

The focus of the planned federal legislation, Mr. Markey said in a statement, would be prohibiting the use of such data for targeted marketing to children, ensuring parents’ rights to access information about their children that is held by private companies, and creating other new safeguards.

Hoping to get out ahead of the rising regulatory tide, the Software & Information Industry Association, a trade group based in Washington, released its own recommendations.

“We’re concerned about [the possibility] of legislation that might capture very appropriate uses of student information,” said Mark Schneiderman, the group’s senior director of education policy. “Our intention is to create a ‘trust framework,’ and at the same time make sure we’re not cutting off our nose to spite our face.”

While the SIIA focused on best practices for industry, the Education Department focused in its new guidance on supporting smarter, more effective practices by schools and districts.

Among the federal recommendations for school systems are conducting an inventory of all online educational services now in use; developing policies to evaluate and approve proposed online educational services, including no-cost software and apps that require only click-through consent; and pursuing written contracts with all new data vendors.

But while such approaches are welcome, they might not be enough to keep up with rising parental concerns about the privacy and security of their children’s data, said Joel R. Reidenberg, a Fordham University law professor who recently published a scathing review of districts’ current contracts with cloud-computing service providers.

“I don’t think it’s a reasonable expectation that districts are in a position to police vendors and really take control of their data,” Mr. Reidenberg said. “But it’s great that [the department] finally got something out.”

Related Tags:

A version of this article appeared in the March 05, 2014 edition of Education Week as U.S. Outlines Data-Privacy Guidelines

Events

This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Sponsor
Assessment Webinar
Rethinking STEM Assessment: Strategies for Administrators
School and district leaders will explore strategies to enhance STEM assessment practices across their district, within schools and classrooms.
Content provided by Project Lead The Way
Federal Webinar Keeping Up with the Trump Administration's Latest K-12 Moves: Subscriber-Exclusive Quick Hit
EdWeek subscribers, join this 30-minute webinar to find out what the latest federal policy changes mean for K-12 education.
Artificial Intelligence Live Online Discussion A Seat at the Table: Math & Technology: Finding the Recipe for Student Success
How should we balance AI & math instruction? Join our discussion on preparing future-ready students.

EdWeek Top School Jobs

Teacher Jobs
Search over ten thousand teaching jobs nationwide — elementary, middle, high school and more.
View Jobs
Principal Jobs
Find hundreds of jobs for principals, assistant principals, and other school leadership roles.
View Jobs
Administrator Jobs
Over a thousand district-level jobs: superintendents, directors, more.
View Jobs
Support Staff Jobs
Search thousands of jobs, from paraprofessionals to counselors and more.
View Jobs

Read Next

Federal Trump Admin. Was Moving Ed. Dept. Programs Elsewhere Before a Court Intervened
The department had penned agreements with the U.S. departments of Labor and the Treasury to move programs, but was halted by court order.
8 min read
A Morehouse College student lines up before the school commencement, May 19, 2024, in Atlanta. The Education Department announced on July 18, 2024, that it is cancelling an additional $1.2 billion in student loans for borrowers who work in public service.
A Morehouse College student lines up before the school commencement on May 19, 2024, in Atlanta. The U.S. Department of Education had started to work with the U.S. Department of the Treasury on transferring its student loan portfolio, a new court filing shows.
Seth Wenig/AP
Federal Trump Admin. Adds Project 2025 Author to Education Department Staff
The appointment comes as Trump has already begun to embrace plans outlined in the controversial 900-page conservative policy agenda.
4 min read
A copy of Project 2025 is held during the Democratic National Convention, Aug. 21, 2024, in Chicago.
A copy of Project 2025 is held during the Democratic National Convention, Aug. 21, 2024, in Chicago. The Trump administration has added the author of the conservative policy document's chapter on education to the U.S. Department of Education's staff.
J. Scott Applewhite/AP
Federal Trump Admin. Pauses Ed. Dept. Layoffs After Judge's Order
The U.S. Department of Education is slowly complying with a federal court order to reinstate staff.
3 min read
Phil Rosenfelt, center, an attorney with the Office of the General Counsel at the Department of Education, is greeted by supporters after retrieving personal belongings from the Education Department building in Washington on March 24, 2025.
Phil Rosenfelt, center, an attorney with the office of general counsel at the U.S. Department of Education, is greeted by supporters after retrieving personal belongings from the Education Department building in Washington on March 24, 2025, the last day of work for hundreds of agency employees. The Trump administration has had to bump back the day it planned to stop paying laid-off staff.
Jose Luis Magana/AP
Federal Tutoring, After-School, and Other Student Services at Risk as Trump Cuts AmeriCorps
Deep cuts to programs across the federal government have left students without programming they'd come to count on.
8 min read
Members of the City Year program work at Isaac Newton Middle School for Math and Science in East Harlem during the MLK Day of Service on Jan. 20, 2025, in New York City.
Members of the City Year program work at Isaac Newton Middle School for Math and Science in East Harlem during the MLK Day of Service on Jan. 20, 2025, in New York City. City Year places AmeriCorps volunteers in underserved schools, but cuts to the federal service agency have led City Year to scale back some of its AmeriCorps volunteer-powered programs.
Courtesy of City Year New York