What exactly are the changes underway to the U.S. Department of Education’s privacy office?
Here’s what K-12 educators and policymakers need to know.
According to a statement from department spokeswoman Elizabeth Hill, the new office will contain two divisions, each responsible for a crucial privacy-related function—technical assistance for schools, and enforcement of the Family Educational Rights and Privacy Act, or FERPA. (Currently, those functions are handled separately, by the Privacy Technical Assistance Center and the Family Policy Compliance Office, respectively.)
Here’s what Hill had to say about the the move:
The Department takes seriously its responsibilities to enforce FERPA, protect student privacy, and provide technical assistance on this important issue. All of the functions of the Office of the Chief Privacy Officer will continue, but with greater efficiency under a new proposed organizational structure.”
Hill did not respond to requests for clarification about the personnel and staffing implications of the moves.
Some in the K-12 and privacy fields greeted the moves warily.
Their big worry: That schools and districts with privacy-related questions and concerns might be expected to contact the same people responsible for investigating privacy violations.
Having one office and boss responsible for both functions is potentially problematic, especially if the same people serve in both divisions and/or there is no prohibition on information-sharing between the divisions, said Keith Krueger, the CEO of the Consortium for School Networking, a professional association for the nation’s school technology leaders.
“It’s about making people feel comfortable that if they call to ask a question, enforcement action isn’t going to be taken against them,” Krueger said.
Amelia Vance, the director of education privacy and policy counsel at the Future of Privacy Forum, a think tank, also emphasized the importance of the continued separation of the department’s technical assistance and FERPA enforcement roles.
“That division is essential to retaining trust with districts and states,” Vance wrote in an email. “They need to be able to ask frank questions about how to interpret FERPA without worrying about the ‘FERPA cops’ knocking on their door.”
Vance raised an additional concern, as well.
“I am concerned that the chief privacy officer will apparently not oversee one of the most important privacy functions of the department—enforcement of FERPA,” Vance said, referencing a Politico report, which indicated that the CPO position would be moved within the department, to the Office of the Chief Information Officer.
“Privacy is about far more than technology,” she said.
Per Hill, the department spokeswoman, the changes will be effective in “early 2019.”
A version of this news article first appeared in the Digital Education blog.