Student Data Privacy in 2014: Revelations, Legislation, Controversy

By Benjamin Herold — December 26, 2014 4 min read
  • Save to favorites
  • Print

From stunning revelations (Google data-mining student emails) to sudden collapses (inBloom), with a flood of new state legislation and all manner of troublesome, wacky, and hopeful news in between, student-data-privacy issues dominated the ed-tech headlines in 2014.

Here are 10 of the year’s biggest Education Week stories on this hottest-of-hot button topics.

1. Google Under Fire for Data-Mining Student Email Messages This was the biggie. Mountain View, Calif-based Google acknowledged to Education Week in March that it had been “scanning and indexing” (i.e., data-mining) student email messages sent with its uber-popular Apps for Education tool suite, used by roughly 30 million students worldwide. The revelations emerged out of filings in a federal lawsuit in which a group of plaintiffs accused Google of crossing a “creepy line” by building “surreptitious” user profiles of Apps for Education users, among other things. The suit lost some steam when a judge denied the plaintiffs class certification, but big changes have still resulted: Google has amended its terms and stopped scanning student messages for advertising-related purposes, and related provisions have made their way into student-data-privacy-related legislation, including California’s new law (see below.) But questions remain about whether Google continues to scan and index student emails for commercial purposes that are not directly related to advertising.

See also: Google Halts Scanning of Student Email Messages

2. InBloom to Shut Down Amid Growing Data-Privacy Concerns It was supposed to be the big answer for districts struggling to find an easy, secure way to share student data with approved third-party vendors. But in April, less than three years after it was founded with $100 million in philanthropic support, Atlanta-based nonprofit inBloom announced that it would “wind down” operations. Strident opposition from parents and advocates had previously led to a number of big defections by states and districts. The final blow came when New York state enacted legislation that effectively pulled the plug on inBloom’s last remaining large partner.

See also: In Colorado, a ‘Surreal’ Experience With inBloom and Angry Parents

3. ‘Landmark’ Student-Data-Privacy Law Enacted in California Twenty-one states enacted new student data-privacy-related measures in 2014. None received more attention than California’s Student Online Personal Information Protection Act, the first state law in the country to explicitly put the burden of responsibility for protecting students’ sensitive data onto third-party vendors.

See also: Ed-Tech Industry Weighs Impact of New Student-Data-Privacy Laws

4. Millions of Student Records Sold in Bankruptcy Case The bankruptcy sale of large ed-tech vendor ConnectEDU Inc. highlighted just how challenging it will be to ensure the security and privacy of student information in the digital age. The 20 million student records amassed by the company were treated as a “trade secret” and “marketable asset” in the sale—despite the intervention of the Federal Trade Commission, which had sought to protect the records.

5. U.S. Education Department Issues Guidance on Student Data PrivacyThe U.S. Education Department hoped to help schools and districts make sense of the often-bewildering legal and technical landscape around student-data privacy. But the department’s guidelines, released in February, came to be associated with two frequently used words—"it depends"—that came to highlight just how murky the student-data-privacy picture remains.

See also: Federal Data-Privacy Guidelines Urge Better Communication With Parents

6. New Guide for District Tech Leaders on Front Lines of Student Privacy Battle The feds weren’t the only ones offering guidance on student-data-privacy this year. The Consortium for School Networking, the Software & Information Industry Association, and others also weighed in:

See also: Ed Industry Groups Outline Steps to Protect Privacy of Student Data

7. Ed. Data-Mining Research Effort Wins Federal Grant, Raises Privacy Questions Other people may have gotten cold feet, but not Carnegie Mellon professor Ken Koedinger, whose research team in October won a $4.8 million federal grant from the National Science Foundation to build “LearnSphere,” a data-sharing infrastructure for holding and analyzing massive amounts of anonymous student information.

8. Push for ‘Learner Profiles’ Stymied by BarriersFor many, the Holy Grail of “big” student data is the comprehensive learner profile, with wide-ranging, always-updating information on each individual student’s strengths, weaknesses and preferences across multiples grades, subjects and concepts. This October piece, which appeared in Education Week’sspecial report on personalized learning, examined the efforts of New York City-based ed-tech company Knewton to move the industry in this direction.

9. Senators Introduce New Federal Data Privacy Legislation While state lawmakers moved relatively aggressively on the issue of student-data privacy, things moved more slowly in Washington. In July, though, U.S. Senators Edward Markey, a Democrat from Massachusetts, and Orrin Hatch, a Republican from Utah, introduced new legislation that would update the 40-year old Family Educational Rights and Privacy Act, or FERPA. The bill has not yet received a vote.

10. Nevada Dad Told It Will Cost $10K to See School Data State Collects on His Children This incident highlighted complicated issues related to how parents can meaningfully access the reams of data now being collected on their children and the increasingly political opposition to student data use.

Photo: The Google sign at the company’s headquarters in Mountain View, Calif.--Marcio Jose Sanchez/AP-File

A version of this news article first appeared in the Digital Education blog.