Opinion
Privacy & Security Opinion

How the Ed. Department Threw a Wrench in Student-Privacy Laws

FERPA is incoherent. Congress must take action
By Frank D. Lomonte — October 01, 2019 5 min read
BRIC ARCHIVE
  • Save to favorites
  • Print

Recruitment rivalry between school districts and the operators of charter schools is exposing a flaw in federal data-privacy law that calls for congressional repair.

Recently, a Tennessee appeals court ordered the Nashville school district to turn over student enrollment lists requested by two charter school proprietors, who plan to use the lists to market their alternative educational options to local families. The court rejected the Nashville school board’s claim—a position shared by the Memphis school district—that federal privacy law makes it optional for districts to produce or withhold student directories as they choose.

The squabble is the result of an ill-considered U.S. Department of Education regulation that managed to make an already befuddling privacy law—the Family Educational Rights and Privacy Act (or FERPA)—even more incoherent.

FERPA requires educational institutions to enforce a policy of keeping students’ education records confidential, but identifies categories of harmless “directory information” that can freely be released. Schools depend on the directory-information exemption to conduct routine business; without it, they couldn’t publish the honor roll or hand out programs at graduation.

FERPA regularly collides with state freedom-of-information laws, which entitle the public to all sorts of documents kept by public educational agencies. But the directory-information exception helps there, too. It enables journalists to find students to interview, and to verify newsworthy information, such as whether the guy picked up by the police on rape charges is president of his fraternity or has withdrawn from college.

The Education Department was warned—strenuously—that the rule was a mistake."

At least, until the Education Department threw a wrench into it.

In a textbook example of “if it ain’t broke, break it,” the department changed its interpretation of FERPA in 2011, giving school authorities a federal license to grant or deny access to directory information at their whim, depending on who’s asking. In other words, the same document that would be a public record readily provided to a requester who’s friendly to the school district could be withheld from the district’s critics.

This goes against a foundational tenet of every state’s freedom-of-information law: that it doesn’t matter who’s requesting the information or why. States unanimously honor this principle because they don’t want politicians opportunistically deciding who “deserves” to get information and who doesn’t.

The Education Department was warned—strenuously—that the rule was a mistake. Commenters responded to the proposed regulation by cautioning that discriminatory disclosure would inevitably be abused. Schools would punish journalists for unflattering coverage by cutting off access to information. Worse, districts could corruptly favor their preferred businesses by sharing families’ addresses with only the incumbent vendor of class rings or caps-and-gowns, shutting out competitors.

But, under then-U.S. Secretary of Education Arne Duncan, the agency disregarded the red flags and plowed ahead.

As predicted, school districts have tried to use their newfound “information rationing” authority to strategic advantage. Just as Tennessee school districts have withheld student directories from perceived competitors, so did districts in Ohio—until state courts halted the practice.

Setting the stage for the recent Tennessee case, the Ohio Supreme Court ordered the city of Springfield’s school district in July 2016 to make directory information available to school-choice advocates.

A nonprofit organization, School Choice Ohio, filed a public-records request seeking names and contact information for students in the Springfield district, hoping to send their families information about financial assistance for options to public school. The district only partially fulfilled the request, claiming that the information was not a public record and could not be released because of FERPA.

Relying on the 2011 rule change, Springfield city schools maintained a selective directory information policy enabling the superintendent to pick and choose who could receive records. But the Ohio court found that the federal rule couldn’t override state laws that make disclosure mandatory.

The Ohio court decided that, having told parents that Springfield’s directory-information policy allowed disclosure to “community organizations” and “school-related organizations,” the superintendent could not rely on the federal rule to single out only certain community organizations to receive information.

Then in February 2019, the Tennessee Court of Appeals followed suit. In a 3-0 ruling, the judges rejected the Nashville Board of Public Education’s contention that, because the Department of Education’s FERPA interpretation made disclosure optional, the state could not compel districts to disclose directory information.

In simple terms, the court explained, when the federal government says “you may choose to release information,” that means there’s no federal prohibition against release—which means the state disclosure law applies.

While there’s a growing legal consensus that the department overstepped its authority in adopting the 2011 discriminatory access rule, further conflict is inevitable as long as the rule remains on the books.

Over the decades of FERPA’s history, the department has insisted that it is uninterested in trying to harmonize the statute with state open-government laws, because it does not regard school transparency or accountability as a priority.

The Ohio and Tennessee rulings follow a pattern almost as old as the 45-year-old privacy law itself: The department adopts an unreasonably broad interpretation to serve the secrecy interests of educational institutions, and the courts must fix it.

It’s what happened, for instance, when the department tried to stretch FERPA to enable colleges to conceal crime reports maintained by campus police. It took years of unnecessary court battles before, grudgingly, the department agreed to correct the mistake. In recent years, courts have agreed that the department is wrong to categorize videos shot by school surveillance cameras as FERPA records. As schools fortify their police presence, the public needs access to video footage to keep schools safe and accountable.

Recently, the Education Department served notice that it plans to issue a rule in February 2020 updating its privacy-compliance regimen. FERPA is a disastrously broken statute that is in need of multiple repairs, but the easiest fix of all would be repealing the failed selective disclosure policy, to bring directory information back into harmony with the way courts (correctly) understand it.

If the U.S. Department of Education will not act, Congress must. The irrational discriminatory access rule should be overruled, and the public’s entitlement to the basic who-what-where information that makes schools function more efficiently should be fully restored.

Follow the Education Week Opinion section on Twitter.

Sign up to get the latest Education Week Opinion in your email inbox.
A version of this article appeared in the October 02, 2019 edition of Education Week as The Opportunistic Use of Student Data-Privacy Laws

Events

This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Sponsor
Classroom Technology Webinar
Transform Teaching and Learning with AI
Increase productivity and support innovative teaching with AI in the classroom.
Content provided by Promethean
Curriculum Webinar Computer Science Education Movement Gathers Momentum. How Should Schools React?
Discover how schools can expand opportunities for students to study computer science education.
School & District Management Webinar Fostering Student Well-Being with Programs That Work
Protecting student well-being has never been more important. Join this webinar to learn how to ensure your programs yield the best outcomes.

EdWeek Top School Jobs

Teacher Jobs
Search over ten thousand teaching jobs nationwide — elementary, middle, high school and more.
View Jobs
Principal Jobs
Find hundreds of jobs for principals, assistant principals, and other school leadership roles.
View Jobs
Administrator Jobs
Over a thousand district-level jobs: superintendents, directors, more.
View Jobs
Support Staff Jobs
Search thousands of jobs, from paraprofessionals to counselors and more.
View Jobs

Read Next

This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Sponsor
Privacy & Security Whitepaper
Protecting Students and Their Privacy: A 4-Step TACT-ical Approach
Data show that parents and educators agree the internet is a useful learning tool — but also raise safety and privacy concerns. For schools, navigating the complexities of student safety and privacy requires a balanced, nuanced approach.
Content provided by GoGuardian
Privacy & Security We Need More Money to Prevent Cyberattacks, School Districts Tell Feds
District leaders point to the massive cyberattack on the Los Angeles schools as reason to act now.
2 min read
Image of a security symbol on a laptop.
filo/DigitalVision Vectors
Privacy & Security Seesaw, Digital Platform Used by Schools, Compromised With ‘Inappropriate Image’
“You would think a platform with thousands of minors would have better security,” one parent tweeted.
Molly Guthrey, Pioneer Press
2 min read
Image of lock on binary code background.
DigitalVision Vectors/Getty
Privacy & Security Cybersecurity a Top Ed-Tech Priority for States, But Funding Lags
Only 8 percent in a survey of state ed-tech leaders said their state provides “ample” funding for cybersecurity.
3 min read
 abstract digital key with technology interface, cybersecurity, key, lock, cellphone, fingerprint, and cloud computing icons
As schools increasingly turn to technology, the risk of cyberattacks have also grown.
iStock/Getty Images Plus