Privacy & Security

Updated Privacy Toolkit Offers Guidance on Federal Laws, Vendor Contracts

By Sarah Schwartz — June 08, 2017 2 min read
  • Save to favorites
  • Print

What student privacy protections are covered in federal law? How should districts decide what to prioritize in vendor contracts? And what exactly counts as “metadata?”

An updated version of the Consortium for School Networking‘s privacy toolkit, released last week, addresses these questions that educators and district leaders grapple with every year.

The revised toolkit delves into further detail on national privacy laws and provides guidance on the use of metadata and data de-identification. It also supplies suggested language for contracts with vendors and tips on reading privacy policies—including information about clickwrap agreements, online software contracts that require a user to agree to a blanket list of terms and conditions.

School leaders can use the toolkit to identify when and how to apply which privacy laws, and figure out how they operate together, said Linnette Attai, the president of PlayWell, LLC and the project director for CoSN privacy and trusted learning environment programs. The regulations in federal laws—including the Family Rights and Privacy Act (FERPA), the Children’s Online Privacy Protection Act (COPPA), and the Protection of Pupil Rights Amendment (PPRA)—are often vague and confusing, she said.

“The laws don’t really line up well together. They were all written for very different reasons, at very different times,” said Attai. “It’s a big project for school systems: working with vendors and understanding all the diligence that’s required, the nuances of contracting.”

In conversations with the organization’s members and with school leaders at CoSN conferences, “these are areas where I get questions most often,” said Attai.

The toolkit is meant to provide “foundational information” to districts, especially those who don’t necessarily have dedicated personnel for these issues, she said. While some districts have experienced chief privacy officers and legal counsel well-versed in federal privacy law, others, said Attai, may not have the resources to hire staff with the same expertise. Resources like the toolkit can “help to fill in some of those knowledge gaps,” she said.

Looking ahead, Attai expects state privacy laws to play a growing role in data privacy conversations. CoSN plans to review the toolkit at least annually, and may address the bevy of state laws passed in the last few years in an upcoming version, she said.

Though many state privacy laws share commonalities, said Attai, there’s little guidance available for school districts. And it’s largely unclear how the laws will be enforced and interpreted by the courts, she said.

Parent engagement around data and technology in the classroom is also an expanding area of concern for districts, said Attai. The toolkit includes a list of strategies for communicating with parents about data collection.

“It’s critical that schools be transparent about what they’re doing and break it down for parents in ways that are easy to understand and digest,” said Attai. She said schools and districts need to better explain to families the uses and benefits of data collection.

See more:

Related Tags:

A version of this news article first appeared in the Digital Education blog.