Two U.S. Senators have introduced a bipartisan student-data-privacy bill, the latest in a string of proposed legislation intended to protect students’ sensitive information.
The SAFE KIDS Act would prohibit ed-tech companies and operators from selling student data, using that information to target advertising to students, or disclosing such information to unapproved third parties. Authority to enforce the law, including the ability to levy penalties on violators, would be vested with the Federal Trade Commission.
“The perils of privacy invasion and data abuse must be stopped at the classroom door with laws that match advancing technology,” said Sen. Richard Blumenthal (D-Conn.), who is co-sponsoring the bill along with Sen. Steve Daines (R- Mont.). “The SAFE KIDS Act will establish strong, vital protections for a child’s personal, private data—safeguarding students’ information and empowering parents to prevent abuse.”
Introduction of the bill follows a number of other high-profile federal efforts on student-data privacy, none of which have yet to come up for a vote:
- The Student Digital Privacy and Parental Rights Act of 2015 was introduced by U.S. Reps. Jared Polis (D-Colo.), and Luke Messer (R-Ind.), in April. The bill, which was developed with support from the White House, would require vendors to meet new requirements related to data security, breach notification, and contracts with third parties. It would also grant enforcement and regulatory authority with the FTC.
- Earlier in April, U.S. Reps John Kline (R-Minn.) and Bobby Scott (D-Va.) introduced a “discussion draft” of a bill that would radically rewrite the nation’s most prominent existing federal student-data-privacy law, the Family Educational Rights and Privacy Act, commonly known as FERPA.
- In May, two other proposed FERPA revisions were introduced, including the Student Privacy Protection Act from U.S. Sen. David Vitter, R-La., which would severely restrict the use of student information and require FERPA violators to pay cash penalties to individual families.
Included in the new SAFE KIDS Act are requirements that operators delete student records within 45 days of a request from a parent and within two years of inactivity by a student.
The bill would also require operators to publicly disclose their privacy policies and provide sufficient notice before making material changes to those policies.
Like the Messer-Polis bill, the SAFE KIDS Act is an outgrowth of an ongoing effort to get companies to voluntarily agree to a pledge to protect student information. That effort has been spearheaded by the Future of Privacy Forum, a think tank, and the Software & Information Industry Association, a trade group.
Groups expressing support for the SAFE KIDS Act include both of the nation’s largest teachers’ unions, computer-manufacturing giant Microsoft, school-technology advocacy group the Alliance for Excellent Education, and educational-data proponents the Data Quality Campaign.
“The SAFE KIDS Act would provide appropriate and much needed student data protections without discouraging school service operators (including state or locally operated virtual schools) from creating digital educational products that improve teaching and learning,” wrote the National Education Association in a letter of support.
“We support the bill’s central goal of curbing the inappropriate use of student data by school service operators and its specific prohibitions on their selling student data or using it for targeted advertising or building student profiles.”
Photo: Montana Sen.-elect Steve Daines greets supporters in Bozeman, Mont., last year. --Michael Albans/AP-File
A version of this news article first appeared in the Digital Education blog.