FPF Student Privacy Train-the-Trainer Syllabus
About the Program
Since 2013, over 130 new student privacy laws have passed in 41 states, with more bills and regulations being rolled out each year. This has resulted in many new requirements for local and state education agencies. Some state laws include the threat of jail or large fines when school staff even unintentionally violate student privacy. Unfortunately, few states have received funding or support in implementing these new laws and, without training, none of the laws can be implemented with fidelity.
At the same time, new federal guidance and settlements are continually released, changing past understandings about FERPA, COPPA, and other related federal student privacy laws. These federal changes combined with the state student privacy legal landscape makes it hard for attorneys serving schools and districts to keep up and provide the most accurate advice to their clients.
This isn’t only a legal problem: as technology changes and the amount of information schools collect and maintain increases, ensuring that new educators and administrators come into their schools with the skills needed to adequately protect student privacy in their day-to-day work and conveying best practices to schools is extremely challenging.
Recognizing the demand for practical, informed privacy guidance, the Future of Privacy Forum, a nonprofit focused on consumer privacy, launched a 10-month Train-the-Trainer pilot program in February 2020 to multiply the people on the ground with the capacity to provide basic student privacy support. The program helps to build the capacity of local education agency (LEA) and education service agency (ESA) staff to help the schools and districts they serve, equips college of teacher education professors and staff to integrate student privacy best practices and important legal trends into their institution’s curriculum, and trains attorneys for K-12 educational agencies and institutions to advise their clients and train their peers on this changing legal landscape.
Knowledge: Expand and deepen your student privacy and security knowledge.
Networking: Establish ongoing relationships with a close cohort of student privacy professionals.
Training: Acquire resources and relationships needed to train and influence others.
Through the program, participants will gain the skills and tools needed to train others on student privacy. The program will provide a toolkit of resources to be leveraged in trainings, including model templates and best practices gleaned from seasoned experts. Participants will also be exposed to activities, scenarios, and teaching techniques tailored towards adult learners to be adapted for use in trainings and presentations. Finally, the program will model effective student privacy training strategies and practices that participants can then redeliver.
In order to successfully complete the program, participants are required to attend and participate during the in-person workshops, monthly webinars, monthly activities, and conduct trainings or give presentations on student privacy.
Upon program completion, participants will receive a certificate of completion, a Train-the-Trainer 2020 Cohort badge for emails and electronic communications, and recognition on FPF’s student privacy website. Attorneys will receive CLE credits for all applicable in-person and virtual trainings, and we will work with participants to help them receive continuing education units as requested. At the end of the program, FPF will select five participants who have not only met requirements, but also gone above and beyond, to each receive a $2,500 donation to a nonprofit organization or educational agency or institution of their choice.
Description of Assignments
Attendance: Participants are required to be present during the two in-person workshops in Washington D.C. in February and November. Participants are also required to attend six of the eight webinars. Participants unable to attend the in-person workshops or webinars must complete the makeup activities; however, participants cannot complete makeup activities if they miss more than 75% of the trainings. Please talk to us if you have a special situation that requires accommodations.
Activities: Participants will be asked to complete both individual activities and group activities each month. We estimate the activities will take no more than four hours per month. Participants are required to complete approximately 80% of the activities (can miss four activities).
Action Plan: As a final project, participants will complete a detailed action plan to provide student privacy support and trainings in their sphere of influence. The action plan will include a portfolio of resources, both created as part of the program and by the participant, that they will be able to leverage for trainings.
Trainings/Presentations: Participants will put into action what they have learned through the program to become an active voice in communicating about the importance of protecting student privacy. Recognizing the diverse audiences participants have access to, they may choose to present at conferences, train staff, train SEAs/LEAs, and/or engage in other means of formal communication to share their student privacy expertise.
This module will provide an overview of federal student privacy laws, including the Family Educational Rights and Privacy Act (FERPA), Protection of Pupil Rights Amendment (PPRA), Children’s Online Privacy Protection Act (COPPA). We will compare and contrast the purpose, target audience, and enforcement mechanisms of each law and explore how the laws impact the day-to-day work of educational institutions.
This module will cover important categories of data and sharing of data. We will compare and contrast direct and indirect identifiers, sensitive and non-sensitive data, identifiable and de-identified data, and individual-level and aggregate data. Participants will develop communications for their stakeholders to explain the types of data, their uses, and the necessary protections.
This module will explore who uses education data and why. We will also discuss educational research, how schools can manage requests for education data, what resources are available for managing requests for data, and what exceptions are applicable. Participants will add data sharing and research resources that they feel would be beneficial for their situation to their portfolio. Finally, participants will evaluate the uses of data in their environment.
This module will focus on the school official exception and data sharing agreements. We will also evaluate best practices in drafting data sharing agreements, determine what data sharing elements are required, and what data sharing elements are recommended. Participants will develop template data sharing agreements and add them to their portfolio.
This module will cover the use of edtech tools. We will discuss how to evaluate edtech tools for compliance with federal laws and best practices. We will also explore existing resources to assist with evaluation of tools and methods for helping educators in their selection of edtech tools. Participants will develop guidance for teachers when adopting and using edtech tools to add to their portfolio.
August – Safeguarding Data Security
This module will cover both physical and logical data security at a high level. We will provide an overview of actual and potential risks of data security compromises and review best practices as well as possible policies and procedures to protect student data. Participants will build elements into their action plan and portfolio that address data security.
September – Establishing Data Governance
This module will draw the connection between privacy and data governance. We will review data governance elements and explore model policies and practices. Participants will build out their action plan leveraging these exemplars.
October – Practicing Transparency & Building Trust
Transparency is critical to building trust. This module will discuss what transparency looks like, explore the benefits of transparency, and review model strategies for building transparency and trust with stakeholders. Participants will evaluate the level of need for transparency in their environment and will build out specific steps to address transparency in their action plan.