It is May and so far 42 states have introduced 170 student privacy bills which is encouraging to know as a parent of children who will be students for quite some time. Of these, there are two Federal bills advancing in the US House of Representatives. On the one hand, Congressmen Kline (R-MN) and Scott (D-VA) circulated draft legislation to rewrite FERPA. On the other, Congressmen Polis (D-CO) and Messer (R-IN) introduced the Student Digital Privacy and Parental Rights Act. The goal of this act is mostly to regulate online service providers in a way that balances data security without hindering the ability of teachers, schools, and other stakeholders in using the data to effectively support instruction.
Which one is better? Well, I don’t think they are mutually exclusive. I think we can all agree that FERPA needs to be updated. It needs to address the privacy challenges that come with technological advancement. Something the 40 year old law hasn’t been able to keep up with. But what is interesting on the Polis-Messer bill is that it balances the essential need to protect student data and enables (and encourages) the use of technology without implementing unreasonable restrictions that would impede the effective use of data to help students improve their learning outcomes. More importantly, the bill bans online service providers from creating profiles of students that could be used for advertising to them or their parents, thus eliminating that creepy factor of profiling students for marketing purposes. And I am all for data use but certainly not when the data collected on my child will be used to advertise products or services to them.
Unfortunately neither bill addresses the dire need for training teachers, principals, school boards and even parents and students. Training so desperately needed. Without adequate training, they will not be able to identify what is appropriate (and legal) use of data. How can we expect schools to make the right decisions when it comes to safeguarding our children’s data when they do not have adequate training on data privacy and security? Furthermore, I do not see any acknowledgement of learner ownership in either bill. We must recognize students as the ultimate owners of their data, for without this recognition we will once again fail to make privacy something that is inextricably linked to their education and continue to make privacy something that just happens to students – if they are lucky. Finally, I find the option of opting out of data collection a weak portion of the bills. And it is simple – if we have the option of allowing students to opt out of LEA or SEA data sets we are limiting the ability of research organizations to determine whether education policies are working for every student or not. How can we build an equitable education system when we are analyzing incomplete data sets? They will then undoubtedly provide skewed results? We cannot adequately protect our most vulnerable students if policymakers are basing decisions on incomplete data. I urge all of us to think about the inequities we might be inadvertently creating when opting out of educational data sets. We cannot achieve a true equitable educational system with broken data.
Both bills have a way to go before they can become law, but this is why it’s important to join the conversation now when many states and the Federal government are first looking seriously at protecting student privacy – and that matters.
We have the responsibility and opportunity to help shape the debate that will result in policy at the State and Federal level and we cannot let this pass by. In the meantime, President Obama continues to encourage progress in safeguarding student data. Earlier this week the White House commended Representatives Polis and Messer on their efforts to protect student privacy. And well, that has to count for something – right???
