A new coalition called the Parent Coalition for Student Privacy released a letter today to the leaders of the committees of the House and Senate Education Committees, urging Congress to strengthen FERPA and involve parents in the decision-making process to ensure that their children’s privacy is protected.
Many of the groups and individuals in the Coalition were involved in the battle over inBloom, which closed its doors last spring. They were shocked to learn during this struggle how federal privacy protections and parental rights to protect their children’s safety through the Family Educational Rights and Privacy Act (FERPA) had eroded over the last decade.
The letter below calls for Congress to hold hearings and enact new privacy protections that would minimize the sharing of highly sensitive student data with vendors and among state agencies and would maximize the right of parents to notification and consent. The letter also asks for strict security requirements, that the law be enforceable through fines, and that parents have the right to sue if their children’s privacy is violated.
Parent Coalition for Student Privacy
July 23, 2014
Dear member of Congress:
We write on behalf of a broad coalition of parents across the country to urge Congressional review of emerging threats to student privacy rights and to request legislative action to address significant shortcomings in current law. Specifically, we are alarmed about ill-thought-through federal policies that, instead of providing safeguards against non-consensual disclosure and downstream uses of children’s personally identifiable information, actually promote policies in which a child’s highly sensitive personal data is disclosed to third-parties for purposes that go well beyond reasonable educational uses and deny parents the right of notification or consent.
First, we respectfully urge Congress to hold hearings on why the U.S. Department of Education has abdicated its historic role as the guardian of educational privacy rights. In responding to interest groups that included Big Data enthusiasts, influential foundations and their grantees, and educational technology firms, the Department has re-interpreted (and, in effect, unilaterally amended) the Family Educational Rights and Privacy Act of 1974 to nullify many of its most important privacy protections. This radical re-invention of FERPA is at the root of much of the data free-for-all that has resulted in massive amounts of personally identifiable student data being collected and divulged to third parties, including for-profit vendors.
As the controversy over one such third party, inBloom, has revealed there is a wide gap between the view of most parents that they should be able to control access to their children’s personal information to protect their privacy and safety, and the perspective of various governmental agencies and private corporations that are intent on collecting and using that data without informing parents or providing them with the right to consent.
The inBloom data-mart, funded with $100 million from the Gates Foundation, sought to capture records of millions of children to enable the creation of a market in technological learning tools that would utilize and data-mine this information in name of “personalized learning.” Parents mobilized in opposition because they justly feared that the transmission and storage of their children’s most personal data on data clouds, as well as inBloom’s stated intent to provide it to a large number of for-profit vendors, was both a security and a privacy threat.
We are pleased to say that parental concerns and protests won the day over the poor judgment of state and district education officials, resulting in inBloom being driven out of business. But sadly, many other vendors seek to take inBloom’s place or to sell their wares directly to schools and districts with inadequate protections for security or privacy, and very little respect for parental rights.
Second, we respectfully urge Congress to review privacy and security practices of the multiple state longitudinal data systems created in direct response to various federal programs in recent years. These data systems are designed to collect, store and share an increasing amount of children’s personal information among a variety of state agencies and to track students over time without sufficient oversight and protections for privacy.
Finally, we respectfully urge Congress to review and strengthen both FERPA and Children’s Online Privacy Protection Act (COPPA), to roll back the harmful provisions of the 2009 and 2011 FERPA regulations, and to update both laws in light of new and unforeseen threats to privacy rights. Particularly with the growth of the educational technology industry, there has been a huge push to expand the access to personal student data with little or no federal restrictions to slow down this trend. We are dissatisfied with the recommendations of the recent White House report on privacy that evades most of the important issues and simply asserts that any student data disclosed to third parties should be used only for “educational purposes.” This generic statement is far too vague to be reassuring.
The push for greater access to educational data is motivated by the desire of the educational technology sector to develop new products and grow their market, as well as by advocates who claim that big data will revolutionize education. We believe parents—not school officials—should be in charge of deciding whether or how much of their children’s information may be shared with vendors. The benefits of big-data and data-mining software in the area of education are still highly hypothetical and cannot be used to justify the massive amount of personal data that is being collected and shared with third parties without parental knowledge or consent.
Many parents do not want their children to spend hours more each day in front of a computer and do not believe that the model of mechanized instruction that is being promoted can deliver true personalized learning. We certainly do not want our children’s disability, health and disciplinary records shared widely with third parties.
We believe that any legislation should uphold the following principles:
Minimize the collection by governmental agencies of highly sensitive student data and their ability to share this data with third parties;
Maximize the opportunities for parental notification and consent;
Except in very limited circumstances, restrict non-consensual access to personal student data to education authorities and roll back the 2012 “authorized representative” loophole, by which nearly anyone can be designated as an authorized representative of officials entitled to its access;
Mandate strict security provisions for the storage and transmission of personal student data, regular audits, and the training of education personnel about the need to maintain robust privacy and security provisions;
Ensure that the law is enforceable, including but not limited to the ability of the federal government to impose fines and families to sue if their children’s privacy is violated.
We urge you to open up a dialogue with parents as soon as possible. Since inBloom’s demise, much has been written about the importance of including parents in the debate over how to protect their children’s privacy yet very little has been done to involve them in the discussion. We thank you for your leadership and stand ready to work with you on this important issue.
Leonie Haimson, Executive Director, Class Size Matters, co-chair Parent Coalition for Student Privacy
Rachael Stickland, founder, School Belongs to the Children (CO), co-chair Parent Coalition for Student Privacy
Diane Ravitch, President, Network for Public Education
Dora Taylor, President, Parents Across America
Julie Woestehoff, Executive Director, Parents United for Responsible Education
Cassie Creswell, organizer, More Than a Score (Chicago)
Lisa Rudley, Director of Education Policy, Autism Action Network, co-founder of NY State Allies for Public Education
Josh Golin, Associate Director, Campaign for a Commercial-Free Childhood
Emmett McGroarty and Jane Robbins, American Principles Project, Washington, D.C.
Lisa Guisbond, Executive Director, Citizens for Public Schools (MA)
Robin Hiller, Executive Director, Voices for Education (AZ)
United Opt Out
Lourdes Perez, HispanEduca
Change the Stakes (NYC)
Northeast Indiana Friends of Public Education
Helen Gym, Parents United for Public Education, Philadelphia, PA.
Julia Sass Rubin, co-founder, Save Our Schools NJ
Jean Ann Guliano, Parents Across Rhode Island
Ilana Spiegel on behalf of SPEAK (Supportive Parents, Educators and Kids)for Cherry Creek (CO)
Deb Mayer, Great Schools for America 4
Rachael Stickland, a leader in the fight for student privacy in Colorado and co-chair of the Coalition to Protect Student Privacy points out, “inBloom’s egregious attempt to siphon off massive amounts of sensitive student information and to share it with for-profit vendors took parents by surprise. Once we learned that recent changes to FERPA allowed non-consensual disclosure of highly personal data, parents became fierce advocates for their children’s privacy. We’re now prepared to organize nationally to promote strong, ethical privacy protections at the state and federal levels.”
Diane Ravitch, President of the Network for Public Education said: “Since the passage of FERPA in 1974, parents expected that Congress was protecting the confidentiality of information about their children. However, in recent years, the US Department of Education has rewritten the regulations governing FERPA, eviscerating its purpose and allowing outside parties to gain access to data about children that should not be divulged to vendors and other third parties. The Network for Public Education calls on Congress to strengthen FERPA and restore the protection of families’ right to privacy.”
“The uprising against inBloom demonstrated the extent to which parents are will not tolerate the misuse of their children’s sensitive personal information,” said Campaign for a Commercial-Free Childhood’s Associate Director Josh Golin. “But parents cannot be expected to mobilize against each and every threat to their children’s privacy, particularly if they’re not even aware of which vendors have access to student data. It is critical that Congress take real steps to protect schoolchildren from those who see student data as a commodity to be exploited for profit.”
“Parents Across America, a national network of public school parents, emphatically supports this call for hearings as a first step toward reversing federal actions that have eroded parental authority over student data, and including even stronger privacy protections for our children,” said Julie Woestehoff, a Chicago parent activist and PAA secretary. She added: “PAA recommends restoring parental authority over student data that was removed from FERPA by the US Department of Education, enacting state laws that include parental opt out provisions in any statewide data sharing program, strictly regulating in-school use of electronic hardware and software that collect student information, and including significant parent representation on any advisory committees overseeing student data collection.”
Lisa Guisbond, executive director of Citizens for Public Schools, a Massachusetts public education advocacy group, said, “Citizens for Public Schools members, including many parents, are deeply concerned about threats to the privacy of student information. We support hearings and strong legislation to protect the privacy of this data. Parents are increasingly left out of important education policy discussions. In this, as in all crucial school policy discussions, they must have a voice.”
“Parents will accept nothing less than parental consent, when it comes to their child’s personally identifiable sensitive information. As a parent of a child with special needs, I understand the devastation that confidential information used without my consent could have on my child’s future. As a long-time advocate for people with autism and other developmental disabilities, I implore the U.S. House and Senate to put the necessary language back into FERPA to protect students and uphold the right of their families to control their personally identifiable data,” said Lisa Rudley, Director of Education Policy, Autism Action Network and Co-Founder of NYS Allies for Public Education.
Emmett McGroarty of the American Principles Project said, “Regardless of intention, the collection of an individual’s personal information is a source of discomfort and intimidation. Government’s broad collection of such information threatens to undermine America’s founding structure: if government intimidates the people, government cannot be by and for the people.”
Leonie Haimson, Executive Director of Class Size Matters and co-chair of the Coalition, concluded, “Since inBloom’s demise, many of the post-mortems have centered around the failure of elected officials and organizations who support more data sharing to include parents in the conversation around student privacy. We are no longer waiting to be invited to this debate. It is up to parents to see that we are heard , not only in statehouses but also in the nation’s capital when it comes to the critical need to safeguard our children’s most sensitive data – which if breached or misused could harm their prospects for life. We are urging Congress to listen to our concerns, and act now.” www.studentprivacymatters.org