By Keith R. Krueger and Bob Moore
There has been no shortage of time and energy spent on the issue of student data privacy in the past several years. While school leaders always have taken student privacy seriously, the failure of the inBloom data initiative, reports of the National Security Agency’s extensive gathering of private citizens’ data, and frequent media reports of data security breaches have caused a knee-jerk reaction, the likes of which we’ve rarely seen in K-12 education. Seemingly overnight, protecting the privacy of students and their data took on a sense of almost overwhelming urgency.
School leaders clamored for guidance to help them meet the requirements of complex, outdated federal privacy laws, such as the Family Educational Rights & Privacy Act (FERPA). Enacted more than four decades ago, FERPA applies neatly to a time when student records were held in manila file folders and stored in metal filing cabinets but not so much to mobile apps and Internet-based cloud services. State legislatures hastily began passing laws to fill the gaps in FERPA and other federal laws as well as to extend privacy protections to other areas without considering unintended consequences.
Unfortunately, all of the efforts around student data privacy have done little to allay parents’ concerns. In fact, in a recent survey reported by Marketplace.org (http:bit.ly/1QPclRd), 79% of parents cited privacy as a concern when their students use technology for school. As stunning as that number is, the threat that it represents is even more concerning. If we can’t properly address these privacy concerns, the use of technology in schools will be threatened. And technology use is no longer optional in schools; it is essential.
Compliance with privacy laws is not sufficient. These laws do not address the issue at the heart of privacy concerns — and that is trust.
School leaders, online service providers, education associations, and other stakeholders must begin to build trust around the collection and use of data. The vendor community took an important first step in developing the Student Privacy Pledge (www.studentprivacypledge.org). As of this writing, 160 online service providers have signed the pledge. In another effort led by the Consortium for School Networking (CoSN) and the Data Quality Campaign, 39 of the most influential education associations have adopted 10 Foundational Principles for Using and Safeguarding Students’ Personal Information. You can learn more about the Student Data Principles at www.studentdataprinciples.org.
All of the efforts around student data privacy have done little to allay the concerns of parents. Although these efforts are important, schools must take the lead in building trust among parents. CoSN recently kicked off an initiative to develop a Trusted Learning Environment Seal. When awarded to a school, the seal would signal to the community that the school has implemented sound practices regarding data collection, use, and security in order to ensure student privacy. A diverse group of nearly 30 schools has begun working to define aspirational, yet practical, privacy practices. The work is supported by the Bill & Melinda Gates Foundation and the Michael & Susan Dell Foundation. The American Association of School Administrators, the Association of School Business Officials International, and ASCD are lead partners with CoSN.
Regardless of your role in education, each of us can take concrete steps to build trust:
Be entirely transparent about what data is collected and how it is used;
Help parents understand the importance of data to inform instruction and improve services for students; and
Understand that new technology will continue to bring new privacy concerns.
Only by building trust among stakeholders will we be able to address privacy concerns — real and visceral — without creating roadblocks for using technology in schools.