For immediate release: January 29, 2015
Obama privacy bill fails to put children’s safety first
Education Week has gotten hold of a draft student privacy bill out of the White House that from its description is far too weak to satisfy most parents concerned about the use and sharing of their children’s personal data. The EdWeek article describing the bill is here: http://go.shr.lc/1vahJrs
Said Leonie Haimson, Executive Director of Class Size Matters and co-chair of the Parent Coalition for Student Privacy, “We were startled by the slide released by the White House after the President gave his speech at the FTC that students’ personal data should be able to be sold as long as it was for “educational” purposes. Student personal data should never be sold, without the knowledge and consent of their parents. I am very concerned that the Obama administration and the Department of Education have been captured by the interests of ed tech entrepreneurs, and are members of the cult that believes that outsourcing education and “big data” into the hands of corporations is the answer to all educational ills. This is, after all, the administration that revealed a blind spot as to the need to protect children’s privacy by creating huge loopholes in FERPA in the first place, to encourage the amassing of highly sensitive and confidential student information and allowing it to be disclosed to a wide variety of commercial ventures.”
Rachael Stickland, co-chair of the Coalition for Student Privacy said, “Parents will now fight even harder for a bill that takes their children’s interests into account; that minimizes data sharing without parent notification and consent, and provides for real protections for student privacy and security. We will continue to speak out until a new law is passed which puts our children’s safety first. As described by the Ed Week article, the Obama bill clearly does not do the job.”
Weaknesses of the Obama proposal similar to California’s law, according to the EdWeek description:
1. Operators may use personal student information for internal commercial purposes including “for maintaining, developing, supporting, improving, or diagnosing the operator’s site, service or application.”
2. The proposal would allow the use of student information for “adaptive or personalized student learning purposes.” The Parent Coalition for Student Privacy cited this weakness in our press release critiquing the California law here: http://go.shr.lc/1IlSVil
3. Allows the sale of data in mergers and acquisitions “so long as the information remains subject to the same legal protections in place when it was originally collected.” (Quoted section is from EdWeek.)
4. Requires companies to “maintain reasonable security procedures and protocols” for student information, and allow the information to be deleted at the request of a school or district. However, there needs to be specific security and encryption provisions in the law, as well as parental rights to be notified, consent or delete data.
Areas where the proposal appears to be even weaker than California law:
1. There appears to be no prohibition on vendors amassing profiles of students for non-education purposes. Profiling – whether for targeted advertising or sorting students based on abilities or disabilities – is one of our greatest concerns.
2. Does not prohibit the collection of student information from an online education site to be used on other commercial websites or services for targeted advertising or marketing purposes. Presumably, this means that if a child uses Google Apps for Education (GAFE), Google would be unable to target ads to the child using GAFE but could target ads to the child on other commercial services linked to Google. This is entirely unacceptable.