Big Data Laid Bare

student-photo-privacyValarie Strauss at the Washington Post last Thursday shared a guest article by Leonie Haimson and Cheri Kiesecker with the Parent Coalition for Student Privacy.

It’s pretty eye-opening for those who are not familiar about privacy issues in the public school system.

An excerpt:

Most student data is gathered at school via multiple routes; either through children’s online usage or information provided by parents, teachers or other school staff. A student’s education record generally includes demographic information, including race, ethnicity, and income level; discipline records, grades and test scores, disabilities and Individual Education Plans (IEPs), mental health and medical history, counseling records and much more.

Under the federal Family Educational Rights and Privacy Act (FERPA), medical and counseling records that are included in your child’s education records are unprotected by HIPAA (the Health Insurance Portability and Accountability Act passed by Congress in 1996). Thus, very sensitive mental and physical health information can be shared outside of the school without parent consent.

Many parents first became aware of how widely their children’s personal data is being shared with third parties of all sorts when the controversy erupted over inBloom in 2012, the $100 million corporation funded by the Gates Foundation. Because of intense parent opposition, inBloom closed its doors in 2014, but in the process, parents discovered that inBloom was only the tip of the iceberg, and that the federal government and the Gates Foundation have been assisting the goal of amassing and disclosing personal student data in many other ways.

Ten organizations joined together, funded by the Gates Foundation, to create the Data Quality Campaign in 2005, with the following objectives:

  • Fully develop high-quality longitudinal data systems in every state by 2009;
  • Increase understanding and promote the valuable uses of longitudinal and financial data to improve student achievement; and
  • Promote, develop, and use common data standards and efficient data transfer and exchange.

Since that time, the federal government has mandated that every state collect personal student information in the form of longitudinal databases, called Student Longitudinal Data Systems or SLDS, in which the personal information for each child is compiled and tracked from birth or preschool onwards, including medical information, survey data, and data from many state agencies such as the criminal justice system, child services, and health departments.

A state’s SLDS, or sometimes called a P20 database (pre-K to 20 years of age), P12, or B-20 (data tracking from birth), have been paid for partly through federal grants awarded in five rounds of funding from 2005-2012. Forty-seven of 50 states, as well as the District of Columbia, Puerto Rico, and the Virgin Islands, have received at least one SLDS grant.

Although Alabama, Wyoming and New Mexico are not included on the site linked to above, Alabama’s governor recently declared by executive order that “Alabama P-20W Longitudinal Data System is hereby created to match information about students from early learning through postsecondary education and into employment.” Wyoming uses a data dictionary, Fusion, that includes information from birth. New Mexico’s technology plan shows that they moved their P-20 SLDS to production status in 2014 and will expand in 2015. This site run by the Data Quality Campaign tracks each state’s SLDS.

Valarie’s headline is appropriate as the amount of data being collected on our kids is astonishing… Actually disturbing is probably a better word.  Be sure to read the whole piece as they give parents advice on how to address this.

NY Assembly Democrats Call for DOE to Suspend Plan for Student Data Sharing

Last week New York Assembly Speaker Sheldon Silver and the New York Assembly Education Chair Catherine Nolan released a letter to New York State Education Commissioner John King that expresses concerns about the department’s plan to share student data with an outside vendor.  The letter was also signed by 50 Assembly Democrats and it requests that the State Education Department withhold sharing data with inBloom, the vendor that the New York Department of Education selected to collect information from children in New York.

“It is our job to protect New York’s children. In this case, that means protecting their personally identifiable information from falling into the wrong hands,” said Silver. “Until we are confident that this information can remain protected, the plan to share student data with InBloom must be put on hold.”

“After receiving moving and credible testimony at a recent hearing, the Assembly Majority has serious concerns about the potential flaws of the SED’s plan to share student data and their ability to protect student privacy. We feel compelled to question this plan and we strongly believe that student information should not be shared with InBloom at this time,” said Nolan.

You can read the letter below:

 

This letter comes after public hearing held in November on this issue.  as well as two important pieces of legislation passed by the Assembly earlier this year, A.7872-A  and A.6059-A to address ongoing concerns related to the distribution of personally identifiable student information.

New York school districts receiving Race to the Top funds are expected to participate in the EngageNY Portal, an informational instruction system recently established by the New York Department of Education. The Portal will allow educators, administrators, parents and students to access a variety of additional educational materials, resources and student information. To make this service available, the Department has contracted with InBloom, a third-party vendor which collects and stores student information released by SED and school districts. This includes information such as demographics, parental contacts, out-of-school suspension records, course outcomes and state assessment scores.

This amount of information being held in a centralized location makes it easier to exploit.  Parents were never asked for permission by school districts or the state to share their student’s information with inBloom and inBloom doesn’t guarantee total security of information.  This letter is appreciated, but instead of just calling for a pause in the plan Assembly Democrats (and Republicans – this is a non-partisan issue) should call for a halt.  The legislation passed earlier does attempt to address the situation, but my perspective of A. 7872-A in particular is that it contains too many loop holes and parents should have to opt-in rather than opt-out.