We need new laws to protect student privacy

Zack Christenson Research Fellow, American Consumer Institute
Font Size:

As technology improves, more and more of our data are being collected for a variety of reasons — both good and bad. This data could be collected for reporting and analysis to make products better, for basic services like email or cloud storage, or for sales and marketing purposes.

There is also growing concern about the privacy implications of companies knowing so much about our habits, interests, and the way we live and work. Particularly troubling for many, especially parents, is that the companies compiling volumes of data on us, might be doing exactly the same thing with children.

Even for parents who do their very best to protect their child’s privacy at home, there is still the possibility that their children’s online data is exposed, as more schools are utilizing technology in the classroom. Technological advances in education are vital, allowing students to learn at a distance, engage in personalized courses, and even trade in their books for an iPad or other tablet. As students move from offline learning for more online learning, their data become less secure and more opportunities are created for unscrupulous marketers and advertisers to and even track children.

Legislators and many industry leaders have taken notice and are urging action. Sen. Ed Markey (D-MA), for one, has urged tighter restrictions in the use of student data,saying that student data isn’t a product to be sold. Markey said he plans to introduce legislation that strengthens student privacy, including regulations that would ensure that contractors never own student data. Under the legislation, schools would not be required to provide data, outside of performance data, to outside contractors.

With federal legislation on the horizon, many consumer and legislative groups have also stood up for the importance of protecting student data. The American Legislative Exchange Council has proposed model legislation to state legislatures that would create a data security plan for state education departments and would require privacy protection in contracts with third-party vendors. Other groups, like the Electronic Privacy Information Center (EPIC) and Common Sense Media, are vigilant in tracking and calling attention to data breaches involving vendors, such as Google’s recent admission of data-mining students’ emails.

One study, recently conducted by Fordham University School of Law, found that 95 percent of school districts rely on cloud services for various school functions, yet fewer than 25 percent of those districts have agreements with their vendors that govern student disclosures, and only 7 percent restrict the sale of data to third-party vendors.

Legislation is needed, but companies also have a responsibility when it comes to student privacy. In a recent education conference in Barcelona, Microsoft, which claims that its technology is used in 98 percent of schools, said it will not mine student data. And it extends that to products including Bing, made possible by its Bing for Schools product.

Protecting the privacy of everyone on the Internet is an important goal. As we pursue the goal, however, the privacy of children should be of the utmost concern.

Zack Christenson writes on digital tech issues for the American Consumer Institute Center for Citizen Research, a nonprofit educational and research institute.  For more information, visit www.theamericanconsumer.org.