States Include Stricter Language in Student Data Privacy Legislation

A new report from NASBE highlights trends in data privacy legislation this year.

Student information is getting a regulatory makeover on a massive scale. Legislatures in 38 states considered 185 bills on student data privacy this year, many with stricter language protections for students, according to a policy update report from the National Association of State Boards of Education (NASBE).

Amelia Vance, director of education data and technology for NASBE, wrote the “Trends in Student Data Privacy Bills in 2016” report that touches on improvements made to previous bills and notes specific states to watch.

Vance saw that a majority of the new bills that were introduced this year were based on legislation from previous years. One such bill is the California’s Student Online Personal Information Protection Act (SOPIPA), which regulates activity by third-party websites, mobile applications and online services. There were 27 measures based on SOPIPA that became law in six states.

Several measures went beyond SOPIPA, including new laws in Colorado (HB1432) and Connecticut (HB5469) that include stringent language protections. For example, the two laws distinguish between contracts schools sign with third parties, such as cloud service providers that store student records, and products where there is no negotiated contract. Both laws also require districts to notify parents each time they enter a third-party contract. Colorado and Connecticut inspired an additional 15 states to consider bills that require consent whenever student information is collected from service providers.

In addition to these specific improvements, there was also an increase in the number of states that contemplated legislation addressing student data privacy more broadly. The report notes that 17 states introduced at least one bill crafted by the American Civil Liberties Union (ACLU), which introduced recommendations after reporting on the lack of security for students in Massachusetts last year.

“New language from the ACLU model bills, Colorado, and Connecticut could inspire similar bills in other states or cause accidental consequences that will need to be fixed in subsequent sessions,” Vance said in a news release. “State boards and others will want to keep a close eye on new developments and lessons.”

For a complete list of legislation trends, access the report available on the NASBE site.

About the Author

Sri Ravipati is Web producer for THE Journal and Campus Technology. She can be reached at [email protected].

Featured

  • The First Steps of Establishing Your Cloud Security Strategy

    In this guide, we'll identify some first steps you can take to establish your cloud security strategy. We'll do so by discussing the cloud security impact of individual, concrete actions featured within the CIS Critical Security Controls® (CIS Controls®) and the CIS Benchmarks™.

  • Human Error Remains the Leading Cause of Cloud Data Breaches

    Human error is still one of the biggest threats to cloud security, despite all the technology bells and whistles and alerts and services out there, from multi-factor authentication, to social engineering training, to enterprise-wide integrated cybersecurity platforms, and more.

  • Abstract illustration of a human news reporter interviewing an AI with a microphone

    AI on AI in Education: A Dialogue

    Scholars are doing lots of asking and predicting about the risks and rewards of generative artificial intelligence in school, but has anyone asked the all-knowing chatbots?

  • Pattern of desks with interconnected circles, triangles, and lines

    Classroom Furniture Giveaway Seeks Dream Learning Space Design

    Educators have a chance to design their ideal K-12 learning space in a contest recently announced by classroom furniture manufacturer KI.