The Patchwork of State Student Privacy Laws

An Interview with the Center for Democracy & Technology's Michelle De Mooy

To help school administrators, families, technology companies and state legislators sort through the patchwork quilt of state legislation on student privacy, the Center for Democracy & Technology (CDT), an advocacy group, has developed a state-by-state survey of student privacy laws in partnership with the law firm BakerHostetler.

THE Journal recently spoke with Michelle De Mooy, the acting director of CDT's Privacy & Data Project, about the survey's findings. In its review on student privacy legislation in all 50 states and the District of Columbia, CDT found that California is the model in terms of comprehensiveness, with clear requirements about data retention limits and data security programs. "California's Student Online Personal Information Protection Act is definitely a model for updated student privacy protection, we think," said De Mooy.

CDT's study looked at how state laws define education records and use limitations regarding sharing student data with third parties such as advertisers.
It found that states use different definitions of what types of personally identifiable information can be collected or stored, De Mooy said, and a wide variety of regulations determining the roles of the school administrators and other third parties in terms of access to student data and what they are allowed to do with it.

For instance, in the case of a state such as Alabama, there is no definition for what educational records are. "We think that is part of the problem," De Mooy said. "State legislators are trying to address the concerns that parents and administrators have, but when you don't have common definitions, that creates an interoperability problem in terms of the laws."

Although a federal Student Digital Privacy and Parental Rights Act was introduced in the U.S. Congress in 2015, it did not become law. In the absence of a comprehensive federal student privacy law, CDT is seeking to clarify how widespread the variations are in state law.

"When we were putting together our advocacy strategy around student privacy, we realized that privacy legislation is passing in the states, but that there was no resource to look at how states are interpreting different governance frameworks and the Department of Education's role, so we decided to create one," De Mooy said. She added that student privacy regulation is actually one area where CDT and educational technology vendors are on the same page, "because when the laws are confusing, it is hard for them to be compliant."

The survey found that state laws vary on how charter schools can store and report data. "A lot of charter schools are interested in using technology in the curriculum or in the administration, and that is not a bad thing. It is just a matter of making sure that these standards for privacy and security are very high," De Mooy said.

In most states, it was not clear if there was any complaint process for concerned parents or students. "There is some transparency in educational technology, De Mooy noted, "but how people can look at information and correct it, amend it or ask questions about it is almost never clear and sometimes relies almost solely on commercial entities' terms of service. That is an important issue."

The survey found that state laws requiring school districts to have chief privacy officers were not widespread yet.

De Mooy said that a few educational technology vendors have run into problems when students and parents weren't aware of how the data was being used. "Using the data for marketing is always at the top of the list of things they don't want it to be used for."

About the Author

David Raths is a Philadelphia-based freelance writer focused on information technology. He writes regularly for several IT publications, including Healthcare Innovation and Government Technology.

Featured

  •  classroom scene with students gathered around a laptop showing a virtual tour interface

    Discovery Education Announces Spring Lineup of Free Virtual Field Trips

    This Spring, Discovery Education is collaborating with partners such as Warner Bros., DC Comics, National Science Foundation, NBA, and more to present a series of free virtual field trips for K-12 students.

  • glowing padlock shape integrated into a network of interconnected neon-blue lines and digital nodes, set against a soft, blurred geometric background

    3 in 4 Administrators Expect a Security Incident to Impact Their School This Year

    In an annual survey from education identity platform Clever, 74% of administrators admitted that they believe a security incident is likely to impact their school system in the coming year. That's up from 71% who said the same last year.

  • horizontal stack of U.S. dollar bills breaking in half

    ED Abruptly Cancels ESSER Funding Extensions

    The Department of Education has moved to close the door on COVID relief funding for schools, declaring that "extending deadlines for COVID-related grants, which are in fact taxpayer funds, years after the COVID pandemic ended is not consistent with the Department’s priorities and thus not a worthwhile exercise of its discretion."

  • pattern of icons for math and reading, including a pi symbol, calculator, and open book

    HMH Launches Personalized Path Solution

    Adaptive learning company HMH has introduced HMH Personalized Path, a K-8 ELA and math product that combines intervention curriculum, adaptive practice, and assessment for students of all achievement levels.