4 Best Practices for the Release of Data Under FERPA During School Emergencies

"A delicate balance exists between privacy and security in schools," a recent federal report on school safety noted. "On the one hand, there is the legal requirement to protect the privacy of student education records. On the other hand, it is critical to recognize that some education records may contain information that, if disclosed to appropriate officials, could help prevent students from harming themselves or others."

Finding the appropriate balance between disclosing information during a school emergency and adhering to the regulations of the Family Educational Rights and Privacy Act (FERPA) is the subject of a new two-page guide released by the Future of Privacy Forum (FPF). FPF is a nonprofit that advocates for privacy leadership and research in support of emerging technologies. According to the organization, the guidance is intended to help school personnel understand when and what to disclose. The goal is to be able to "distinguish between disclosures in response to specific, articulable threats and general school surveillance programs."

The guidance came out in response to the "Final Report of the Federal Commission on School Safety," which, FPF asserted, failed to address how to implement security measures while also including appropriate privacy protections. "For example," FPF noted, "the report recommends the use of 'appropriate systems to monitor social media and mechanisms for reporting cyberbullying incidents' but does not mention the privacy implications of such monitoring or appropriate privacy protections."

During the deliberative process, FPF testified about privacy issues and recommended better communication to stakeholders about current privacy laws [and] the importance of "creating 'privacy guardrails' in the context of school safety plans" and encouraged the Commission to develop specific guidance for schools on how to set up those guardrails.

"Unfortunately, the report offers little practical guidance to school officials on how to consider privacy safeguards as they implement programs to monitor threats, harden schools or train personnel," FPF said in a statement. "Privacy doesn't seem to have been a top concern for the Commission, even though its members heard testimony about ways to have both security and privacy."

As an example, FPF stated, the Commission's report advised the use of "appropriate systems to monitor social media and mechanisms for reporting cyberbullying incidents." It failed, however, to cover the privacy implications of those forms of monitoring or the appropriate privacy protections.

The FPF guidance offered four best practices for deciding whether to disclose student information and answered five "frequently asked questions" about FERPA requirements on sharing information during emergencies.

Among the best practices was this one: to "carefully consider potential unintended consequences, such as disproportionate effects on vulnerable populations, and balance those risks with the benefits of monitoring and disclosing student information." While complying with FERPA, the guidance pointed out, "schools must also avoid sharing information that could stigmatize students, make them feel that they can't share their feelings with school staff or incorrectly label them as a 'threat.'"

The federal report is openly available on the U.S. Department of Education's website.

The FPF guidance, "Disclosing Student Information During School Emergencies: A Primer for Schools," is openly available on its website.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • landscape photo with an AI rubber stamp on top

    California AI Watermarking Bill Supported by OpenAI

    OpenAI, creator of ChatGPT, is backing a California bill that would require tech companies to label AI-generated content in the form of a digital "watermark." The proposed legislation, known as the "California Digital Content Provenance Standards" (AB 3211), aims to ensure transparency in digital media by identifying content created through artificial intelligence. This requirement would apply to a broad range of AI-generated material, from harmless memes to deepfakes that could be used to spread misinformation about political candidates.

  • minimalist geometric grid pattern of blue, gray, and white squares and rectangles

    Microsoft Starts Rolling Out AI-Focused Windows 11 24H2

    The latest major Windows 11 update — Windows 11 version 24H2 — is here with a host of AI-focused enhancements.

  • stylized illustration of an open guidebook with a glowing AI symbol hovering above

    ED Releases Toolkit for Intentional Use of AI in Education

    The United States Department of Education's Office of Educational Technology has released a new resource to help education leaders navigate AI adoption while ensuring student protection.

  • pattern of glowing blue and green orbs connected by thin luminous lines

    Microsoft Copilot Gains Actions Feature, New Agents in Latest Update

    Microsoft has introduced new and enhanced features for Microsoft 365 Copilot, including Copilot Actions, new AI "agents," and a Copilot Control System.