Recently, Senators Markey and Hatch proposed the Protecting Student Privacy Act of 2014 to amend the Family Education Rights Protection Act (FERPA) in an effort to improve student data privacy. We all agree that student data privacy is an essential component of any educational technology, but the question is: Does this bill achieve that end?
Some commentators on the bill, such as the Data Quality Campaign, consider this bill to be redundant with existing FERPA regulations. Barmak Nassirian, Director of Federal Relations and Policy Analysis at the American Association of State Colleges and Universities, has highlighted potential problems with the language and structure of the bill.
As a company that has collaborated with educational stakeholders for 17 years, two things stand out to eScholar about this proposed legislation:
- The Protecting Student Privacy Act purports to support the idea that students and parents should have more control over the educational data collected about them and how those data are used. But if Barmak is correct, the current draft of the bill addresses parents but ignores students, which is inappropriate. We at eScholar believe parents and students should have more control of their education data.
- The current draft of the Protecting Student Privacy Act provides additional control over data only to parents (and students) when their data are managed by “outside parties.” The bill does not address control of data managed by state and local education agencies. Since this provision did not exist in previous versions, it appears to be intentional, but why?
Parents and students should have more control over how data about them and their education are used. We believe they should have this control regardless of who is managing their data on their behalf. In our experience, most school districts, state education agencies and higher education institutions take advantage of a mix of in-house and “outside parties” to run their operations, including managing data. If this is done well, it should appear seamless to the parent and student. No matter who is managing the data, all parties must be held to the same standards to provide transparency while still protecting student privacy.
