[Libs-Or] OLA IFC Tuesday Topics: Safeguarding student privacy in schools (Nov. 2019)

Tue Nov 12 12:26:06 PST 2019

OLA IFC Tuesday Topics Nov. 2019: Safeguarding student privacy in schools

Welcome to Tuesday Topics, a monthly series covering topics with
intellectual freedom implications for libraries of all types. Each message
is prepared by a member of OLA's Intellectual Freedom Committee or a guest
writer. Questions can be directed to the author of the topic or to the IFC
Committee.

 Safeguarding student privacy in schools

Parents -- at least those with younger children -- can choose to limit how
much information they share online about their kids. However, as schools
increasingly use cloud-based services (and issue Chromebooks, iPads, and
other devices) the potential unwanted sharing of student information has
exploded.

It's important to know what sort of data vendors are collecting about
students, and what they are doing to protect their information.

School districts often contract with multiple third-party vendors for
cloud-based software and services to track student attendance, test scores,
educational plans, student work samples, health information, and other
data. Teachers may also frequently sign their classes up for educational
apps and websites -- classroom social media sites, typing or math practice,
ebook providers, and much more. Some districts have developed privacy
policies and evaluate these services to make sure they don’t share student
data or collect more than necessary; others have not.

For example, many school districts now issue Chromebooks to students and
enroll them and school employees in Google Apps for Education. While tools
like Google Docs, Classroom, and Drive are very useful (and free to
schools), some have questioned how Google uses children’s data. While
Google says it does not collect information on students for advertising
purposes, that may not always be true. In 2015, the Electronic Frontier
Foundation filed a complaint with the FTC
<https://www.eff.org/deeplinks/2016/10/google-changes-its-tune-when-it-comes-tracking-students>
alleging that Google was tracking students and building profiles on them.
Google claims to have changed its practices in response. Most recently, in
September 2019, Google paid a $170 million fine
<https://www.nytimes.com/2019/09/04/technology/google-youtube-fine-ftc.html>for
violating the federal Children’s Online Privacy Protection Act, or COPPA,
after regulators said that YouTube, which Google owns, “knowingly and
illegally harvested personal information from children and used it to
profit by targeting them with ads.” So, even for companies that have strong
written privacy policies, those sites may not always follow their own
policies.

School libraries also need to be concerned about their own data collection.
For example, school librarians should ensure that library circulation
records aren’t stored forever, and that notes and other information in our
library systems are regularly deleted. We need to make sure that our ebook
and database providers follow laws about collecting personal information
about students and their reading or research habits. When the Statewide
Database Licensing Advisory Committee
<https://www.oregon.gov/Library/libraries/Pages/SDLAC.aspx> chooses
databases for libraries in Oregon, for example, privacy is an important
criterion in the selection process.

Many school districts do have written privacy policies that guide selection
of software and educational apps or services. However, they depend heavily
on what the companies say about their own policies, and districts aren’t
often able to investigate the company’s actual practices. Other districts
do not have policies or do not use privacy policies as one of the criteria
for choosing services. Most do allow parents and guardians to opt their
students out of a particular app, but if most other students are using a
service, this can create difficulties.

How can schools, parents/guardians, and concerned community members help
address these issues?

   -

   Learn more about the Children's Online Privacy Protection Rule (COPPA
   <https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule>
   ), the Family Educational Rights and Privacy Act (FERPA)
   <https://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html>, and state
   laws <https://www.oregonlaws.org/ors/336.184> regarding student data
   privacy.
   -

   Develop policies -- or, for community members, ask about written
   policies -- regarding the privacy of student data.
   -

   Make sure the services we use don’t retain personally identifying
   information about students beyond what is absolutely necessary.
   -

   Ensure that third-party vendors do not sell student information, or
   track students for advertising purposes.
   -

   Be aware of what students are using in class and what information those
   services track.
   -

   Encourage schools to pay for the best online services if that means
   companies earn revenue from subscriptions rather than from collecting and
   selling student data.

Find Out More

“EPIC Student Privacy Project.” EPIC, Electronic Privacy Information
Center, https://epic.org/privacy/student/.

Gebhart, Gennie. “Spying on Students: School-Issued Devices and Student
Privacy.” Electronic Frontier Foundation, 15 Feb. 2018,
www.eff.org/wp/school-issued-devices-and-student-privacy.

“A Parents’ Guide to Student Data Privacy.” Ferpa Sherpa, The Education
Privacy Resource Center,
https://ferpasherpa.org/parents/a-parents-guide-to-student-data-privacy/.

“Student Records and Privacy.” Students & Families : State of Oregon,
Oregon Department of Education,
https://www.oregon.gov/ode/students-and-family/Pages/Student-Records-and-Privacy.aspx
.

______________

Miranda Doyle

District Librarian

Lake Oswego School District

doylem at loswego.k12.or.us
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/libs-or/attachments/20191112/1bedbf88/attachment.html>