My oldest son turns eleven this month and he is getting his first smartphone. I know that this means grappling with the intimidating responsibilities that come with parenting through these advances in technology. I don’t understand all that I am agreeing to in those Terms of Service agreements and, quite frankly, I don’t understand ALL the ways in which his smartphone data can be used to help or harm him.
However, I’m not just any parent. I work for the Data Quality Campaign (DQC). Because of that I’m in a unique position to get smart on these issues, hear about emerging concerns, and know first-hand what protections either exist or are being developed. I have access to privacy and data experts and advocates across many fields and they have been generous with their time and expertise to equip me with the knowledge I need to feel good about this birthday gift.
One such advocate is Jim Steyer, CEO of Common Sense Media. We appreciate that an organization dedicated to providing parents with the knowledge to make informed decisions is taking action in the important arena of student data. DQC has appreciated this fresh voice out there explaining that existing student privacy laws are outdated and don’t reflect the current realities schools, students, and parents face while using technology in classrooms. We’ve highlighted California’s groundbreaking 2014 privacy legislation, SOPIPA, and noted where other states have adopted versions of this bill that Common Sense Media helped shape. Steyer has also highlighted the work of Governor Jack Markell, who is most definitely a leader to be learned from in this field. He recently signed strong privacy legislation to safeguard Delaware students.
However, we also recognize that while not all states have introduced or passed bills exactly like California’s, most states have dug in and begun the tough conversations with schools and families about how state law can be best address their concerns. Just this year, we’ve seen 46 states introduce 182 bills resulting in 15 states with 28 new laws to protect students. By our analysis, 25 states have introduced legislation modeled on SOPIPA though several made changes to the bill’s language to address local concerns or add additional protections (e.g., Georgia’s bill includes SOPIPA-like provisions within a larger more comprehensive bill that governs schools in addition to education technology providers). It is heartening to see so many states paying attention to this critical issue.
In any student data privacy conversation, it is important to note that federal protections do exist. The Family Education Rights and Privacy Act (FERPA) has done what it was designed to do—prohibit schools from releasing students’ personal information except under limited and defined circumstances. While this 40-year-old law needs to be updated, schools take their responsibilities under FERPA quite seriously. We also have the Children’s Online Privacy Protection Act (COPPA) passed by Congress in the late 90s. While this law currently only protects the privacy of students under the age of 13, it is an important safeguard for elementary and middle school aged children who are just beginning to engage with apps and online learning opportunities in schools.
States, and Congress now too, have recognized how complex and new this issue really is. They are learning and borrowing from each other, and they’re also breaking new ground and forging new pathways to protection. We’re pleased that legislatures have continually sought to strike the balance between the promise of personalized learning through effective data use and the moral and legal imperative to safeguard privacy. As a parent who is continually struggling with and learning all that comes with these technologies in my own house, I can truly appreciate how difficult it must be to legislate in this area. As DQC staff, I want them to get this right. As a parent, I need them to get this right.