74 student data privacy laws have been passed in 36 states since 2014
WASHINGTON (September 26, 2016) – Released today, the Data Quality Campaign’s new analysis of state legislation shows the legal landscape around student data privacy has significantly changed. At the conclusion of three years of legislating, every state but Vermont has introduced at least one bill and 36 states now have at least one new student privacy law. In 2016, 15 states passed 18 laws.
Most of the states that passed new student data privacy laws in 2016 had already passed a student data privacy law, a sign that states continue to refine laws to ensure they protect student information while allowing educators to use data in service of student learning. While states signed fewer new bills into law this year than in 2015 or in 2014, the analysis shows that states are considering more diverse issues and thinking more broadly about data and privacy in schools than in recent years.
“It’s clear that states are building on prior legislative efforts and continuing conversations about how to use data effectively while ensuring student privacy,” said Paige Kowalski, executive vice president for the Data Quality Campaign.
“Although states enacted fewer new laws this year, schools across the nation are operating under a significantly altered legal framework than they were just a few years ago. Congress will need to examine this new landscape if they are looking to update federal privacy laws in the next session.”
Over time, the student data privacy bills have become more focused on data governance (establishing processes for making decisions about data use) with fewer bills that would compromise the basic functioning of state’s education services. In 2014, a quarter of the bills introduced threatened states’ ability to use data to help students, compared to 2016 when that proportion was less than 10 percent. In 2014, less than half of the bills provided for governance.
The states’ legislative efforts this year focused on three key areas: regulating online service providers, establishing greater transparency around how states and districts are handling student information, and granting new responsibilities for safeguarding data to districts.
- Nearly half of the bills introduced (52) governed the data activities of third-party service providers. Thirty-six of those bills contained provisions based on California’s SOPIPA Act, which was passed in 2014 to govern online service providers.
- Sixty-nine bills sought to establish greater transparency around how states and districts are managing student information.
- States proposed assigning new responsibilities for safeguarding data to districts, including governance. Forty-four bills proposed giving new responsibilities to local education agencies.
About the Data Quality Campaign:
The Data Quality Campaign is a nonprofit policy and advocacy organization leading the effort to bring every part of the education community together to empower educators, families, and policymakers with quality information to make decisions that ensure students excel. For more information, go to dataqualitycampaign.org and follow us on Facebook and Twitter (@EdDataCampaign).
Note: This press release has been updated for accuracy.