Secretary Duncan is addressing the Common Sense Media School Privacy Zone Summittoday in Washington. I hope he acknowledges that student privacy is paramount–and so is student learning. We can and must craft updates to public education policy that reflect new opportunities as well as new concerns.
The Target data breach and NSA revelations made us all consider the subject of privacy protection. It led folks like Common Sense Media to propose legislation to protect student privacy. Here’s a summary of California’s Student Online Personal Information Protection Act (SOPIPA):
This bill requires operators of K-12 online sites, services, and applications to keep student personal information private. Under the bill, online operators can only use student personal information for school purposes. They may not sell student personal information to third parties, like advertisers. Since these operators hold sensitive information about children, they are also required to keep student information safe by adequately encrypting data. And, they must delete the student’s personal information when it is no longer needed for the school purposes.
Sounds good, right? Intentions are dead on–data privacy is crucial to the digital conversion. But the bill could lead to a number of unintended consequences that limit opportunities for students and tools for teachers and throw us back to a legacy system of “district knows best” where lumbering incumbent organizations control the conversation and where innovation is seriously impaired. It also ends up with some odd restrictions on things we all agree, including parent management of their own student’s data.
The Department of Education’s My Data Button initiative has for two years encouraged districts to make student data available to parents. Parents should have the ability to manage a comprehensive student record. Students should benefit, when they move grade to grade or school to school, from a portable record that allows teachers to begin personalizing learning on day one. This Digital Learning Now SmartSeries paper outlines the architecture of a portable record: Data Backpacks, Portable Records & Learner Profiles. The paper also provides an overview of how privacy could be managed.
The first problem with SOPIPA is that it would probably eliminate the ability to create and transfer portable student records. It could even limit a parent’s right to share student information with a tutor or after school program.
The second issue is the preoccupation with advertising. It feels like a 25-year-old hangover from Chris Whittle’s Channel One News. While there may be advertising concerns surrounding commercial apps (I still hate Facebook ads) there are no EdTech business models built on advertising. I look at EdTech business plans every day and none of them involve selling McDonald’s happy meals or the like. There is no bogeyman here.
The third issue involves teacher choice in the classroom and what this means for innovation and better learning. A solution that insists that districts know best would undermine teacher professionalism and reinforce the big brother enterprise view of the world. Rather than focusing innovation on student learning, EdTech entrepreneurs would have to go back to investing in selling to school districts. By my calculus, 50 cents on every dollar in K-12 is wasted (for some nonprofits as well as companies) just trying to jockey for position in old-fashioned on-the-ground selling games that keep the sector needlessly fragmented and notoriously slow to innovate.
The good news is that a lot of these concerns are covered by the FTC in COPPA and their recent review giving parents better mobile app privacy, and also under FERPA. If there are gaps, it would be better to fix universally through COPPA than doing it patchwork state by state. It will be a nightmare for entrepreneurs to try and comply with 50+ different mobile app privacy laws.
It’s no wonder this bill is being cheered (and likely steered) by the old guard. They’re being out-competed by innovative small companies. They’d love to take the time machine back to the days where they could control the district procurement process through the simple physics of a big sales forces and by doing so were insulated from any need to make better, smarter learning products.
Common Sense Media should leverage their experience in reviewing and rating movies and software to review and rate the privacy policies and practices of apps. We need to empower parents, teachers, and students with information and more importantly the tools to manage their own privacy.
The way to get better data privacy is to push for better data privacy. If your solution is to force everything back to centralized district purchasing, you return us to the education status quo of the last 50 years. That’s a terrible recipe for learning innovation and ending education inequality.
Yesterday, the Software and Information Industry Association (SIIA) announced Industry Best Practices to Safeguard Student Information Privacy and Data Security and Advance the Effective Use of Technology in Education.
Digital Learning Now! is a Getting Smart Advocacy Partner.