Privacy laws protecting student data are outdated and must be modernized, a White House review has concluded.
The report on the promise and perils of ‘big data’, released this afternoon, notes that “much of the
software that supports online learning tools and courses is provided by
for-profit firms. This raises complicated questions about who owns the data
streams coming off online education platforms and how they can be used.”
The primary student privacy law, the Family Educational Rights and Privacy
Act, was written before the Internet came into being. The Children’s Online
Privacy Protection Act, meant to safeguard children under 13, was written
before the explosion in smartphone and tablet technology. Applying those laws
in the modern context “can create unique challenges,” according to the report.
The vast volume of data collected in an educational context by for-profit
companies “could be used to build an invasive consumer profile of [students]
once they become adults,” the report warns.
John Podesta, the White House counselor who led the review, called on the
Education Department to prevent such abuse by developing new frameworks to
“ensure that data collected in schools is used for educational purposes.”
Updating student privacy protections could be done largely through the
regulatory process or executive orders, without involving Congress, Podesta
said. But, he added, “people may conclude … that basic educational privacy laws
could use some tweaks.”
Jim Steyer, a children’s privacy advocate and the CEO of Common Sense Media,
applauded the report for addressing the concerns of students and parents.
“Today's report is a major statement from the White House that as the internet
continues to become a source of learning, innovation and economic growth, the
privacy and security of our nation's kids will be a national priority,” Steyer