Privacy and Cloud Computing in Public Schools

The Center on Law and Information Policy at Fordham Law School file6271279942259released a report this month called Privacy and Cloud Computing in Public Schools. The Executive Summary of the report provides the key findings.

The key findings from the analysis in the report are:

• 95% of districts rely on cloud services for a diverse range of functions including data mining related to student performance, support for classroom activities, student guidance, data hosting, as well as special services such as cafeteria payments and transportation planning.

• Cloud services are poorly understood, non-transparent, and weakly governed: only 25% of districts inform parents of their use of cloud services, 20% of districts fail to have policies governing the use of online services, and a sizeable plurality of districts have rampant gaps in their contract documentation, including missing privacy policies.

• Districts frequently surrender control of student information when using cloud services: fewer than 25% of the agreements specify the purpose for disclosures of student information, fewer than 7% of the contracts restrict the sale file5241235164091or marketing of student information by vendors, and many agreements allow vendors to change the terms
without notice. FERPA, however, generally requires districts to have direct control of student information when disclosed to third-party service providers.

• An overwhelming majority of cloud service contracts do not address parental notice, consent, or access to student information. Some services even require parents to activate accounts and, in the process, consent to privacy policies that may contradict those in the district’s agreement with the vendor. FERPA, PPRA and COPPA, however, contain requirements related to parental notice, consent, and access to student information.

• School district cloud service agreements file9961246478372generally do not provide for data security and even allow vendors to retain student information in perpetuity with alarming frequency. Yet, basic norms of information privacy require data security.

You can download the report by clicking on Privacy and Cloud Computing in Public Schools.

Advertisements
Gallery | This entry was posted in Data Mining / Privacy, Protection of Pupil Rights, SLDS, State Longitudinal Data Systems. Bookmark the permalink.

2 Responses to Privacy and Cloud Computing in Public Schools

  1. Pingback: No Need for Matching with this Data Deal | Stop Common Core in Washington State

  2. Pingback: Who Owns the Data? | Stop Common Core in Washington State

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s