Tuesday, June 11, 2013

Who Needs to Know?

As one may surmise, one of my biggest apprehensions regarding CCSS (Common Core Standards) is the LDS (Longitudinal Data Sysyem) collections proposed.

I found a document http://nces.ed.gov/pubs2011/2011602.pdf that had some interesting information that I will copy and paste here. Enjoy!

The Fair Information Practice of Data 
Minimization and Retention calls for “only 
collecting personally identifiable information that 
is directly relevant and necessary to accomplish 
the specified purpose(s). [And for] only retaining 
personally identifiable information for as long as 
is necessary to fulfill the specified purpose(s).”

This sounds innocent but who decides what is relevant and necessary, and for how long? With P-20 in position, the information could be viable and important for more than 20 years of a person's life. The types of data could include psychological profiles, behavioral records, health records and religious affiliation, to name a few. http://truthinamericaneducation.com/privacy-issues-state-longitudinal-data-systems/privacy-invasiondata-mining/what-400-data-points/ links to https://ceds.ed.gov/elements.aspx?v=3&ex= and http://nces.ed.gov/forum/datamodel/eiebrowser/techview.aspx?instance=studentPostsecondary  which outline these proposed records to be collected on students. Each to their own, but who wants this information collected on their children, especially when the length of time and who views the data remains vague?

Perhaps I am paranoid but thus next excerpt shows my worst fears;

"Linkage with information from an external 
source could occur as a result of a direct linkage 
by someone with access to two confidential 
data systems who is able to directly link the two 
databases (e.g., the student record linked to local 
public health records on sexually transmitted 
diseases or local crime records) or as a result of a 
less direct linkage of information from a student’s 
education record with information available in 
public records (e.g., the education record for a 
15-year-old Asian female includes participation 
in services for unmarried pregnant students, and 
public birth records could be used to identify 
the father of the student’s child. Alternatively, an 
education record might show that a 13-year-old 
female student was the victim of a violent assault 
during the school day on a specific date (without 
the specifics of the assault). Meanwhile, a report 
in a local newspaper, while protecting the direct 
identifiers of the victim, reveals some of the details 
of an assault on a female student in that school on 
the same date)."

The collection of data has purpose which to me seems to conflict, Case in point;

"INSTRUCTION—Teacher and counselors 
need information about an individual 
student’s previous educational experiences 
and any special needs the student might have 
to deliver appropriate instruction and services 
and to plan educational programs; parent 
contact information is needed to keep parents 
informed of student progress. 
» OPERATIONS—Schools and districts need 
data for individual students to ensure the 
efficiency of day-to-day functions such as 
attendance records, meeting individual 
students’ special needs, handling individual 
students’ health problems, and operating food 
service and transportation programs.
» MANAGEMENT—Schools, districts, and 
state education agencies use data about 
students for planning and scheduling 
educational programs and for the distribution 
of resources. ACCOUNTABILITY—Schools, districts, 
and state education agencies use data 
about students and about individual 
students’ progress to provide information 
about students’ accomplishments and 
the effectiveness of schools and specific 
educational programs. 
local, state, and federal education agencies 
use data about students and about individual 
students’ progress to conduct analysis 
of program effectiveness, the success 
of student subgroups, and changes in 
achievement over time to identify effective 
instructional strategies and to promote school 
improvement. "

I understand the purposes outlined here and agree with them, having had managed two schools' data a few years ago. But what does the information about an assault on campus that was reported in the news?  How would maternal last name, religious affiliation, and website URL be used in the classroom, or at the state and federal level to improve instruction?

 Again, I remind you of P20, that these records will follow you through life:

"To facilitate the 
usefulness of this information, the legislation 
also calls for an alignment between P–12 and 
postsecondary data systems, which requires 
linkages between student and teacher records, 
between preschool and elementary education, and 
between secondary and postsecondary education 
and the workforce."

It seems who will access student information remains unspecified, and the most private data such as biometrics and social security numbers are of course of highest concern. This document states that such records wqill only be accessed by and for a need to know basis but there lacks a definition of "need to know".

"After the risk level is established, consideration 
should be given to providing more protection 
and more restrictions on access for the data 
elements that are identified as highly sensitive. 
For example, these data elements might be stored 
apart from the rest of the student record in a 
more secure electronic environment, with access 
limited to “need to know” circumstances for only 
a subset of those with access to the system."

One possible relief is the proposal to give students unique identifier numbers (California already has such a thing) separate from their Social Security number; the article adds a second layer of security that at least did not exist in California during the 2010-2011 school year; a unique linking code to access social security numbers which few have access to, so that Social Security numbers will be more secure.

Who might be managing your child's data or accessing the linking codes? Well,

"PII carries a potential for misuse. As a result, it is
advisable to require security screenings for staff
members whose job responsibilities require them
to have access to PII in student education records.
The screening might include a background
investigation using written, electronic, telephone,
or personal contact to determine the suitability,
eligibility, and qualifications of a staff member for

This sounds great, yet humans are, well, human. Every year across the nation, teachers with supposed clean records and qualifications attend yearly training of confidentiality and test procedures, signing legally binding affidavits and yet every year there are teachers and administrators across the nation breaching confidentiality of these tests. Therefore, how can a similar procedure protect your child's data with 100% assuredness?

Stay tuned for part II of my analysis of this document.

No comments:

Post a Comment