Who Needs to Know? part II

A continnum of my post http://3rseduc.blogspot.com/2013/06/who-needs-to-know.html............

There is rumor of"opt-out" to CCSS and the LDS data collection, and I have heard many anecdotes of parents whose information is collected without permission. A well known example would be the iris scanning incident (http://www.dailymail.co.uk/news/article-2336020/Parents-angered-schools-conduct-Minority-Report-like-iris-scans-students-young-asking-permission.html). However, supposedly law is in place to prevent such things,

"The Fair Information 
Practice of Transparency calls for “providing 
notice to the individual regarding the collection, 
use, dissemination, and maintenance of personally 
identifiable information” (NIST 2010 Special 
Publication 800-122, p. D-2, 3)."

This links to FERPA which was changed in 2011 (after publication of this document) which is referenced here http://dianeravitch.net/2013/04/08/why-is-the-us-department-of-education-weakening-ferpa/ and http://www2.ed.gov/policy/gen/guid/fpco/pdf/sealea_overview.pdf to cite a few sources.

But don't fear, folks....

"A school or district is also required to provide an 
annual Directory notice, if directory information 
is disclosed without consent. The school or district 
may choose to combine their annual FERPA 
notification with their annual Directory notice. 
Directory information includes information 
contained in a student’s education record that 
would not generally be considered harmful or an 
invasion of privacy if disclosed. The Directory 
notice must describe the specific types of 
information the school or district has designated 
as directory information, and the parent’s right to 
opt out of disclosure of directory information. In 
the case of postsecondary institutions, these rights 
accrue to the student."

Of course, I have worked in schools and perhaps I'm out of the loop and was out of the loop as data and assessment coordinator but I've never seen this directory or heard mention of it. I hope exists but my guess is it is published in the district office and sits in a binder; no one is ever notified of it, the fact that it is law is apparently enough notification.

Collecting data is, again, supposedly a very public motion with an opt-out program but it isn't quite that cut and dry. All the info you submit when enrolling a child (ie a photo id of parents, utility bills, birth certificate) are all "mandatory" for enrollment and often end up in the data systems. I mean, I guess that is common sense but parents often do not think of it as such, and they are not alerted to the collection and use of the data past enrollment purposes.

"The Pupil Protection Rights Act requires parental 
notification if a study to be conducted in a school 
includes any information or questions about the 
student or the student’s family related to the eight 
identified sensitive topics: political affiliations or 
beliefs; religious practices, affiliations, or beliefs; 
mental and psychological problems; sex behavior 
or attitudes; illegal, anti-social, self-incriminating If the study is funded by the U.S. Department of 
Education, schools and contractors must obtain 
written parental consent before minor students 
can be required to participate in the study. If the 
school received funds from the U.S. Department of 
Education, school districts are required to provide 
an annual schedule of the specific or approximate 
dates of all other surveys with a notification of 
the parents’ right to request and review a copy of 
the survey before it is administered and to decide 
that their child will not participate, reagrdless 
of the survey’s source of funding. Under this 
Act, parents must also be notified each year of 
their right to decide whether or not their child 
will participate in activities that make student’s 
personal information available for marketing or 
other profit-making activities."

Again, I have yet to see these "notifications" and keep hearing from parents of breech of this law/procedure.

Things often get lost in "legalese" and below you can see that permission to use a student's data is permissible   without notification when sharing with school officials and other designated entities with legitimate educational interests. What might that mean? I have yet to get an answer and suspect it could mean volunteers, government organizations (i.e. dept of health), testing companies, think tanks, researchers, textbook companies, and corporations.

"The annual FERPA notice provides information 
about permissible uses of PII in education records. 
That is, FERPA allows educational agencies 
and institutions to non-consensually release 
education records to school officials and other 
designated entities with legitimate educational 
interests 20 U.S.C. § 1232g(b(1)(A)"

To confirm or ease my fears, here is some more "legalese",

"a 
third-party contractor, consultant, 
volunteer, or other party to whom an 
agency or institution has outsourced 
institutional services for which the 
agency or institution would otherwise 
use employees—as long as that third 
party’s use and maintenance of education 
records is under the direct control of the 
agency or institution and is subject to 
the regulation requirements governing 
the use and redisclosure of PII from 
education records......
.....The disclosure is to organizations conducting 
studies for, or on behalf of, educational 
agencies or institutions for specified 
purposes related to predictive tests, student 
aid programs, or the improvement of 
instruction......
.............The disclosure is in connection with a health 
or safety emergency .............."

So yes corporations, government officials, volunteers etc can see the data. And what defines a health or safety emergency? A natural disaster, yes....but could there be a "psychological risk screening", "immunization study" or other "emergency" where data is collected? Again, the answer is unclear.

Can you view your child's records to ensure compliance?t  Yes....kind of. You probably will not know who else views their data but you can know what they view.... kind of. I have heard fro parents that is isn't just a walk in and see them scenario, that schools stall and send you from one person to another; some schools reportedly have even tried to charge a fee for the records. Regardless, here is the law.

"FERPA (20 U.S.C. § 1232g (a) and the related 
regulations (34 CFR § 99) establish the right of 
a parent to inspect and review his or her child’s 
(or in the case of an eligible student his or her 
own) education record for accuracy."


I hope these two posts, links, excerpts, and commentary have helped parents and educators at least know what is happening with data (even if some of this information is three years old, thus outdated).