ISTE 2019Creative
Constructor Lab
Digital
Leadership Summit
No Fear
Coding Lab
Edtech Advocacy &
Policy Summit

Back to School: Understanding Edtech Privacy Policies

Location: W175c

Listen and learn

Listen and learn : Panel


Monday, June 25, 10:30–11:30 am
Location: W175c

Bill Fitzgerald   Michael Hawes   Sara Kloek   Amelia Vance  
Over the past the years, the Future of Privacy Forum has reviewed more than 300 company privacy policies to add them to the Student Privacy Pledge. This panel presentation will provide a window into the best and worst educational technology privacy policy practices for school administrators and edtech vendors.

Skill level: Beginner
Attendee devices: Devices not needed
Focus: Technology infrastructure
Topic: Safety, security and student data privacy
Grade level: PK-12
ISTE Standards: For Administrators:
Digital Citizenship
  • Promote, model and establish policies for safe, legal and ethical use of digital information and technology.
  • Model and facilitate the development of a shared cultural understanding and involvement in global issues through the use of contemporary communication and collaboration tools.
For Coaches:
Digital Age Learning Environments
  • Collaborate with teachers and administrators to select and evaluate digital tools and resources that enhance teaching and learning and are compatible with the school technology infrastructure.

Proposal summary

Purpose & objective

Our panel will explain the Student Privacy Pledge and the process FPF facilitates in working with companies to ensure compliance. In so doing, it will explain the common pitfalls and best practices in ed tech privacy policies; important normative and legal considerations in the handling of student data; and allow audience members to see for themselves the objectives and perspectives of the different stakeholders involved. FPF’s Student Privacy Pledge application process fosters improved privacy practices in the collection and handling of student data by educational technology vendors, and facilitates greater accountability by companies, better transparency over their practices, and gives increased control to parents over their childrens’ information.
Many companies want to do the right thing, but are unfamiliar with the nuances of the privacy laws in this area, or with how to implement privacy safeguards more generally. New start-ups might have innovative plans for a tool that could be wonderfully helpful for students, but they don’t have the legal experience (or wherewithal) to consider the range of regulatory and normative problems created by the collection or use of oceans of student data. The Pledge provides guidance through a list of positive suggestions (as well as prohibitions), and we further assist companies in reaching compliance with the Pledge.
Participants will learn the common pitfalls of ed tech vendor privacy practices, include failing to make the company’s privacy policy accessible to parents, or even failing to have one at all; failing to include notice and choice provisions, so that parents are alerted to material changes in the company’s ownership or practices that might affect their child’s privacy; and overly broad policies, which fail to address specific practices that parents or administrators should be aware of. Administrators and parents will learn how to locate these issues when evaluating a privacy policy, and vendors will learn how to avoid them. The panel will explain why the different requirements of the Pledge, like data accessibility and a comprehensive security program, are important to protect student privacy. They will also learn what concrete practices (such as using https for a vendor’s website) are entailed in the broader standards outlined in the Pledge. This will provide clarity for vendors, and enable administrators and parents to better evaluate different products. Participants will come away able to effectively read a privacy policy, and how to write one.

Outline

The panel will provide an introduction to the issues administrators, vendors, and parents face in tackling student privacy today, providing background on how and why the Pledge came to be. It will then explain the Pledge Application process, and the kind of guidance FPF provides to companies hoping to achieve compliance with the Pledge. We will include 15 minutes at the end of the panel discussion for an audience Q & A, in order to spur audience interaction and stimulate further reflection on what has been discussed. Participants will also leave with a ‘Do’s and Don’t’s’ handout, so they know what kinds of privacy policy clauses to either look out for, or to avoid including. That handout will include a range of problems, from the more obvious or glaring, to subtler judgment calls.

Supporting research

As enormous data breaches continue to make headlines, it’s crucial to be aware of the approach a company takes towards collection, retention, and protection of data—particularly when that data belongs to students. Parents are wary of their childrens’ data being collected (see “Parents cite student privacy concerns with popular online education platform” (Sept. 5, 2017, Washington Post) (https://www.washingtonpost.com/news/answer-sheet/wp/2017/08/30/parents-cite-student-privacy-concerns-with-popular-online-education-platform/?utm_term=.95446b617815).

126 state privacy laws have passed in 40 states, making effective compliance very difficult for even the most established companies (report from the student privacy group Data Quality Campaign: https://dataqualitycampaign.org/resource/2016-student-data-privacy-legislation/).

FPF has written a number of white papers on the importance of student privacy:

--FPF Guide to Protecting Student Data Under SOPIPA: For K-12 School Administrators and Ed Tech Vendors (Nov. 2016) (https://fpf.org/wp-content/uploads/2016/11/SOPIPA-Guide_Nov-4-2016.pdf)
--Supporting Parental Choice for Student Data (Sept. 2016) (https://fpf.org/wp-content/uploads/2016/09/Parental-Choice_Sept2016.pdf)
--Survey: Beyond the Fear Factor: Parental Support for technology and data use in schools (Sept. 2015) (https://fpf.org/wp-content/uploads/2016/09/Parental-Choice_Sept2016.pdf)

FPF also manages FERPA|SHERPA, a website that provides service providers, parents, school officials, and policymakers easy access to laws, best practices, and guidelines that are essential to understanding education privacy (https://ferpasherpa.org/).

More [+]

Presenters

Bill Fitzgerald, InnovateEDU
Michael Hawes, U.S. Department of Education
Sara Kloek, Software and Information Industry Association
Amelia Vance, Future of Privacy Forum

People also viewed

Access in Music: Technology in K-12 Music Instruction for All Students
Global Problem Solvers: Inspiring the Next Generation of Social Entrepreneurs
PBIS, Chromebooks and Title 1: How We Made Magic