But understand this is to let you know what the REST of the country is experiencing so that (1) we don't have these things happening to our state and our district and (2) we can learn what works and doesn't work.
My biggest fear is really two-fold. One, that too many entities for not-so-good reasons will want access to more data. The district has confirmed to me that MORE entities ARE asking for MORE data so this is not a "what if." Every single provider and group does not need vast amounts of data in order to verify their work. It is very troubling that this is already happening.
My other concern is a data mistake or breech.
The story out of Chula Vista, California is one I hadn't even thought might happen and yet it did.
Secretary of Education Arne Duncan was to visit a middle school in that district. The district wanted to spruce things up for his visit but where to find the money? Selling off student data.
From the San Diego Reader:
Data-gathering has recently emerged as a primary concern for opponents of Common Core Standards and Common Core assessments. Federal laws governing privacy for student data were weakened in 2011. Across the nation, parents have expressed concern that student data will be shared with third parties.
Castle Park Middle School is a Chula Vista Promise Neighborhood school. Promise Neighborhoods are funded by the Department of Education and claim to offer “cradle to career” services. South Bay Community Services is the organization that oversees and distributes the $60 million government investment in Chula Vista.
On August 2 Principal Bleisch wrote to Alt: “By the way, FYI-SBCS [Promise Neighborhood/South Bay Community Services] is prepared to give my school a good chunk of change (over $100K of PN money allocated last year for staff that was not used.) The catch is that they are kinda using the data-sharing agreement as leverage.) They promised to expedite this money transfer as soon as we deliver on the data agreement."
“We sent Dr Brand the revised [data] agreement yesterday. He said it looked good. If there is any way you can help me get that signed I then can put the pressure on them to get me the money. I plan to use this money for the stage and other things needed for the 9/13 visit.”
It's a terrible thing for parents in that school and district to know their children's data is for sale. And really, for what? A photo and tv op.On August 5, Bleisch wrote Alt a reminder. The subject of the email is “Data-Sharing.”“Just a kind reminder if you can help us get this data-sharing agreement signed.” FYI-They’re [reference to South Bay Community Services] holding up money until I deliver on this [smiley face] need this PN money to pay $17k for a new stage and $3000 Flags, $5000 cafeteria college banners for Arne’s visit. (The revised agreement is signed and forwarded.)”
I'd like to think that Seattle Schools would never do this but really, I don't know. If they had a project and needed the money, I just don't know.
On my other concern about data breeches and errors, on happened recently in Chicago School District. From the Chicago Sun-Times:
Data collected about some 2,000 student who participate in a free vision examination program provided by the city was “incorrectly configured” and was available on the Internet, said Shannon Breymaier, a city spokeswoman. Only 14 people viewed the information online and that includes official investigators, according to the city.
The data — that included the student’s name, date of birth, gender, identification number, vision exam date, diagnosis and school name — was uploaded to the city’s computer system between June 18 and July 31. On Oct. 7 a city resident alerted officials that the information was online, Breymaier said.
But the 14 people who saw it certainly had plenty of time - months - to see the information as it was a citizen - not an employee - who saw this and told the school district.
"Glitches" as CPS is calling this do happen but the more data that is out there - in multiple places - the more worry. For example, recently a local mental health professional went to visit a prostitute who then stole his laptop that was full of patient info. He lost his license and those patients lost some piece of mind and privacy.
Any group that has student data can have the same thing happen if a district doesn't have strict measures. At one SPS Ops meeting I attended there was a lot of verbal hand-patting of Board directors on this safety issue but not a lot of evidence. For example, one district lawyer said they could do spot checks to make sure providers were securing student data according to district rules. Do they? That question never got answered.