Student Data Privacy for Washington State Public School Students

My big focus for the foreseeable future is student data privacy.   Data collection is the future of our nation and nowhere else is that more clear than public education.

My goal is a student data privacy bill passed in the Washington State Legislature.  In a future thread, I will outline what SPS is doing versus what it should be doing but really, I don't have time to wait for the Board to wake up (and district leadership is a lost cause).  We need a robust law to protect our public school children.

Data is a good thing - like standards and assessments.  But it's all in the collection and implementation and uses and that's the devil in the details that needs attention.

You cannot stop an idea.  And the idea today is that vast amounts of data are going to better our lives and, allegedly, the lives of our children and grandchildren.  But we can use the force of law and especially our Constitution, to protect that data from going everywhere to nearly anyone and, worst of all, having it used to make decisions for our children that should be for parents to make.

 History


With the advent of Race to the Top and Common Core, the Department of Education required states to all have longitudinal databases.  (Washington State has its own - CEDARS - Comprehensive Education Data and Research System.)
 The Common Core consortium that Washington State belongs to - Smarter Balanced - is obligated by its agreement with the DOE to give them "student-level data" from testing.
 

(To those who say CC has nothing to do with data collection, the very success of the standards rests on the increased collection of student data. The Data Quality Campaign said that the Common Core’s emphasis on evaluating teachers based on their students’ academic performance and tracking students’ college and career readiness requires broader data collection. DQC is yet another Gates-funded group.) 

Mostly this push started thru ARRA - the American Recovery and Reinvestment Act.

Since it started in fiscal year 2005, the program has awarded grants worth $265 million to 41 states and the District of Columbia. The Recovery Act competition requires that the data systems have the capacity to link preschool, K-12, and postsecondary education as well as workforce data. To receive State Fiscal Stabilization Funds, a state must provide an assurance that it will establish a longitudinal data system that includes the 12 elements described in the America COMPETES Act, and any data system developed with Statewide longitudinal data system funds must include at least these 12 elements.

It keeps getting said that PII, personally identifiable information., will not be given out.  One of ARRA's grant program requirements is this: An unique identifier for every student that does not permit a student to be individually identified (except as permitted by federal and state law).  Note that "as permitted"  that you can drive a Mack truck through that.  
From the National Center for Educational Statistics:

Better decisions require better information. This principle lies at the heart of the Statewide Longitudinal Data Systems (SLDS) Grant Program. Through grants and a growing range of services and resources, the program has helped propel the successful design, development, implementation, and expansion of K12 and P-20W (early learning through the workforce) longitudinal data systems. These systems are intended to enhance the ability of States to efficiently and accurately manage, analyze, and use education data, including individual student records. The SLDSs should help states, districts, schools, educators, and other stakeholders to make data-informed decisions to improve student learning and outcomes; as well as to facilitate research to increase student achievement and close achievement gaps.

What is happening right now?


Here's a link to a report on states and their longitudinal data systems commissioned by the DOE called the NRS Guide to State Longitudinal Data Systems published in August of 2012.  Lots of good reading here.

From a brief called, "P-20W Data Governance: Tips from the States - Best Practices Brief", May 2012

P-20W refers to data from prekindergarten (early childhood), K12, and postsecondary through post-graduate education, along with workforce and other outcomes data (e.g., public assistance and corrections data). The specific agencies and other organizations that participate in the P-20W initiative vary from state to state.

The "To-Do" list in this report?

When pursuing P-20W data governance, it is vital to fully engage state leadership (the Executive Leadership levels of Figures 1 and 2) early on in the process. Otherwise, both short-term effectiveness and long-term sustainability of the P-20W system may be in jeopardy.
  • Pay attention to legislative activity in your state.
  • Many states have legislation impacting how data can be collected, where they can be stored, and who has access to them. During the planning phase, research all possible legislation that could impact your work. If there are state laws that limit data sharing, there may be an opportunity to lobby for the change of said laws—particularly if the state already has legislative and executive support for P-20W. Additionally, demonstrating the capabilities of the P-20W system to the legislature can help to build momentum for a state’s data collection efforts.
They want more data, not less and believe that state statutes that may already exist limiting access to data,  should now change to favor more data collection.
  • Once the executive leadership has determined the vision and direction for the P-20W system, data governance is needed to effectively implement this vision. Bring all involved stakeholders to the table and discuss why data governance is important, as well as what data are already being collected—and by whom—within the state.
And parents? You are not listed as stakeholders. In fact, in this brief, parents are never mentioned.

Understand, that many people, including Diane Ravitch, believe these actions violate federal law.

Federal statute prohibits the U.S. Department of Education from maintaining a national student database, but by persuading/twisting the arm of states to build these databases, and then changing the Family Education Rights and Privacy Act (FERPA) after the fact, the Obama administration has evaded this prohibition and provided a pathway for student data to be shared across state lines and between federal government agencies.






Considerations

We are talking about a compilation of sensitive information, from different federal agencies, being placed in your child’s P 20 database, to follow him or her into adulthood, possibly contributing to an influence on their job hunt with eventual prospective employers.

It used to be if your child had a behavioral issue or the family had challenges that impacted the student's school, that enough time would elapse between childhood and adulthood and the issue would be long dealt with and forgotten.

With the assistance of the P20 database, this type of information could follow your child well into adulthood and could be accessible by nearly any teacher or administrator in your district to view and may be used by employers make employment decisions based on this data.  Or used by college admissions officers to make decisions about your child.

From USA Today:

What does prekindergarten background say about the likelihood of success in high school Advanced Placement classes? How did college students who fail science do in middle school? What are the links between applying for unemployment benefits as an adult and one's educational history?

"The only purpose of this work is to get information that can make our education programs better," said associate education commissioner Ken Wagner, who is leading the initiative. "We want to learn the types of courses that kids do well in that will predict success in college and the workforce."

"This throws up so many red flags for me as a parent, a tech guy and an educator," said Brian Wasson, a technology training specialist at St. Joseph's College on Long Island who has used his Twitter account to urge that attention be paid to P-20. "As this develops, will they decide to use this data for more than research? I don't buy the rationale for it." 


I'm not buying it either.  Why?
  • there is too much tantalizing data out there that many more people and entities want
  • with that much data available, there are more chances of a data breach
  • child identify theft is the fastest growing type of identity theft in the country
Fight Back

Edward Snowden has opened the door to the debate of the century. 

What is privacy?  
  • Are there privacy rights (and are they in our Constitution)?  
  • Is privacy a human right?
  • Does technology trump those rights?  
My main concern:

When did enrolling your child in public schools mean you (and your child) lose your privacy rights at the schoolhouse door?

Who's watching out for kids?  It certainly doesn't look like it's our government and it's certainly not going to be business interests or "edu-philanthropists" who are fine with experimenting and documenting other people's children but not their own.

It's going to be up to you, as a parent, in determining the course of your child's education and their privacy interests.


Because if you don't, we will see an entirely different country within a generation.


Much, much more to come.

Comments

mirmac1 said…
Great research Melissa. The vicotry in NY gives me hope that we can turn the tide against this insidious trend.
suep. said…
I don't have time to wait for the Board to wake up...

Really, Melissa? You really think that none of us on the board are aware of, care about, have spoken up about, or are actively working on protecting student privacy and limiting data sharing?

Some of us have been trying to do all of the above for a while now. My very first testimony before the board as a parent four years ago was about FERPA violations and the importance of protecting student and teacher information.

I know others on the board share these concerns.

Rather than disparage us (inaccurately), why not help us protect student privacy and data?

Keeping the public informed is a great service. Simply dismissing or misrepresenting the entire board is not.

Thanks.

Sue

mirmac1 said…
I appreciate the work you've done on the inside Sue to educate board and staff. There remains alot of work to be done, particularly in the area of CBO data-sharing and institutional servicers like ConnectEDU.
suep. said…
I agree, mirmac. So I thank you, Melissa and Dora for all your invaluable efforts to track all these entities and alert the community and the district to their actions and objectives. And I welcome suggestions for how the district can better protect our students in this regard.

As I've said in my director's comments during board meetings, data is the currency of the 21st century. School districts and other public institutions must protect the safety and privacy of our students (and citizens in general). Relying on FERPA is inadequate, in this respect, as you know.
mirmac1 said…
This comment has been removed by the author.
mirmac1 said…
Yes, data is the currency and many which to enrich themselves. I have no faith in our district or OSPI safeguarding our data. See this latest snafu for example.

As you've reported Melissa, these databases are intended to track you for life, or at least from 6th grade on. Sign onto this and future prospective employers may be able to access your SATs, coursework and grades. It's readily apparent that if the data exists, people will feel entitled to access it. Facebook, Twitter and now your school and college records.
Sue, I was wrong to include the entire Board.

I will say that in my discussions with the Board, you are the only one to ever seriously question anything. I went to the Data Privacy Work Session and was quite surprised how little was challenged.

I have given the Board information. No reply. I have spoke before the Board on this issue. No reply.

I'm going to write to the Board about what the district currently has (and apparently everyone thinks is just fine) and make some suggestions.

But I'm not waiting for the Board. It's not in the Strategic Plan despite the emphasis on Common Core.

This is a statewide issue anyway and, for me, that's the best way to approach it.

Sue and Dora Taylor deserve a lot of credit for talking about this issue for years.
Anonymous said…
Melissa, as you probably know, many state legislatures have recently passed or are currently working legislation on student data privacy. Much of the legislation is based on model legislation from ALEC: http://www.alec.org/model-legislation/student-data-accessibility-transparency-accountability-act/. FYI - ALEC is the same organization that pushed parent triggers and A-F grading of schools, so take this notation with a grain of salt.

This ALEC model legislation was the basis for the bill introduced during this past legislative session by Rep. Scott that died after receiving only one hearing.

This model legislation places significant limits on data-sharing as well as what individual student data can be collected in the state longitudinal data system without parental permission. It does, however, provide allowances for access to individual student data by the state's contractors if such access is necessary to complete the work of their contract. This is something that needs to be carefully considered.

--- swk
SWK, yes I know about these bills. And I know about Rep Scott (and even spoke with her and all was not what you might think).

I know what model legislation looks like as I have been working with other leading activists around the country on this issue.

But the privacy comes FIRST, not access to data. How that seems to be an issue is a mystery to me but that's where the fight should be.

I have to wonder how anyone could be against student data privacy for children. I'll wait for those arguments from Microsoft, Google and others.
#Crazy said…

Keep your eye on Pearson and Knewton. Please note that the US Dept of Ed. emblem is on video:

https://www.youtube.com/watch?v=Lr7Z7ysDluQ&feature=youtu.be

Tune into 6 minute mark and you will hear Knewton brag about knowing a lot about a particular student because they have "more data than anyone."

What are the implications for our children? Can and will this data be kept confidential?
Anonymous said…
On this issue, Melissa, we are in 100% agreement.

--- swk
Anonymous said…
It should be noted once again that the people pushing for all this data sharing on public school students have their own kids in private schools where they are not tracked.

HP
Anonymous said…
Well HP if the "people" you are talking are billionaires and VIPs, then yes, they do get the special passes when it comes to privacy. But there are many in the state house whose children are in public schools and it's worth reaching out to them. I include parents with children in private schools too (especially those in Catholic schools who were affected by recent data breach or anyone of us who has had similar experiences with personal info being misused or stolen).

In matters like this, you find more support than you think. The smart thing is to welcome as many under the tent and lobby hard.

voter
Anonymous said…
I was referring to Bill Gates and friends who support data sharing, teacher evaluation from student data, etc. while having their own kids in private schools where they won't be data tracked until they start taking the SAT/ACT.

HP
Unknown said…
@voter,
I think the example of what is going on right now with current and former volunteers and employees of the Seattle Archdiocese is a perfect example of the harm that can be done when small bits of personal information get into the wrong hands.

Many people, myself included, suspect that a third party vendor hired to down background checks was not scrupulous with data storage or transfer. Many people are wondering why the diocese chose a firm run by a person without any IT background or degree to perform the background checks. We are wondering if the archdiocese performed any audits to assure that data was stored, transferred and destroyed properly.

In any case, the estimate is that 90,000 people have had their social security numbers and other private information stolen. The archdiocese estimates that at least 2,000 people have had fraudulent tax returns successfully filed, with many more having had attempts made. I would estimate their are many, many more victims than the Archdiocese is admitting to. In March of this year, there were 981 fraud complaints filed with the Seattle Police Department. Last year, there were 237. It can reasonably be assumed that much of the difference is the result of this tax fraud scheme. The Archdiocese extends from Bellingham, WA to Vancouver, where there are similarly high numbers of reports of fraud related to the same scheme.

Just to give people an idea of what happens when just your name and social security number is stolen, first you spend 90 minutes on hold the phone with the IRS, then you get told the bad news. Then you need to go through with the same thing with your spouse. Then you have to file a report with the police, sign up for a 90 day equifax fraud alert(free), then get sign up for credit report monitoring (not free), then notify the ftc, your credit card companies, and the social security office. Then you file an affadvit with the IRS. When you do this, it means the IRS will take up to 180 days to process your real return, meaning that if you are due a refund, you won't get it for 180 days.

Then, worry about this and repeat this process for the rest of your life--because you can't get a new social security number.

In my view the Archdioceses has done an incredibly bad job of providing accurate information. Their reports obfuscate the issues, claiming this is a national tax fraud scheme, or conflating a different scheme involving telephone calls with this one. They still, to this day, have not notified former volunteers, and have relied on local parishes to notify parishioners, many of whom still do not understand how at risk they are.

I attended a meeting last night at Holy Rosary in Edmonds. There were about 500 people there. They were hopping mad. There were people yelling at the Archdiocesan representative, who said that the Archdiocese of Seattle was "exploring credit monitoring." One thing people fail to realize until it is too late is that victims of ID fraud have little to no recourse against institutions and especially third party vendors who do not adequately safeguard their data.

What does this have to do with SPS? I think SPS is beginning to realize the dangers of sharing too much data, but isn't quite there yet. Much work needs to be done, especially in regard to legislation.
Anonymous said…
I'm having trouble wrapping my brain around this issue. There seems to be a lot of concern about the development of these potentially very useful longitudinal databases, but it primarily seems to center on concerns that these data will follow individual children for life. My understanding of these databases, however, is that they are to only include de-identified student data, not names, addresses, SSNs, etc. Even if a large dataset were ultimately available to colleges or employers, how would they possibly identify an individual? Individual-level data just means the information all goes with the same person, not that that person is identified.

So is the concern that incompetence, fraud, or intentional misuse might allow for a particular district to release it's linking information, allowing someone to reassociate the unique IDs and names with the de-identified data? And if that's the concern, does it mean longitudinal databases should not exist at all, or that there needs to be better protection?

Or is the concern about specific elements that are or might be included in the database, but that shouldn't be? I saw, for example, that DOB is one element recommended for inclusion in a state longitudinal system, and that seems to me to be much too easy to link back to an individual via public records. Inclusion of DOB certainly wouldn't meet standards for de-identified health records.

I like data, and see the value in longitudinal databases. (And wouldn't it be great if SPS actually used these data to evaluate the effectiveness of its curricula, programs, services, delivery models, etc.?) But I agree wholeheartedly that adequate protections need to be in place. I understand the alarm, but am trying to better understand what, exactly, others think needs to be done.

Thanks for any further insights you can provide,
HIMSmom
Unknown said…
HIMSmom,

CEDARS database includes students names, birthdates, race/ethnicity, migrant/foster/homeless status, discipline incidents, disability codes, special education codes, test scores, gpa's, scaled social/emotional scores, schedules, teachers, etc, etc, etc. which add up to 844 possible fields in one child's record. No, I am not kidding. Throughout the years, different groups have received different types of data from OSPI, some identified, some what is called "RID" or what is known as de-identified data. The problem with the de-identified data is that the identity is easily reidentified, especially if their records with hundreds of fields. In addition, some of the data that is released does not have names or birth dates, but has everything else, including OSPI and the districts student identification number. As an example, it appears Teach for America received such data from OSPI in December of 2012. A bigger concern of mine is when the data takes a big leap and becomes part of a military database, workforce database or medical databases. Because students with disabilities often stay enrolled in a district until the age of 21, there is often a very thin line separating data sharing between employment entities and educational entities.

In addition, as I shared earlier, the potential for great harm when sensitive data, including birthdates, names and addresses is not adequately protected. I can easily see this happening with Community Based Organizations, who may not be set up to handle data in a very secure manner and who many not grasp the danger of not properly safeguarding the data.
HIMS, you have a lot of good thoughts there.

Even if a large dataset were ultimately available to colleges or employers, how would they possibly identify an individual?

You'd be surprised at how easily you can get data from one place and data from another place and link them to figure out someone, especially if you are an adult at a school. For example, recently a district service provider came to a Board meeting and gave about 6 data points on a student (which is way too much and, to this day, I don't know if she got that). So I looked up this service provider, found photo of a girl with the identifiers. They had her name and more family information. I was appalled and I told the Board and district.

DOB is a standard point and not considered harmful.

"Directory information is those data identifiers that can be used by a school or district in directories, yearbooks, and newsletters, for example. It is considered information in an education record of a student that would not generally be considered harmful or an invasion of privacy if disclosed."

HIMS, I'll have more info that will help you see the issue within a week.

Mary makes excellent points.

Anonymous said…
So essentially we need an education version of HIPAA, right? And pronto?

HIMSmom
Anonymous said…
All of the data elements and definitions for CEDARS can be found in the 2014-15 CEDARS Data Manual at http://www.k12.wa.us/CEDARS/pubdocs/2014-15CedarsDataManual.pdf#Cover.

I don't see anything about "scaled social/emotional scores." I'm not saying they're not there, but I couldn't find them. This seemed like an odd attribute so I specifically looked for it.

--- swk
Unknown said…
@swk,
Those types of fields are part of WaKIDS- https://www.k12.wa.us/wakids/, "the whole child assessment gives kindergarten teachers information about the social/emotional, physical, cognitive, language, literacy and mathematics development of the children in their classrooms," which is kept in CEDARS and those fields were included as part of a recent PRR which I received. These were the fields included: CognitiveScaleScore
LiteracyScaleScore
MathScaleScore
LanguageScaleScore
PhysicalScaleScore
SocialEmotionalScaleScore
SocialEmotionalLevel
PhysicalLevel
LanguageLevel
CognitiveLevel
LiteracyLevel
MathLevel
SocialEmotionalReadyforK
PhysicalReadyforK
LanguageReadyforK
CognitiveReadyforK
LiteracyReadyforK
MathReadyforK
SocialEmotionalCompletedAllObjectives
PhysicalCompletedAllObjectives
LanguageCompletedAllObjectives
CognitiveCompletedAllObjectives
LiteracyCompletedAllObjectives
MathCompletedAllObjectives
NumberofDomainsReadyForK
Numberofdomainscomplete

When and if universal preschool begins, I would assume we would see similar early readiness assessments. FYI, I am not against such assessments, I just don't think they need to be shared as much as they are.
Anonymous said…
Mary, what's a PRR? Again, I'm confused --- I'm not seeing any WaKIDS data fields in the CEDARS Data Manual.

--- swk
Unknown said…
@swk--
Sorry, I shouldn't use PRR. It's a public record request.

I received an excel spreadsheet from OSPI entitled "CEDARS data share element descriptions" It has one tab labeled WaKIDS. I am guessing that it is not technically part of CEDARS but that CEDARS maintains that data? I am not sure. I also got field descriptions for "MSP/HSPE/EOC/PORT data elements" and WELPA which looks like English Language Learner proficiency assessment fields.

Perhaps none of these are actually CEDARS fields, in which case I should lower my number my number of CEDARS fields by several hundred.
Anonymous said…
As Mary Griffin pointed out above, deidentified data can sometimes be reidentified without any PII. See EPIC's page on this for more information: http://epic.org/privacy/reidentification/

There is some very interesting work going on right now about reidentification risks and what to do about them. https://aaas.confex.com/aaas/2014/webprogram/Session6830.html

Data mining is, what, about a $400 billion dollar industry these days? I don't know how to properly protect the information in longitudinal databases, and I agree that some are valuable and should exist, but something does need to be done. Merely deciding that the information is safe because it doesn't include PII is just not enough.

Chris
HIMS, yes we do. And to note, if medical information is obtained via school-based services, it is not covered by HIPAA.

There are number of things that need to be done and spelled out quite clearly. DOE says - openly - that FERPA is a floor, not the ceiling. However I found a document that encourages trying to overturn any state law that tries to limit access.
Many Databases said…
HIMS Mom,

Which data base are you referring to? There will be multiple databases linked to our children. Road Map Project, Common Core tests will be linked to individual children. Then, we have the Seattle Times looking to polk their noses under the tent, too.

Does anyone know if The Source is linked to Pearson?
Watching said…
Mirimac states: " A bigger concern of mine is when the data takes a big leap and becomes part of a military database, workforce database...", and I agree.

One doesn't have to look beyond Knewton and Common Core tests. Note: Knewton partners with Pearson and Microsoft.

Watch this video around Minute 6. Knewton brags that they will have more information, on any student, than any entity. The information will come from multiple data points:

https://www.youtube.com/watch?v=Lr7Z7ysDluQ&feature=youtu.be

Knewton talks about the "poor schmuck" that was slow. The video also shows that individual students can be tracked and predictions can be made. Who else will have access to this information? Who will have access to the "poor schmuck" data and how will that individual be impacted?

Once Common Core tests come on-line..we will have absolutely NO control over our children's information.

It is a very good idea to research the interconnectedness of Common Core, Knewton, Microsoft and Pearson.

Several years ago, FERPA laws were changed to allow our children's information to be given to third parties AND Common Core came along. We all know that Gates spent millions and millions promoting Common Core. Are we to believe that Gates et. al didn't have a plan?

Anonymous said…
Of course Common Core tests will be linked to individual children. How else would children receive their individual scores? And this is not a change --- the MSP, HSPE, and EOCs (and the WASL before these) are linked to individual children.

--- swk
"Poor Schmuck" said…
swk,

Common Core will link individual test scores to create individual learning via Knewton etc.

Are individual EOC, MSP etc. scores transferred to for profit entities?
Anonymous said…
Poor Schmuck, you seem to think Common Core is an entity --- in reality it's simply a set of academic content standards.

If by "Common Core" you mean the Smarter Balanced Assessment Consortium, they have no ability to share any student-level data with anyone without the permission of their member states. The member states have declared, via Smarter Balanced by-laws, that the states "own" their data, i.e., Smarter Balanced cannot link it to any entity, let alone for-profit entities.

And yes, MSP, HSPE, and EOC student-level scores are transferred to for-profit entities. In fact, the state's testing vendor who scores all of the tests is a for-profit entity. They have at minimum student names, DOB, school name, district name, and state student ID. They use these data to link students to their tests and scores.

--- swk
me said…
Many Databases,

Does anyone know if The Source is linked to Pearson?

It's not The Source anymore, it's PowerSchool, and yes, PowerSchool is owned by Pearson (of course).

Details here: Pearson - PowerSchool

They have their fingers in everything and everyone's business. More and more every day.

Popular posts from this blog

Tuesday Open Thread

Breaking It Down: Where the District Might Close Schools

Education News Roundup