A new online privacy bill has been passed by the California Assembly which aims to protect student online privacy. It is the first bill to be passed in the U.S specifically covering the online privacy of K-12 students. Senate Bill 1177 has been termed The Student Online Personal Information Protection Act (SOPIPA), and the new bill is intended to prohibit companies from using the data collected from Apps and online technology products from being used for profit.
The new measure was introduced by Senate Leader Darrell Steinberg following the discovery of inadequacies in online data security on K-12 websites. Online security flaws have allowed student profiles and personal data to be accessed and used by third party contractors with that information potentially sold on to advertisers and marketers to enable the targeting of K-12 students.
Federal law currently prohibits the use of student information by districts, yet the companies who are employed to manage websites and data are not covered under current legislation. Since the creation, management and maintenance of many school is contracted out to third parties, confidential information may be sold on to marketers. Unfortunately, since the data is cloud hosted, from the second it is created it has already moved out of the districts control.
Last year, Google told Education Week Magazine that the applications used by schoolchildren actually scanned their private emails to gain information to help provide targeted adverts through its network. Many of the apps currently in use in classrooms require students to create personal accounts. In order for them to do so they must enter personal information about themselves, in some cases this includes details of their home and even their home addresses. This highly sensitive information is made available to third parties and the risk to children’s online privacy and security is severe.
Applications currently used by teachers involve the entry of data such as attendance records, grades, health and student discipline, and all of this data is not being kept private and confidential. Private emails sent between students, parents and teachers are also cloud stored and potentially open to be read, used and sold on.
The new SOPIPA bill, if passed by the Senate, is likely to force companies to encrypt data, take greater care over who is allowed access to student information and will prevent student data from being used for profit. The bill should at last tighten up and safeguard student privacy, although student information would still be available for educational purposes. It will also ensure that educational tech data is kept secure.
Current restrictions covering K-12 student online privacy regarding educational technology products is restricted only by the privacy policies on K12 websites, which in the majority of cases, removes liability for any misuse of data and allows that data to be disclosed to whoever the company wishes.
Senate President Pro Tem Darrell Steinberg believes SOPIPA to be a landmark bill that will protect student online privacy and hopes that other states will follow California’s lead. In his words, “My goal is to encourage technological innovation while protecting kids’ privacy and this bill doesn’t trade one goal for another, it achieves both”.