Parent Coalition for Student Privacy member Cheri Kiesecker speaks at Screen Time Colorado event tonight 4/20/17!

Does your child’s school have a one-to-one (1:1) program where each child is provide a laptop, tablet or netbook, or does it use a bring-your-own-device (BYOD) program? Does your child use technology at home to complete homework assignments? If so, this  event is especially for you!

From Colorado Screen Time’s website:

According to the American Academy of Pediatrics, today’s children are spending an average of SEVEN hours per day on entertainment media, including televisions, computers, cell or “smart” phones and other electronic devices.  Screen use and the electromagnetic radiation emitted from these devices has been associated with myriad health risks including myopia, retinal damage, sleeplessness, addiction and behavioral issues to name a few. The use of screens in schools also brings with it information sharing and privacy issues associated with online curricula, online assessments, and student data collection. 

Come listen to experts in child psychiatry, radio frequency radiation, mental health, and data privacy (including our own Cheri Kiesecker!) discuss these issues.

WHEN: Thu, April 20, 2017; 6:30 PM – 8:30 PM MDT

WHERE: Denver Field House; 1600 Federal Boulevard, Denver, CO 80204

To register, visit:

For more information, visit:

Parent Coalition for Student Privacy Opposes Federal Data Matching Program

The U.S. Department of Education proposes to extend the program in which it matches personal data of resident alien students with data from the Department of Homeland Security  and the US Citizenship and Immigration Services, for the purpose of establishing their eligibility for financial aid.

We oppose this proposal, as explained below, given the sensitivity of the personal  information involved, and the fact that the US Education Department has been repeatedly shown to have faulty data security protections.  Most recently the IRS pulled the FAFSA Data Retrieval Tool off the US Education Department website after discovering that the personal data of as many as 100,000 taxpayers may have been breached.  Until the Department’s data security protections can be significantly strengthened, this data exchange should not occur.

See the notice here:  We urge others to join us in opposing the extension of this program by posting your comments here. The new deadline to submit comments has been extended to May 19, 2017. Thank you!

Chicago student illegally pressured to provide personal information to College Board

Today is PSAT/SAT day at many high schools throughout the nation. Here is a list of the states that require these exams be given to all high school juniors, this week and next.  There are also many schools and districts that are voluntarily giving these exams today, including those in NYC and elsewhere in NY state.

You can see that Illinois is on the list; and yesterday, students in Chicago were asked to fill the College Board Student data questionnaire one day ahead of time.

This questionnaire urges students to provide sensitive personal information concerning their race, ethnicity, religion, social security number, GPA, citizenship, high school course work and interests, the family’s education, income and/or military background, as well as various student “self-ratings,” all of which College Board sells or “licenses” to participating “partners” at 42 cents per name. Answering the questions on this questionnaire is purely voluntary, though this has not been made sufficiently clear to teachers or students.

Below is the account from a parent at one of Chicago’s largest high schools, Lane Tech, relating the pressure put on her son to fill out the Questionnaire, from an email sent to Cassie Creswell of Chicago’s More than a Score and a member of our Coalition.

Not only is it unethical to place such pressure on students; it is probably illegal as well.  College Board is infamous for its confusing instructions  to teachers, proctors and students about which questions must be filled out on the test sheets and the separate Questionnaire and on the PSAT test sheets, as I explained here.

As Cassie pointed out, the fact that this parent was not sent any sort of consent form ahead of time would also seem to violate Chicago Public School policy because parents are supposed to be given the opportunity to review the survey/assessment prior to being administered to their children if the students are under 18, and  asked for their consent.

Please contact us at if you have any information about similar occurrences at your child’s school.

Here is the email to Cassie from the parent:

Thank you for contacting me! I was very surprised at the questions he told me were being asked of him and the proctor’s response.

We were not given any sort of consent forms from Lane or any notification on this type of questionnaire.

My son texted me and told me the questions were asking parent status, household income, documentation(citizen), religion, race.

According to my son, when he told the proctor he was uncomfortable answering these questions, she said he had to fill them out and wouldn’t let him go to the bathroom unless they were filled out. He didn’t fill them out and didn’t go to the bathroom either. I asked if others had any issues with it and he said he really didn’t know.

Again, this was at Lane Tech high school in Chicago and he is a junior and the SAT is a mandatory test in his high school.

More on the College Board’s evasions and lies about collecting and selling your child’s personal data

College Board officials belatedly responded to Cheri Kiesecker’s post describing their practice of collecting and selling personal student data without parental consent –and and their response is included at the end of her article in yesterday’s  Washington Post Answer Sheet.

Interestingly,  they did not deny that they sell students’ personal data – or in their words, “license” the data for a fee to institutions, for-profit corporations and the military.

You can see how they admit this on their website — at the cost of 42 cents per name.  Selling this data is a violation of law in many states including NY and Colorado, and also a violation of the Student Privacy Pledge, which the College Board has signed.

And despite their claims to the Washington Post that “When students take the SAT and PSAT, the proctor instructions make clear that some items on the questionnaire are optional, and they may skip if they prefer not to answer,” nothing could be further from the truth.

First, there is nothing on the student answer sheet to let students know which questions they do not have to answer.

And if you read   the script for  proctors, as specified in the 2017 PSAT supervisors manual,  on pp. 10-12, you can see how evasive, confusing and ambiguous are the instructions that are supposed to be read aloud to students.

After asking students to fill out  their (obligatory) names and addresses, this is what the proctor is then supposed to say :

There is nothing in this script indicating that providing information about high school course work is purely voluntary and may be shared with third parties for a fee.

Then come some really dicey questions, prefaced this way:

Though this part of the script does indicate that participating in the School Search program is voluntary, it does not mention which personal information aside from test scores or telephone numbers will NOT be shared with third parties, and no indication that this data will be sold to various institutions and corporations and even the military at 42 cents per name.

Then, as a separate question come the doozies— with  nothing in the script to suggest that answering these questions are voluntary.  Worse yet, students have already been asked to check off the box as to whether they want to participate in the Student Search, without having yet seen the information that may be shared.

There is one mention above that students “may leave”  questions blank related to their racial and ethnic backgrounds – but this is not part of the script that proctors are asked to read aloud.

Now come other even more personal questions, with no hint at all either in the read-aloud script or otherwise that answering these questions are optional:

Above are questions about the students’ religion, potential major and grade point average, the education level of their parents or guardians, and if their parents have a military background.   The latter information is probably very valuable to the Department of Defense, which according to the NYCLU, purchases this information from the College Board for military recruiting purposes.

Not only is nothing mentioned about the voluntary nature of these questions, but the instructions tell the proctor to encourage students to fill in the question asking their potential college major, and help them identify the “code” for their religion if they have trouble seeing it.

To make things even more confusing, the College Board then mixes in questions asking  the student’s birth date and gender — which are required to be filled out, with no indication of any change in the nature of these questions.

Then they ask for the student ID number or social security number, even though the latter is considered very sensitive.

So you can see that this script for proctors is written in the most ambiguous way possible, with voluntary questions mixed in with required ones, and no clear indication which is which or that much of this personal data will be shared with third parties for a fee.

I have yet to see the script or the answer sheet for the SAT — as opposed to the PSAT.  If anyone has a copy please send it to me at

I have heard that the questions include the now politically sensitive question about their citizenship, which may be the reason that in NYC,  principals have been told not to include the Student Data Questionnaires as part of their administration of the SAT or PSAT exams — and to skip #11 on the answer sheet, which relates to religion, but not any of the other questions.  Indeed, the online Student Search questionnaire has questions about citizenship and more.  But there may be other personal questions on the answer sheet and in the proctor’s instructions so beware.

If your child has already filled out these questions, either online or in a previous administration of the exams, you can still opt out of further disclosures.  According to the College Board,

“If at any time you change your mind and want to stop participating, please contact us via email or at (866) 825-8051. Please note that any eligible participating organizations that have already received your name and other data may continue to send you information, but your information will not be included going forward from the time you elect to opt out.”

If your child takes the SAT or PSAT, is his or her personal information being collected, profiled, licensed and sold?

A version of this report by Cheri Kiesecker, Colorado parent and member of the Parent Coalition for Student Privacy was posted this morning on the Washington Post Answer Sheet –   with a response from the College Board.

PSAT/SAT day is April 5 in NYC and elsewhere when these exams are given at school to high school students.  This article reveals all the very personal data the College Board collects from students without making it clear that answering  most of the questions are voluntary. 

Meanwhile, the CB sells a lot of this information for .42 cents per student name to colleges, for-profit organizations and even the military, for marketing and recruiting purposes – only they call it “licensing” — despite the fact that selling personal data is illegal in NY, CO and many other states.

Summary: do NOT let your children answer any questions on the PSAT or SAT other than  five obligatory questions: name, grade level, sex, date of birth, and student ID number.  

By Cheri Kiesecker

In schools all over the country, middle and high school students are being assigned to take PSAT and SAT assessments in a few weeks. I’m a parent and after my child’s class was asked to take the practice SAT (PSAT 8/9) this past October, I discovered that the College Board, owner of these college entrance assessments, solicits personal information from each student without parental consent.

Several weeks after the test, the College Board returned the completed PSAT answer sheets and test booklets to students once the exam had been scored and recorded. I was surprised to learn that the PSAT 8/9 answer sheet begins by asking many very personal questions of each student; though nowhere on the form or booklet does it say these questions are optional.

The PSAT 8/9 instructions printed on the answer sheet said only this:

  • Use a number 2 pencil only. Print the requested information in the boxes for each item.
  • Fill in the matching circle below what you write in each box. Erase errors completely.
  • In very fine print, at the top of page 4 on the answer sheet, it states,

QUESTIONS TO HELP THE COLLEGE BOARD HELP YOU Your answers to the following questions will help the College Board ensure that tests and service are fair and useful to all students. Your responses may be used for research purposes and may be shared with your high school, school district and state.

The answer sheet had spaces for the student’s name, grade level, sex, date of birth, student ID number or social security number, race/ethnic group, military relation, home address, email address, mobile phone, GPA, courses taken, and parents’ highest level of education.

If parents or students were to take it upon themselves to peruse the College Board website, they would find a page which urges students to participate in the College Board’s Student Search Service. See the table below for a list of the data that is potentially collected and shared, depending on the specific College Board assessment, SAT, PSAT or AP.   Many of these questions are also asked of students right before they take the exam, as part of the Student Data Questionnaire.  (click to enlarge on the left)

As you can see, among students’ personal information collected and sold includes citizenship – a particular concern given the increased risk that undocumented students may be identified and targeted by immigration officials. In New York City, apparently because of these concerns, public schools that are administering the SAT have now been alerted not to include the Student Questionnaire as part of the test.

After searching the College Board website, I promptly contacted the College Board and asked why students are asked about their family’s race, religion or military background. What does the College Board do with this personal data? Who specifically do they share data with? You can see my questions and the confusing and evasive response from the College Board here. Oddly, it took the College Board over three months to answer. Additionally, my immediate follow up questions sent two months ago, which include asking whether they sell student data and whether it is required for students to provide their religion, are still unanswered.

In their January response, the College Board claimed that students were told which questions were optional and that students had given “express consent” to share this information. In actuality, after talking to students, parents, and administrators at the school, it was clear they were unaware that these questions were optional. Additionally, Colorado law says students must be at least 18 years old to consent to the use, sharing, or retention of their personally identifiable information.

Neither the PSAT 8/9 answer sheet or test booklet informed students that most of these questions were optional, or distinguished them from the obligatory questions, demanding they fill out their name, school, etc. In fact, the “optional” questions are not identified in the PSAT 8/9 Supervisor Manual or the script which proctors are instructed to follow.

However, according to the College Board’s response to my query, only the first five questions on the answer sheet are obligatory, including student name, grade level, sex, date of birth, and student ID number. The remainder of personal questions, including race, religion, military background, GPA, home address, phone, etc. are optional.

When sitting down to take this high stakes test, how is a student able to know which questions are considered voluntary if this is not clearly marked or communicated? With the answer sheet instructions stating to fill in every box, students tend to follow suit, fearing that an incomplete answer sheet could render their scores invalid. Why does the College Board even have a space for a student’s social security number in place of student ID number, when most states forbid using social security numbers as primary identifiers? Why aren’t parents asked for consent before information about their child’s attitudes, religion and race are collected and apparently shared, accessed by outside organizations via purchased license according to the College Board website?

Under federal PPRA law, sensitive questions like religion or income, require prior informed parental consent.

Remarkably, there is no federal law prohibiting the sale of personal student data. However, there is a self-policed software industry privacy pledge in which signers promise not to sell a student’s personal information. The College Board has signed this pledge. In addition, like many other states that have recently enacted student data privacy laws, Colorado’s student data transparency and security law also prohibits vendors from selling personal student data except in the case of a merger or acquisition. Accordingly, the amended contract between the State of Colorado and the College Board for SAT and PSAT10 expressly says that the “contractor shall not knowingly….License or sell Covered Information, including PII to any third party.”

Consider the astonishing amount of data collected on students today, in particular, think of the data collected and analyzed when students take a college entrance assessment. Many states now require high school students to take the SAT in 11th grade. Some states, districts, or individual schools require students to take the practice SAT assessment in 8th, 9th or 10th, grades, in hopes of improving their scores later on the SAT. However, what many parents and schools do not know, is that their student’s personal data, including “geographic, attitudinal and behavioral information” can be profiled and accessed by organizations via a license they purchase from the College Board. Yet the College Board’s privacy policy to parents and students claims they do not sell student data. Rather, they sell a license to access a student’s personal data. What is the difference? Indeed, this distinction seems only semantics and seems deceptive.

The College Board sells licenses to access the data through a tagging service called College Board Search. The Segment Analysis Service™ is one of three featured tools of the Search, along with the Enrollment Planning Service™, and the Student Search Service®. These are “enhanced tools for smart recruitment”. The College Board’s Authorized Usage Policies states, “Student Search Service in connection with a legally valid program that takes such characteristics into account in furtherance of attaining a diverse student body.

The pricing for the College Board Search student data tagging service is $0.42 cents per student, and allows college admission professionals to identify prospective students based on factors such as zip code and race and to Leverage profiles of College Board test-takers for all states, geomarkets, and high schools.” Segment Analysis Services is “for admission offices that need market and attitudinal information early in the recruitment process in order to better segment and target the admission pool,” and “Use Educational Neighborhood and High School Clusters as criteria when licensing names with Student Search Service, Access individual cluster factor scores. Tag an unlimited number of files…”

Which organizations buy personal student data licenses from the College Board? They are not listed anywhere on the website, but a NY Civil Liberties Union fact sheet reveals that the Department of Defense is among the institutions which buys student data for recruiting purposes.

College Board, ostensibly a non-profit, had $77 million in profits and $834 million in net assets in 2015,  according to Reuters. How much of that income garnered through the licensing of student data?  

Please see Pricing & Payment Policies for specific information.
But why is the College Board allowed to share personal student data through the Student Search Service, in which companies are charged via a “license agreement” if this is specifically prohibited by Colorado law?

Is the College Board selling personal student data in other states, through their “license” agreements, despite having signed the student privacy pledge?

Interestingly, since I’ve started asking questions to College Board and the state, the College Board recently sent home Student Data Consent Forms for the PSAT 10 and SAT to some Colorado families the week of March 6, 2017. This is a good first step and should have been done prior to students taking the PSAT 8/9 assessment last fall. However, there is no parent signature required on these new consent forms. Why is the College Board still asking for consent from a minor student and not the parent?

Here is an excerpt of the new SAT consent form sent home to Colorado students (click to enlarge):

The SAT Student Data Questionnaire asks students about their personal attitudes and interests:

The Colorado contract with the College Board for SAT and PSAT10 states the following about this Student Descriptive Questionnaire:

Curiously,  the SAT Consent Form links to instructions for the College Board’s Student Data Questionnaire which say, “The data you provide will be added to your College Board student record, even if you choose to not participate in Student Search Service.” What personal information is being “added” to a student’s record and what is the purpose? Can that information still be licensed and shared?

As reported by independent consultant Nancy Griesemer in 2015, ACT also has a lengthy pre-test survey that collects personal data from students which, combined with other data, is being used by colleges and universities to assess the student’s “Overall GPA Chances of Success” in various majors and courses, measured in terms of likely to receive “B” or “C” or in these areas. You can see what these scores look like on this updated sample ACT report. (Notice this ACT report also includes the student’s citizenship status.)

As discussed in the Washington Post last year, there’s still a lot students and parents need to know about how data is collected, shared, and accessed via licenses sold. And as Politico reported in 2014,

Many kids also put their personal profiles on the market — whether they realize it or not — when they take college entrance exams. Students taking the SAT, ACT, Advanced Placement exams and other standardized tests are asked to check off a box if they want to receive information from colleges or scholarship organizations. Depending on the exam, at least 65 percent — and as many as 85 percent — of test takers check that box, according to the College Board and ACT. That consent allows the College Board and ACT, both nonprofits, to market students’ personal profiles…”

That struck me as almost predatory, playing on students’ hopes and fears by having them surrender their personal data. So, I wrote to the College Board and asked, what happens if students do NOT give their data to Student Search? Will this limit their ability to get into colleges? Will they still be considered for scholarships?

The answer from the College Board is important for every student, parent and school administrator to hear: “if a student does not opt in to Student Search Service it will not impact their chances at being accepted into colleges or scholarship programs in any way.”   This should be printed on instructions, every test booklet, and website.

My experiences as a Colorado parent show that this frustrating lack of transparency still exists today. And it’s getting worse as increasingly, data and algorithms are being used to make decisions about students’ lives, without their even knowing. These algorithms can analyze and recombine data to make predictions about their futures. As an article in Fast Company reveals, Students’ data footprints are affecting their lives in ways they can’t even imagine:

“...Even major life decisions like college admissions and hiring are being affected. You might think that a college is considering you on your merits, and while that’s mostly true, it’s not entirely. Pressured to improve their rankings, colleges are very interested in increasing their graduation rates and the percentage of admitted students who enroll. They have now have developed statistical programs to pick students who will do well on these measures. These programs may take into account obvious factors like grades, but also surprising factors like their sex, race, and behavior on social media accounts. If your demographic factors or social media presence happen to doom you, you may find it harder to get into school—and not know why.”

Despite much opposition, a 2011  regulatory change to the Family Educational Rights and Privacy Act,  FERPA,  weakened this federal law that once protected student information from being shared without consent.  FERPA needs to be fixed and parents need to be given back their rights to consent to student data sharing. State laws as well as the Student Privacy Pledge need to be scrupulously enforced so that personal student data is not sold for profit. Bottom line, parents and students after they reach 18 should own and control their own data. They should have a say as to whether and how personal information about their child is shared outside of the school walls.