Messer/Polis Student Privacy Bill Protects Commercial Interests of Vendors not Kids

For immediate release: March 22, 2015
 
Contact: Rachael Stickland, 303-204-1272, [email protected]
d
Messer/Polis Student Privacy Bill Protects
Commercial Interests of Vendors not Kids
d
The bill just introduced by Representatives Messer and Polis addresses few if any of the concerns that parents have concerning the way their children’s privacy and safety have been put at risk by the widespread disclosure of their personal data by schools, districts and vendors. 
d
Leonie Haimson, co-chair of the Parent Coalition for Student Privacy said, “The bill doesn’t require any parental notification or consent before schools share personal data with third parties, or address any of the current weaknesses in FERPA.  It wouldn’t stop the surveillance of students by Pearson or other companies, or the collection and sharing of huge amounts of highly sensitive student information, as inBloom was designed to do.” 
d
“All the bill does is ban online services utilized by schools from targeting ads to kids – or selling their personal information, though companies could still advertise to kids through their services and or sell their products to parents, as long as this did not result from the personal information gathered through their services.   Even that narrow prohibition is incomplete, as vendors would still be allowed to target ads to students as long as the ads were selected based on information gathered via student’s single online session or visit – with the information not retained over time.”
d
Rachael Stickland, Colorado co-chair of the Parent Coalition: “The bill doesn’t bar many uses of personal information that parents are most concerned about, including vendor redisclosures to other third parties, or data-mining to improve their products or create profiles that could severely limit student’s success by stereotyping them and limiting their opportunities.”
d
Other critical weaknesses of the bill:
d
  • Parents would not be able to delete any of the personal information obtained by a vendor from their children, even upon request, unless the data resulted from an “optional” feature of the service chosen by the parent and not the district or school.
  • The bill creates a huge loophole that actually could weaken existing privacy law by allowing vendors to collect, use or disclose personal student information in a manner contrary to their own privacy policy or their contract with the school or district, as long as the company obtains consent from the school or district.  It is not clear in what form that consent could be given, whether in an email or phone call, but even if a parent was able to obtain the school’s contract or see the vendor’s privacy policy, it could provide false reassurance if it turns out the school or district had secretly given permission to the company to ignore it.
  • Vendors would be able to redisclose students’ personal information to an unlimited number of additional third parties, as long as these disclosures were made for undefined “K12 purposes.”
  • Vendors would be able to redisclose individual student’s de-identified or aggregate information for any reason or to anyone, without restrictions or safeguards to ensure that the child’s information could not be easily re-identified through widely available methods.

Rachael Stickland concludes: “This bill reads as though it was written to suit the purposes of for-profit vendors, and not in the interests of children.  It should be rejected by anyone committed to the goal of protecting student privacy from commercial gain and exploitation.”

###