Tag Archives: data

Parents are asking: Who is protecting student privacy?

Common Core has been the “issue” in education and has been part of the vetting process as we move forward in this presidential election. We’ve posted a link to the candidate’s score on a “report card,” based on where they stand on this issue.

Within that report card, candidates are also graded on how well they’ve addressed other concerns like, student privacy. This is an issue that most of the candidates have not talked about.

Since we have direct access to the candidates, we are encouraging everyone to start questioning the candidates about the student data privacy issue. Ask about closing the loophole now in the FERPA law that allows personal information on your child to be shared without your knowledge or consent. What would they do to re-instate parental rights over their child’s data?

It’s important to note that the U.S. Department of Education is under extreme criticism for their own lack of security on student, parent and family data.

Why aren’t the candidates talking about this? Why aren’t they addressing this important issue? Maybe it’s time to TAKE THIS ISSUE TO THE CANDIDATES.

Read more about that scathing review:

U.S. DEPARTMENT OF EDUCATION: INFORMATION SECURITY REVIEW
TAKEAWAYS:
• The Department of Education (DoEd) has at least 139 million unique social security numbers in its Central Processing System (CPS).
• Reminiscent of OPM’s dangerous behavior, DoEd is not heeding repeat warnings from the Inspector General (IG) that their information systems are vulnerable to security threats.
o In the IG’s latest report, there were 6 repeat findings and 10 repeat recommendations.
o The Department scored NEGATIVE 14% on the OMB CyberSprint for total users using strong authentication
o The Department received an “F” on the FITARA scorecard
• The Department maintains 184 information systems.
o 120 are managed by outside contractors
o 29 are valued by the Office of Management and Budget (OMB) as “high asset”
• The National Student Loan Database (NSLD) houses significant loan borrower information. There are 97,000 accounts/users with access to this significant data yet only 5,000, less than 20%, have undergone a background check to establish security clearance.
o The IG penetrated DoEd systems completely undetected by both the CIO or contractor
• The Department needs significant improvement in four key security areas:
o Continuous monitoring
o Configuration management
o Incident response and reporting
o Remote access management

NH Parents: How Schools Will Share Your Child’s Personal Data

SAU16 students brought home a booklet today. The front page is permission to administer potassium iodide pills. Inside are several pages of policies which all parents should read. Especially the items on page 5, referencing the Federal Education Records Protection Act. Your child’s student education record can be released WITHOUT YOUR CONSENT. Read Number 3 to find out to whom.

SAU16

The loophole is “disclosure to school officials with legitimate educational interests.”

Under the new regulatory interpretation, the U.S. Department of Education (USED) (and in fact state departments of education) may disclose personally identifiable student data to literally anyone in the world, as long as the disclosing agency uses the correct language to justify its action.
http://www.nacua.org/documents/FERPA_AACRAOLetterMay2011.pdf
Under the new regulations that gutted federal student-privacy law, data can now be shared with literally any agency if the correct enabling language is used: the Department of Health and Human Services, Homeland Security . . . the IRS (source: http://truthinamericaneducation.com/privacy-issues-state-longitudinal-data-systems/common-core-data-collection/)

NH PARENTS: File “Right To Know” Request To See Data Collected On Your Children

Parents, now that the schools are collecting all kinds of data on your children, it’s important to find out where it’s going.

We advise filing a “Right To Know” request to obtain information on what’s being collected and where that information is being sent.

Send a 91-A Right to Know request to your local Superintendent and the New Hampshire Department of Education.
It’s important to ask questions like;
1) Provide a list of data that is currently being collected on my children.
2) Provide copies of my child’s school records.
3) Provide information on what data/information has left the school and where it went.
4) What outside vendors are currently collecting data/information on my children ?
5) Is there a privacy policy that you follow that guides who can receive information/data on my child?

Here is a sample you an use when requesting information: http://www.nfoic.org/new-hampshire-sample-foia-request

Check your school’s policy on privacy. If there is no policy or a policy needs to be updated, look for local privacy policies and take that to your School Board. You can ask to be put on the agenda the next public school board meeting and present a sample privacy policy. Ask for that policy to be adopted by the board to ensure they are doing their best to protect their sensitive information.

Additional Info: PARCC and SBAC States Agree to Deliver Student to USDoE

NY Times: Student Data Collection Is Out Of Control

National Science Foundation Awards $4.8 Million to Mine Student Data

Millions of Student Records Sold in Bankruptcy Case

What Data is Collected From Kindergarten Students Without Parental Consent

Common Core’s Data Collection

Common Core’s Data Collection, the State Longitudinal Data Systems and Social and Emotional Learning (SEL)

Jane Robbins, Senior Fellow with the American Principles Project gave an in-depth presentation on Common Core’s data collection and the interfacing State Longitudinal Data Systems:

This is a great thirty minute video.

Senators Ayotte and Shaheen: Supports Data Collection On Your Children

We’ve been warning about the data-mining of our children’s information through the SLDS (Statewide Longitudinal Data System)
Parents need to look at some of their elected officials to see who originally supported this in New Hampshire.

New Hampshire’s grant:
https://nces.ed.gov/programs/slds/pdf/newhampshire2012.pdf

What’s the problem with data-mining information on your children? You can read about that here:
http://truthinamericaneducation.com/privacy-issues-state-longitudinal-data-systems/cogs-in-the-machine-big-data-common-core-and-national-testing/

Read about parents having difficulty getting information on what the school/state is collecting on their children here: http://truthinamericaneducation.com/privacy-issues-state-longitudinal-data-systems/in-colorado-parents-are-denied-access-to-their-students-data/

OUR SUGGESTION? Immediately start sending WRITTEN requests to your Superintendent and the New Hampshire Department of Education and ask to see all information that has been collected on your child. Ask them in writing where information on your child is sent. It’s important to do this in writing so everything is documented.

If you run into problems accessing this information, contact Senators Ayotte and Shaheen directly to see if they will intervene on your behalf. Ask them why they would sign off on a data-collection system that gathers information on your child without your knowledge or consent.

Ayotte SLDS

Shaheen SLDS

Protecting Student Privacy Act of 2014 DOES NOT Protect Your Child’s Privacy!

[Saturday, September 6, 2014]
FERPA Alert!

An alert by ANITA HOGE

PROTECTING STUDENT PRIVACY ACT OF 2014
Does Not Protect Your Child’s Privacy!

This Bill Allows President Obama’s Executive Order to Share Data, to Become Law, Allowing Student Personally Identifiable Information to be Given to Outside Third Party Contractors Without Your Consent.

http://www.markey.senate.gov/imo/media/doc/2014-05-12_StudentPrivacy_DiscussionDraft.pdf
Senator Markey, (D)Mass, and Senator Hatch, (R)UT, released a draft bill on July 30th to amend FERPA, Family Education Rights in Privacy Act called Protecting Student Privacy Act of 2014. This bill will put the controversial regulations that President Obama changed in FERPA without Congressional authority, into federal law. So now, Hatch and Markey are trying to sidestep parents and make the outrageous Obama regulation that “unlocked data” that allows outside contractors to access personally identifiable information, into federal law. These Senators are NOT on our side, parents! There are NO protections for our children’s records. They have aligned themselves with the Obama agenda, and Obama wants it ALL…all the personal data on your kids. We say NO!

BEWARE: This draft bill is GARBAGE! This bill will continue to allow personally identifiable information on our children to be given to 3rd party outside contractors by law. Who ARE these groups and people who can have our children’s data for free? Read the list of states below to get the information to request WHO has your child’s data. They DO NOT need parents permission to get the data! They do this behind our backs. We say NO!

Did these Senators help to STOP personally identifiable information so that organizations like the Center for Disease Control could NOT access your child’s DNA without informing the parents? NO! Does this bill allow for that to happen? YES!

This allows Obama to continue his agenda that opened the flood gates of ‘free for all’ data on our children.

We say NO! Withdraw this bill!
Expose this Agenda!
We Want Protections For Our Children!
Call Today!
We Want A Congressional Investigation
Into Data Trafficking!

• Markey’s phone-tel:(202)-224-2742 (617)-565-8519
• Hatch’s phone-tel:(202)-224-5251 (801) 524-4380
http://blogs.edweek.org/edweek/DigitalEducation/2014/07/senators_introduce_new_federal.html?cmp=ENL-DD-NEWS1
Request Your State’s Data Trafficking Agenda!
Below are templates that you can use to request the written agreements in your state so you would know which organizations can access personally identifiable information on your children. We have a list of states that have developed a written agreement template to allow access to your child’s private information, PII. YOU may request the contracts yourself or go through your local state representative. This would expose the Obama/FERPA/Markey/Hatch agenda, in that, they are continuing to block the safety and privacy of our children and our families by allowing personal data to flow to outside contractors. Lets stop this, NOW!

Look at the List Below to find your State that may have a Data Sharing Template or Information so that you may Request the Contracts for Personally Identifiable Information that have been done Without Parents Knowledge and Consent. Let’s Stop the Data Trafficking!
• New Hampshire Privacy Legislation http://legiscan.com/NH/text/HB1587/id/905045

http://nheon.org/oet/readiness/NHPrivacyofStudentRecords-current.pdf

• New Hampshire Data sharing agreement http://www.education.nh.gov/data/documents/sample_memor.doc
• Link to Federal Regulations: http://www2.ed.gov/policy/gen/guid/fpco/pdf/2012-final-regs.pdf
• The definition of Personally Identifiable Information is expanded to a biometric record which includes fingerprints, retina and iris patterns, voiceprints, DNA sequence, facial characteristics, and handwriting.
• Prior consent is NOT required to disclose personal information if a written agreement of the disclosure is to other school officials, including teachers, within the agency or institution whom the agency or institution has determined to have legitimate educational interests (§ 99.31)
• A contractor, consultant, volunteer, or other party to whom an agency or institution has outsourced institutional services or functions may be considered a school official
• Disclosure can be made to organizations conducting studies to: Develop, validate, or administer predictive tests; Administer student aid programs; or Improve instruction. (§ 99.33)
• Personally identifiable information may be disclosed by a state or local educational authority or agency by entering into written agreements with organizations conducting studies
• Organizations are defined as Federal, State, and local agencies, and independent organizations
(Authority: 20 U.S.C. 1232g(b)(1)(C), (b)(3), and (b)(5))

“Biometric record,” as used in the definition of “personally identifiable information,” means a record of one or more measurable biological or behavioral characteristics that can be used for automated recognition of an individual. Examples include fingerprints; retina and iris patterns; voiceprints; DNA sequence; facial characteristics; and handwriting.
(Authority: 20 U.S.C. 1232g(b)(4)(A))

“Personally Identifiable Information”

The term includes, but is not limited to–

(a) The student’s name;

(b) The name of the student’s parent or other family members;

(c) The address of the student or student’s family;

(d) A personal identifier, such as the student’s social security number, student number, or biometric record;

(e) Other indirect identifiers, such as the student’s date of birth, place of birth, and mother’s maiden name;

(f) Other information that, alone or in combination, is linked or linkable to a specific student that would allow a reasonable person in the school community, who does not have personal knowledge of the relevant circumstances, to identify the student with reasonable certainty; or

(g) Information requested by a person who the educational agency or institution reasonably believes knows the identity of the student to whom the education record relates.
Authority: 20 U.S.C. 1232g (b)(1) and (b)(2)(A))
§ 99.31 Under what conditions is prior consent not required to disclose information?

(a) An educational agency or institution may disclose personally identifiable information from an education record of a student without the consent required by § 99.30 if the disclosure meets one or more of the following conditions:

(1)(i)(A) The disclosure is to other school officials, including teachers, within the agency or institution whom the agency or institution has determined to have legitimate educational interests.

(B) A contractor, consultant, volunteer, or other party to whom an agency or institution has outsourced institutional services or functions may be considered a school official under this paragraph provided that the outside party–

(1) Performs an institutional service or function for which the agency or institution would otherwise use employees;

(2) Is under the direct control of the agency or institution with respect to the use and maintenance of education records; and

(3) Is subject to the requirements of

§ 99.33(a) governing the use and redisclosure of personally identifiable information from education records.

(ii) An educational agency or institution must use reasonable methods to ensure that school officials obtain access to only those education records in which they have legitimate educational interests.

An educational agency or institution that does not use physical or technological access controls must ensure that its administrative policy for controlling access to education records is effective and that it remains in compliance with the legitimate educational interest requirement in paragraph (a)(1)(i)(A) of this section.

(2) The disclosure is, subject to the requirements of § 99.34, to officials of another school, school system, or institution of postsecondary education where the student seeks or intends to enroll, or where the student is already enrolled so long as the disclosure is for purposes related to the student’s enrollment or transfer.
(ii) Paragraph (a)(5)(l) of this section does not prevent a State from further limiting the number or type of State or local officials to whom disclosures may be made under that paragraph.

(6)(i) The disclosure is to organizations conducting studies for, or on behalf of, educational agencies or institutions to:

(A) Develop, validate, or administer predictive tests;

(B) Administer student aid programs; or

(C) Improve instruction.

(ii) Nothing in the Act or this part prevents a State or local educational authority or agency headed by an official listed in paragraph (a)(3) of this section from entering into agreements with organizations conducting studies under paragraph (a)(6)(i) of this section and redisclosing personally identifiable information from education records on behalf of educational agencies and institutions that disclosed the information to the State or local educational authority or agency headed by an official listed in paragraph (a)(3) of this section in accordance with the requirements of § 99.33(b).

(iii) An educational agency or institution may disclose personally identifiable information under paragraph (a)(6)(i) of this section, and a State or local educational authority or agency headed by an official listed in paragraph (a)(3) of this section may redisclose personally identifiable information under paragraph (a)(6)(i) and (a)(6)(ii) of this section, only if –

(A) The study is conducted in a manner that does not permit personal identification of parents and students by individuals other than representatives of the organization that have legitimate interests in the information;

(B) The information is destroyed when no longer needed for the purposes for which the study was conducted; and

(C) The educational agency or institution or the State or local educational authority or agency headed by an official listed in paragraph (a)(3) of this section enters into a written agreement with the organization that –

(1) Specifies the purpose, scope, and duration of the study or studies and the information to be disclosed;

(2) Requires the organization to use personally identifiable information from education records only to meet the purpose or purposes of the study as stated in the written agreement;

(3) Requires the organization to conduct the study in a manner that does not permit personal identification of parents and students, as defined in this part, by anyone other than representatives of the organization with legitimate interests; and

(4) Requires the organization to destroy all personally identifiable information when the information is no longer needed for the purposes for which the study was conducted and specifies the time period in which the information must be destroyed.

(iv) An educational agency or institution or State or local educational authority or Federal agency headed by an official listed in paragraph (a)(3) of this section is not required to initiate a study or agree with or endorse the conclusions or results of the study.

(v) For the purposes of paragraph (a)(6) of this section, the term “organization” includes, but is not limited to, Federal, State, and local agencies, and independent organizations.

LISTEN TO ANITA HOGE INTERVIEW:
http://alternatecurrentradio.com/charlottesweb/

It’s Time To Start Asking Questions On What Information The Govt. Is Collecting On Your Children

If you want to know more about this P20 Longitudinal Database that tracks 400 data points on our students, you might want to send this letter.

Dear School Board Members,

As a parent and taxpayer, I would like for you to provide me with a copy of the list of ALL of the data points that are included in the NH State P20 longitudinal database? The creation of this database was a required “assurance” in NH’s application for State Stabilization Funds under the American Recovery and Reinvestment Act (ARRA) of 2009. Its purpose is to collect and share data on all public school students in NH.

As a parent, I have a right to know what data is being collected on my children.

WATCH THIS VIDEO AND ASK WHERE IS THE NH DoE?

WHY HASN’T THIS INFORMATION BEEN GIVEN TO THE LEGISLATURE, SCHOOL BOARD AND PARENTS?

Here is another VIDEO to watch on what is done with individual student data.

The US Dept. of Education Requires “TImely and Complete Access to Any and All Data Collected” from Students on “an Ongoing Basis” via Smarter Balance Assessments

COOPERATIVE AGREEMENT Between the U.S. DEPARTMENT OF EDUCATION and theSMARTER BALANCED ASSESSMENT CONSORTIUM
and theSTATE OF WASHINGTON (fiscal agent)

In 2011 the U.S. Department of Education: contracted with Smarter Balance to create the student assessments; funded Smarter Balance with $175 million of taxpayer money; required U.S. DoE approval for any changes made to these assessments; required all student outcomes / scores which may be scored via computer, i.e. robo-scored, must be made available to the U.S. DoE.

The U.S. DoE claims that “We the People” through our states somehow crafted these Smarter Balance assessments on our own. The federal Department pretends that these assessments are not a federal takeover of public education.

When confronted at the Alton School Board on August 8th, 2013 about parental concerns about invasive data miningof private student information through the Smarter Balance assessments, Heather Gage, Division of Instruction Director with NH Department of Education denied all such claims.

Heather vehemently denied that there is any data mining of student records in violation of the law, and if there were, she would pack her bags and move out of this state immediately.
Well, pack your bags, Heather!

From the US DoE’s Cooperative Agreement with Smarter Balance and all those states in the Smarter Balance Consortia, such as New Hampshire:

“The Grantee must provide timely and complete access to any and all data collected at the State level to ED [U.S. Education Department] or its designated program monitors, technical assistance providers, or researcher partners, and to GAO, and the auditors conducting the audit required by 34 CFR section 80.26.” pg. 10

“Work with the Department to develop a strategy to make student-level data that result from the assessment system available on an ongoing basis for research, including for prospective linking, validity, and program improvement studies;” pg. 11

“Producing all student-level data in a manner consistent with an industry-recognized open-licensed interoperability standard that is approved by the Department during the grant period;” pg. 11

Under the existing FERPA law, the Federal Education Rights and Privacy Act of 1974, parental consent is required to disclose any private information in a student’s record.

However, in 2011, the U.S. Department of Education drafted new regulations changing the Family and Educational Rights and Privacy Act of 1974 (FERPA). Yes, rules written to change a federal statute. That’s illegal on its face!

These new regulations removed limitations prohibiting educational institutions and agencies from disclosing student personally identifiable information, without first obtaining student or parental consent.

For example, the new FERPA regulations reinterpreted FERPA statutory terms “authorized representative,” “education program,” and “directory information.” This reinterpretation gives non-governmental actors increased access to student personal data.

The federal Department is currently facing a lawsuit in court over their usurpation of the law. However, in the meantime, private NH student data is being shared without parental consent.
This is how private NH student data is being data mined by the US Department of Education without parental consent, but with the approval and blessing of the NH Department of Education Director Heather Gage.

http://nhfamiliesforeducation.org/content/us-dept-education-requires-timely-and-complete-access-any-and-all-data-collected-students

National Science Foundation Awards $4.8 Million to Mine Student Data

National Science Foundation Awards $4.8 Million to Mine Student Data

(Editor: www.thereportcard.org Data collected about students is old news, but “Big Data” or gobs of data that can be mined to create assumptions about our children like what jobs they will get, or what their future should look like is a scary thing in the hands of The Federal government. David Coleman of Common Core fame is a big proponent of Big Data. That includes all kinds of personal data about your kids, and about you. The US Department of Education wants that data and so does The US Department of Labor. Why? Could it be about control? Now the National Science Foundation is getting involved. And The National Science Foundation is a Federal Agency with an annual budget of $7 Billion paid for by your tax dollars. Big Data, Big Fed).

http://education-curriculum-reform-government-schools.org/w/2014/10/national-science-foundation-awards-4-8-million-to-mine-student-data/

URGENT CALL TO ACTION: Privacy under threat for NH students!

Calls needed to senators’ offices!

See the message below from a leading student-privacy warrior in NY.
The Capitol phone number is 202.224.3121

From: Leonie Haimson
Date: Sun, Sep 14, 2014 at 12:18 PM
Subject: Action alert! for student privacy

We just heard that RIGHT NOW, the Senate HELP (Health Education Labor and Pensions committee) is negotiating over the re-authorization of the Education Sciences Reform Act.  We were told that there are Democrats on the committee who are pushing for relaxing limits on access to personal student data, and are saying that researchers should be able to obtain open-ended access to complete student data sets– and that they shouldn’t have to even specify which specific student level data they want for what purposes.

We are urging all parents/advocates to call their Senators in DC ASAP and if possible on Monday morning ESPECIALLY if your Senator is on the HELP committee (listed with links to their contact info below) and especially the Democrats, and ask to speak to their education staffers with the following message:

As regards the Education Sciences Reform Act, student data used by researchers should be de-identified and anonymized to the extent possible.  In NO case should any researcher obtain open-ended access to personally identifiable student data without parental consent.  There must be strict oversight and protocols, and the researcher must explain exactly what type of personal data they need for what particular purpose and why it is absolutely necessary to complete their analysis and why this could not be achieved with anonymized data.

If you have more time to talk, you can point out that there have been more than 700 reported breaches of personal data from educational institutions since 2005 according to  http://www.privacyrights.org/data-breach

You can also point out that the NCES has said that Fair Information Practices require that only personal information that is directly relevant and necessary for the specified purpose should be collected and/or shared…

Please email us if you have any questions.

It is especially important that parents/advocates who live in the states represented by Dems below call on Monday.

Thanks Leonie and Rachael
Co-chairs, Parent Coalition for Student Privacy

Senate HELP Committee

Democrats by Rank

Tom Harkin (IA)
Barbara A. Mikulski (MD)
Patty Murray (WA)
Bernard Sanders (I) (VT)
Robert P. Casey, Jr. (PA)
Kay R. Hagan (NC)
Al Franken (MN)
Michael F. Bennet (CO)
Sheldon Whitehouse (RI)
Tammy Baldwin (WI)
Christopher S. Murphy (CT)
Elizabeth Warren (MA)

Republicans by Rank

Lamar Alexander (TN)
Michael B. Enzi (WY)
Richard Burr (NC)
Johnny Isakson (GA)
Rand Paul (KY)
Orrin G. Hatch (UT)
Pat Roberts (KS)
Lisa Murkowski (AK)
Mark Kirk (IL)
Tim Scott (SC)

Fair Information Practices: http://nces.ed.gov/pubs2011/2011601.pdf