|
Tweet This!:
|
WHO'S WATCHING YOUR CHILDREN?
compiled by education new york online
|
Scroll down to read entries organized by topic alphabetically OR use the topic links at the right to jump to categories of interest.
|
Updated Monday February 16, 2015 12:24 PM
Applications“Mobile Apps for Kids: Disclosures Still Not Making the Grade"| Date Captured | Thursday December 13, 2012 12:18 PM | | FTC: The report strongly urges all entities in the mobile app industry – including app stores, app developers, and third parties providing services within the apps – to accelerate efforts to ensure that parents have the key information they need to make decisions about the apps they download for their children. The report also urges industry to implement recommendations in the recent FTC Privacy Report including:
Incorporating privacy protections into the design of mobile products and services;
Offering parents easy-to-understand choices about the data collection and sharing through kids’ apps; and
Providing greater transparency about how data is collected, used, and shared through kids’ apps. |
| BreachesOffice of Inadequate Security| Date Captured | Monday September 05, 2011 10:40 AM | | Education breaches |
| Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) | Date Captured | Monday May 03, 2010 11:04 AM | | Recommendations of the National Institute of Standards and Technology - [The escalation of security breaches involving personally identifiable information (PII) has contributed to
the loss of millions of records over the past few years. Breaches involving PII are hazardous to both
individuals and organizations. Individual harms may include identity theft, embarrassment, or blackmail.
Organizational harms may include a loss of public trust, legal liability, or remediation costs. To
appropriately protect the confidentiality of PII, organizations should use a risk-based approach; as
McGeorge Bundy once stated, "If we guard our toothbrushes and diamonds with equal zeal, we will lose
fewer toothbrushes and more diamonds." This document provides guidelines for a risk-based approach to protecting the confidentiality of PII. The recommendations in this document are intended primarily for
U.S. Federal government agencies and those who conduct business on behalf of the agencies, but other
organizations may find portions of the publication useful. Each organization may be subject to a different
combination of laws, regulations, and other mandates related to protecting PII, so an organization‘s legal
counsel and privacy officer should be consulted to determine the current obligations for PII protection.
For example, the Office of Management and Budget (OMB) has issued several memoranda with
requirements for how Federal agencies must handle and protect PII. To effectively protect PII,
organizations should implement the following recommendations.]
|
| Child identity theftFTC "STOLEN FUTURES" WEBCAST Session Two - FAMILIAL IDENTITY THEFT - July 12, 2011| Date Captured | Sunday September 11, 2011 12:04 AM | | WEBCAST ON CHILD IDENTITY THEFT. DISCUSSES MOST AT RISK STUDENTS. Session 2 Linda Foley is the founder of the Identity Theft Resource Center, a nationwide nonprofit, victim-services advocacy, and consumer-education program based in San Diego, California. Russell Butler is Executive Director of the Maryland Crime Victims Resource Center, which provides criminal justice information and education, support services, therapeutic individual, family, and group counseling, and legal information, referrals, and representation to victims of crime. Theresa Ronnebaum is the Identity Theft Program Specialist for the Florida Attorney General's office with over 15 years experience in victim advocacy. |
| PREPARED STATEMENT OF THE FEDERAL TRADE COMMISSION on CHILD IDENTITY THEFT| Date Captured | Friday September 02, 2011 09:38 PM | | PREPARED STATEMENT OF THE FEDERAL TRADE COMMISSION
Before the
SUBCOMMITTEE ON SOCIAL SECURITY
of the
HOUSE COMMITTEE ON WAYS AND MEANS
on
Child Identity Theft
Field Hearing
Plano, Texas
September 1, 2011; EXCERPT: A. The Child Identity Theft Forum Discussions [They noted that identity
thieves often steal children’s information from schools, businesses, and government agencies.]
|
| Kindergarten Through 12 Grade Schools’ Collection and Use of Social Security Numbers (A-08-10-11057) | Date Captured | Thursday December 23, 2010 09:53 AM | | OFFICE OF THE INSPECTOR GENERAL SOCIAL SECURITY ADMINISTRATION - Despite the potential risks associated with using SSNs as primary student identifiers,
many K-12 schools continue this practice. While we recognize that SSA cannot prohibit
States or K-12 schools from collecting and using SSNs as student identifiers or for other
purposes, we believe SSA can help reduce the threat of identity theft and SSN misuse
by encouraging States and K-12 schools to reduce unnecessary collection of SSNs and
improve protections and safeguards when collected.
|
| Civil RightsRevealing New Truths About Our Nation's Schools| Date Captured | Tuesday March 06, 2012 05:54 PM | | CRDC makes public long-hidden data about which students are suspended, expelled, and arrested in school. |
| Cloud ComputingFERPA and the Cloud: What FERPA Can Learn from HIPAA| Date Captured | Tuesday December 18, 2012 07:01 AM | | SOLOVE: Parents need to look at what their schools are doing about student privacy and speak up, because the law isn’t protecting their children’s privacy.
School officials who want to develop a more meaningful and robust protection of privacy should talk to government officials who are tasked with complying with HIPAA. They can learn a lot from studying HIPAA and following some of its requirements.
Congress should remake FERPA more in the model of HIPAA. If Congress won’t act, state legislatures should pass better education privacy laws.
Because FERPA does not provide adequate oversight and enforcement of cloud computing providers, schools must be especially aggressive and assume the responsibility. Otherwise, their students’ data will not be adequately protected. School officials shouldn’t assume that the law is providing regulation of cloud computing providers and that they need not worry. The law isn’t, so right now the schools need to be especially vigilant. |
| FERPA and the Cloud: Why FERPA Desperately Needs Reform| Date Captured | Tuesday December 11, 2012 06:51 AM | | SOLOVE: Parents should lobby Congress and their state legislatures to pass laws providing better protections of their children’s data. This is an issue that should be of great concern to parents since educational institutions possess a staggering amount of personal data about students, and this data can currently be outsourced to nearly any company anywhere – even to a cloud computing provider in the most totalitarian country in the world! |
| Common Core | | COPPA | Privacidad de los niños| Date Captured | Saturday November 24, 2012 01:06 PM | |
| Kids' Privacy| Date Captured | Sunday November 01, 2009 09:40 PM | | [Thanks to COPPA, sites have to get a parent’s permission if they want to collect or share your kids’ personal information, with only a few exceptions. That goes for information sites ask for up-front, and information your kids choose to post about themselves. Personal information includes your child’s full name, address, email address, or cell phone number.
Under COPPA, sites also have to post privacy policies that give details about what kind of information they collect from kids — and what they might do with it (say, to send a weekly newsletter, direct advertising to them, or give the information to other companies). If a site plans to share the child’s information with another company, the privacy policy must say what that company will do with it. Links to the policies should be in places where they’re easy to spot.
What Can You Do?
Your kids’ personal information and privacy are valuable —to you, to them, and to marketers.]
*****NOTE DISPARITY WITH PROTECTION PROVIDED UNDER FERPA.
|
| Data BrokerTestimony of Pam Dixon Executive Director, World Privacy Forum Before the Senate Committee on Commerce, Science, and Transportation What Information Do Data Brokers Have on Consumers, and How Do They Use It?| Date Captured | Saturday December 21, 2013 09:13 AM | | The data broker industry has not shown restraint. Nothing is out of bounds. No list is too obnoxious to sell. Data brokers sell lists that allow for the use of racial, ethnic and other factors that would be illegal or unacceptable in other circumstances. These lists and scores are used everyday to make decisions about how consumers can participate in the economic marketplace. Their information determines who gets in and who gets shut out. All of this must change. I urge you to take action.
|
| Data MiningStatus of the Department of Education’s Inventory of Its Data Collections| Date Captured | Saturday August 03, 2013 08:32 AM | | 1. What information will the inventory of Education’s data collections contain and when will the inventory be completed?
2. What process is Education using to catalog its data collections, and to what extent does that process include internal controls to ensure the accuracy of the information collected?
3. What are Education’s plans to make its data collection inventory publicly available? |
| Directory InformationHearing on “How Emerging Technology Affects Student Privacy" | Date Captured | Monday February 16, 2015 12:24 PM | | United States House of Representatives
114th Congress, 1st Session;
Committee on Education and the Workforce
Subcommittee on Early Childhood, Elementary
and Secondary Education
Hearing on
“How Emerging Technology Affects Student Privacy"
February 12, 2015
Statement of Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Center on Law and Information Policy
Fordham University
New York, NY
Good morning Chairman Rokita, Ranking Member Fudge and distinguished |
| Opt-Out 2014: Protect Children video| Date Captured | Tuesday August 12, 2014 06:39 PM | |
| Opt-Out 2014: Protect Children| Date Captured | Tuesday August 12, 2014 06:10 PM | |
| Testimony of Pam Dixon Executive Director, World Privacy Forum Before the Senate Committee on Commerce, Science, and Transportation What Information Do Data Brokers Have on Consumers, and How Do They Use It?| Date Captured | Saturday December 21, 2013 09:13 AM | | The data broker industry has not shown restraint. Nothing is out of bounds. No list is too obnoxious to sell. Data brokers sell lists that allow for the use of racial, ethnic and other factors that would be illegal or unacceptable in other circumstances. These lists and scores are used everyday to make decisions about how consumers can participate in the economic marketplace. Their information determines who gets in and who gets shut out. All of this must change. I urge you to take action.
|
| Model State Law: Student Privacy Protection Act | Date Captured | Tuesday December 25, 2012 08:36 AM | | This Act shall be known and cited as the “Student Privacy Protection Act.” This Act shall be liberally and remedially construed to effectuate its purpose. The purpose of the Act is to protect the privacy of students by establishing standards for the disclosure of directory information about students by schools. |
| NCES 2011-602 Data Stewardship: Managing Personally Identifiable Information in Electronic Student Education Records | Date Captured | Tuesday January 04, 2011 09:55 PM | | SLDS Technical Brief - Guidance for Statewide Longitudinal Data Systems (SLDS) [A privacy and data protection program for student education records must include an array of
rules and procedures for protecting PII held in the record system. It also must include a full set
of public disclosures of the existence and uses of the information included in the data system,
a description of all parents’ or eligible students’ rights to review and appeal the contents of an
individual education record and of their rights and the procedures to appeal a violation. ]*****[A school directory may include PII such as a student’s name, grade level, and contact information. Taken by itself, the release of this information is not harmful to a student. However, when combined with the student’s Social Security Number or another identifier and the student’s education record, this information has the potential for violating a student’s right to privacy. The release of this combined record could lead to harm or embarrassment. Thus, the privacy and data protection program should focus on PII that will be maintained in the electronic student record system with its likely wealth of student data.2} |
| FERPAHearing on “How Emerging Technology Affects Student Privacy" | Date Captured | Monday February 16, 2015 12:24 PM | | United States House of Representatives
114th Congress, 1st Session;
Committee on Education and the Workforce
Subcommittee on Early Childhood, Elementary
and Secondary Education
Hearing on
“How Emerging Technology Affects Student Privacy"
February 12, 2015
Statement of Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Center on Law and Information Policy
Fordham University
New York, NY
Good morning Chairman Rokita, Ranking Member Fudge and distinguished |
| | FERPA Exceptions Summary| Date Captured | Monday April 14, 2014 09:03 AM | |
| | EPIC v US ED Reply | Date Captured | Wednesday March 06, 2013 12:02 PM | | 2/15/13 |
| FERPA History| Date Captured | Saturday November 24, 2012 11:06 AM | |
| DECEMBER 2011 – REVISED FERPA REGULATIONS: AN OVERVIEW FOR PARENTS AND STUDENTS| Date Captured | Monday November 12, 2012 11:00 AM | | It is important for schools to have directory information policies, as schools may not do even mundane activities (such as publishing yearbooks or creating graduation programs) without having designated the items about the students contained in the publications as directory information. For example, without a directory information policy, FERPA would require schools to obtain consent for every student every time it wants to publish a yearbook. However, many schools have been forgoing designations of directory information, as they have concluded that such designations would put students at risk of becoming targets of marketing campaigns, the media, or even victims of criminal acts |
| APPENDIX A: FERPA Guidance for Reasonable Methods and Written Agreements| Date Captured | Thursday January 05, 2012 05:57 PM | | FERPA represents the floor for protecting [student] privacy, not the ceiling. PAGE A-5 Federal Register/Vol. 76, No. 232/Friday, December 2, 2011/Rules and Regulations. |
| DEPARTMENT OF EDUCATION 34 CFR Part 99 in the Federal Register (76 FR 19726)| Date Captured | Monday December 05, 2011 11:20 AM | | SUMMARY: The Secretary of Education
(Secretary) amends the regulations
implementing section 444 of the General
Education Provisions Act (GEPA),
which is commonly referred to as the
Family Educational Rights and Privacy
Act (FERPA). These amendments are
needed to ensure that the U.S.
Department of Education (Department
or we) continues to implement FERPA
in a way that protects the privacy of
education records while allowing for the
effective use of data. Improved access to
data will facilitate States’ ability to
evaluate education programs, to ensure
limited resources are invested
effectively, to build upon what works
and discard what does not, to increase
accountability and transparency, and to
contribute to a culture of innovation and
continuous improvement in education.
|
| Education New York comments re Student Privacy submitted to FERPA NPRM - May 23, 2011| Date Captured | Monday May 23, 2011 09:22 PM | | Document ID: ED-2011-OM-0002-0001: Family Educational Rights and Privacy. The proposed changes to FERPA do not adequately address the capacity of marketers
and other commercial enterprises to capture, use, and re-sell student information. Even
with privacy controls in place, it is also far too easy for individuals to get a hold of
student information and use it for illegal purposes, including identity theft, child
abduction in custody battles, and domestic violence. Few parents are aware, for
example, that anyone can request -- and receive -- a student directory from a school.
Data and information breaches occur every day in Pre-K-20 schools across the country,
so that protecting student privacy has become a matter of plugging holes in a dyke
rather than advancing a comprehensive policy that makes student privacy protection
the priority.
|
| TITLE 20 > CHAPTER 31 > SUBCHAPTER III > Part 4 > § 1232g| Date Captured | Tuesday March 15, 2011 12:47 PM | | FERPA statute regarding directory information - note PICTURE and E-MAIL NOT in statute. US ED added through regulations -- they were not added by Congress: 5)(A) For the purposes of this section the term “directory information” relating to a student includes the following: the student’s name, address, telephone listing, date and place of birth, major field of study, participation in officially recognized activities and sports, weight and height of members of athletic teams, dates of attendance, degrees and awards received, and the most recent previous educational agency or institution attended by the student. |
| GAOMany States Collect Graduates’ Employment Information, but Clearer Guidance on Student Privacy Requirements Is Needed | Date Captured | Monday December 13, 2010 09:17 AM | | GAO-10-927 - GAO recommends that Education
clarify means by which states can
collect and share graduates’
employment information under the
Family Educational Rights and
Privacy Act (FERPA) and establish a time
frame for doing so. Education agreed
with the recommendation.
|
| Commercial Activities in Schools: Use of Student Data is Limited and Additional Dissemination of Guidance Could Help Districts Develop Policies| Date Captured | Thursday March 12, 2009 03:16 PM | | GAO -- Recommendation: The Secretary of Education should take additional action to assist districts in understanding that they are required to have specific policies in place for the collection, disclosure, and use of student information for marketing and selling purposes by disseminating its guidance to state school boards associations.
|
| LegislationCPO for Education in NY| Date Captured | Saturday March 29, 2014 10:24 AM | |
| | Opt out: What you need to knowNCES 2011-602 Data Stewardship: Managing Personally Identifiable Information in Electronic Student Education Records | Date Captured | Tuesday January 04, 2011 09:55 PM | | SLDS Technical Brief - Guidance for Statewide Longitudinal Data Systems (SLDS) [A privacy and data protection program for student education records must include an array of
rules and procedures for protecting PII held in the record system. It also must include a full set
of public disclosures of the existence and uses of the information included in the data system,
a description of all parents’ or eligible students’ rights to review and appeal the contents of an
individual education record and of their rights and the procedures to appeal a violation. ]*****[A school directory may include PII such as a student’s name, grade level, and contact information. Taken by itself, the release of this information is not harmful to a student. However, when combined with the student’s Social Security Number or another identifier and the student’s education record, this information has the potential for violating a student’s right to privacy. The release of this combined record could lead to harm or embarrassment. Thus, the privacy and data protection program should focus on PII that will be maintained in the electronic student record system with its likely wealth of student data.2} |
| Opt-OutOpt-Out 2014: Protect Children video| Date Captured | Tuesday August 12, 2014 06:39 PM | |
| Opt-Out 2014: Protect Children| Date Captured | Tuesday August 12, 2014 06:10 PM | |
| OPT-OUT PROTECT KIDS bracelets| Date Captured | Tuesday January 01, 2013 12:23 PM | | FREE! |
| OPT-OUT PROTECT KIDS| Date Captured | Sunday December 30, 2012 03:21 PM | |
| Model State Law: Student Privacy Protection Act | Date Captured | Tuesday December 25, 2012 08:36 AM | | This Act shall be known and cited as the “Student Privacy Protection Act.” This Act shall be liberally and remedially construed to effectuate its purpose. The purpose of the Act is to protect the privacy of students by establishing standards for the disclosure of directory information about students by schools. |
| FTC Alerta para Consumidores: Cómo proteger la información personal de su hijo en la escuela | Date Captured | Sunday September 11, 2011 07:37 PM | | Pregunte en la escuela de su hijo cuál es la política aplicable al directorio de información de los estudiantes. En el directorio de
información de los estudiantes se pueden listar el nombre, domicilio, fecha de nacimiento, número de teléfono, domicilio de email y foto de
su hijo. La ley FERPA establece que las escuelas deben notificar a los padres y tutores sus respectivas políticas aplicables al directorio de
información de los estudiantes, y darle el derecho de optar por que no se suministre esa información a terceros. Es mejor que presente su
solicitud por escrito y que guarde una copia para sus archivos. Si usted no ejerce su derecho de optar por que no se comparta la
información de su hijo, los datos listados en el directorio de la escuela pueden estar a disposición no sólo de los compañeros de clase y
personal de la escuela de su hijo, sino también del público en general. |
| FTC CONSUMER ALERT: Protecting Your Child's Personal Information at School| Date Captured | Friday September 02, 2011 06:10 PM | | [Ask your child's school about its directory information policy. Student directory information can include your child's name, address, date of birth, telephone number, email address, and photo. FERPA requires schools to notify parents and guardians about their school directory policy, and give you the right to opt-out of the release of directory information to third parties. It's best to put your request in writing and keep a copy for your files. If you don't opt-out, directory information may be available not only to the people in your child's class and school, but also to the general public.]
|
| PPRA | PrivacyPogoWasRight.org| Date Captured | Tuesday November 27, 2012 11:41 AM | | Youth privacy & breaches. |
| EPIC: Student Privacy| Date Captured | Saturday November 24, 2012 10:59 AM | |
| School SafetyAddressing Emergencies on Campus June 2011 | Date Captured | Tuesday June 28, 2011 06:32 PM | | United States Department of Education (USED) : Summary of two
applicable Federal education laws administered by the Department of Education (Department):
the Family Educational Rights and Privacy Act (FERPA) and the Higher Education Act of 1965
(HEA), as amended. This Federal component is only one piece of what is necessary to consider
in ensuring the safety of our Nation’s students, faculty, and school staff. A comprehensive and
effective campus policy must incorporate all Federal and State policies regarding health and
safety emergencies, education, student privacy, civil rights, and law enforcement, as well as
specific local community needs.
|
| SLDSHow Much Data Is Enough Data? What happens to privacy when bureaucracies exceed their scope| Date Captured | Thursday October 18, 2012 04:38 PM | | The following is a detailed account of Oklahoma’s P20 Council (that organization dedicated to the collection of “educational data” as prescribed by the Obama Administration through development of a State Longitudinal Data System (SLDS))- their operation, goals and function in the state of Oklahoma. This is, in fact, very important information, as EVERY STATE IN THE UNION is to have a similar council. Not all SLDS development groups are called, P20 (which stands for pre-K to 20 years of age – the time span over which this data is to be collected and accrued). Some other acronyms are P12, P20 Workforce and SLDS. |
| P-20 Data System with Instructional Reporting | Date Captured | Thursday March 10, 2011 09:18 PM | | 2010 SLDS P-20 Best Practice Conference - Summary:
The Statewide Longitudinal Data Systems Grant Program (SLDS) hosted the 2010 SLDS P-20 Best Practice Conference on November 16–17, 2010, in Washington, DC. The meeting served as a forum for dialogue, collaboration, and the sharing of best practices, providing the opportunity for more than 150 representatives from forty-nine states and the District of Columbia. FY 2006, FY 2007, FY 2009, and FY 2009 ARRA grantee states shared solutions and ideas with one another and took home information on topics identified as critical to their projects in the upcoming year.
|
| Basic Concepts and Definitions for Privacy and Confidentiality in Student Education Records | Date Captured | Thursday March 03, 2011 01:21 PM | | NCES 2011-601 This first brief discusses basic concepts and definitions that establish a common set
of terms related to the protection of personally identifiable information, especially
in education records.
|
| CHILDREN’S EDUCATIONAL RECORDS AND PRIVACY -- A STUDY OF ELEMENTARY AND SECONDARY SCHOOL STATE REPORTING SYSTEMS -- October 28, 2009 | Date Captured | Friday October 30, 2009 09:44 AM | | [The Study reports on the results of a survey of all fifty states and finds that state educational databases across the country ignore key privacy protections for the nation's K-12 children. The Study finds that large amounts of personally identifiable data and sensitive personal information about children are stored by the state departments of education in electronic warehouses or for the states by third party vendors. These data warehouses typically lack adequate privacy protections, such as clear access and use restrictions and data retention policies, are often not compliant with the Family Educational Rights and Privacy Act, and leave K-12 children unprotected from data misuse, improper data release, and data breaches. The Study provides recommendations for best practices and legislative reform to address these privacy problems.]
Joel R. Reidenberg, Professor of Law and Founding Academic Director of CLIP
Jamela Debelak, Esq., Executive Director of CLIP |
| US Education DepartmentEPIC v US ED Reply | Date Captured | Wednesday March 06, 2013 12:02 PM | | 2/15/13 |
| EPIC v US ED | Date Captured | Monday January 21, 2013 01:46 PM | | PLAINTIFFS’ CROSS-MOTION FOR SUMMARY JUDGMENT AND MEMORANDUM
OPPOSING DEFENDANT’S MOTION TO DISMISS AND MOTION FOR SUMMARY
JUDGMENT |
| Who Is Watching Your Children?It's 3PM: Who's Watching Your Children?| Date Captured | Wednesday December 12, 2012 05:48 PM | | Parents concerned about their children's privacy should be aware of how easily personally identifiable information can be bought and sold by marketers as well as by identity thieves.
FERPA was enacted in 1974 to protect the privacy of education records and directory information -- including name, address, phone number, date of birth, and e-mail address, among other personally identifiable information. Parents should be aware that under FERPA, directory information can be disclosed without parental consent. If you do not opt-out of directory information personal and identifiable information about your children may be public. |
|
|
Back to Top of Page
Protecting Children's Privacy | Information Policy News | FERPA | Learning Links |
Attendance | about | contact edny | site map
|
|
