Supporting Student Data Privacy: An Educator’s Conundrum
Why Data Privacy Policies are Important for the Future of EdTech
By Divya Sridhar, Ph.D., Policy Advisor at McGraw-Hill
Data is an important asset for students and educators, as it is continuously used to innovate and improve products and services. To better support personalized learning for students that captures their individualized interests and potential, educators and students should have access to the latest advancements in educational technology.
To ensure the educational community is receiving the right amount of technical support, it is important that educators and administrators stay abreast of data privacy changes.
Schools should be actively advocating in favor of balanced laws and regulations that allow them to collaborate with education technology companies — pursuant to federal and state laws and parameters.
But for many in the educational community, data privacy may be unchartered territory. In this post, we outline strategies that all educators can employ to protect student data, while also leveraging it to improve learning outcomes.
The Student Data Privacy Landscape
Recently, there has been a rapid wave of new state legislation, some of which has been enacted into state law, which has dramatically changed the existing student data privacy landscape. I outline several of these in this editorial published by MDR. Many of these bills and laws understandably favor the consumer and their rights to their own education data. Still, some of the policies have been shortsighted in determining the implications for school districts and the service providers who support districts in data collection, storage, and sharing. New policies inadvertently place limitations on service providers and, in some cases, may obstruct the use of data in the classroom, potentially hindering digital learning and the 21st-century classroom.
Imposing restrictions on adaptive learning technologies limits the use of data-rich techniques and analytics in the classroom, and can have a chilling effect on progressive teaching practices that support personalized, 1:1 interaction.
Educators realize many benefits from adaptive technologies, from streamlined workflows to interactive interfaces, real-time insights, performance analytics, and more. Therefore, educators should feel assured that, due to the specific privacy policies and practices adopted by their school and the overarching laws that exist in their state, they can use technologies in the most efficient and effective manner, and their students are appropriately safeguarded
What are the Common Underpinnings that Support Strong Ed Tech Practices?
As important catalysts for change in the 21st-century education ecosystem, educators should keep a few key aspects of personal information in mind. Further, schools should inform educators of the existing policies and practices focused on the way schools collect, use, and share data within the education ecosystem.
Some of the key aspects of data use in a school setting, as it concerns education technology, that educators should be aware of are:
1) Schools Are “Data Controllers”
Federal and state laws give schools full decision-making power with regard to student data, referring to them as data controllers — those who have the “final say” on what happens with regard to student data requests. This means that service providers and education technology companies can only use student data once schools have given approval to service providers to complete a specified action. Educators and schools should rest assured that they have the final say in any decisions about their students’ data, but should keep in mind that the data can only be used by service providers for educational purposes, and shared with third parties based on the specified provisions in a contract between the school and the service provider.
This also means schools should be monitoring when state policies or laws change to add new requirements in their contracts, and schools should push back if proposed requirements in policy seem to be an overstep of what is feasible for the school.
2) Schools May Need to Make Resource Commitments to Meet New Data Privacy Laws
Educators and schools should be aware of the financial commitment that may be necessary in order to meet new requirements in state laws. New privacy laws and regulations have set the requirements and standards for what the data use and privacy contracts will need to include, and schools are responsible for fulfilling these requirements and cascading down new developments to their staff. This is where regular training events for support staff — such as organizing forums for discussion, like a student data privacy advocacy day — can help educators keep pace with new laws and requirements.
3) EdTech Companies Can’t Sell Student Data
Education technology companies that have access to students’ personal information are not allowed to sell that data, or engage in targeted advertising or marketing. These practices are prohibited by federal laws and individual state laws. Therefore, educators and schools should work together to assuage fears of students and families about the improper use of data for noneducational purposes.
4) Student Data Should Only Be Used for Educational Purposes
Finally, educators should not confuse the use of students’ personal information strictly for educational purposes and analytics, versus the use of aggregated, de-identified student data for research purposes and long-term research studies. While some legislation seeks to overextend the type of data used for research, education technology companies are bound by clear guardrails in the ways and types of data they can collect and use, pursuant to federal and state laws.
Educators should feel confident that they are realizing the benefits of using education technologies as valuable tools to support more personalized learning in the classroom. To further reduce inequities that exist across the digital divide, educators should be fully aware of the merits of education technologies and the safeguards, laws, and regulations that exist to protect students from personal data misuse.
Divya Sridhar, Ph.D., is the Policy Advisor for Government Affairs at McGraw-Hill. McGraw-Hill is a learning science company, serving students, teachers and faculty with customized print and digital educational content, software, and services for pre-K through postgraduate education. In her role, Divya supports thought leadership on the company’s education policy priorities, relationship building with federal state and local policy makers, and strategic advocacy for the company’s business units. Divya has 10 years of combined experience in healthcare and education policy and has worked on issues such as interoperability, district digital transformation, educational equity, student data privacy, and funding for instructional materials.