This Week in Student Privacy: 11/25
The US Education Department’s Vulnerable Databases
At a House oversight hearing, “the department came under withering criticism […] about just how vulnerable its information systems are to security threats.” At the hearing on November 17, “Inspector General Kathleen Tighe testified that USED’s […] ‘data security’ system is riddled with vulnerabilities.” “She said that her office had been able to penetrate some department systems without being detected” and that she “is still concerned about the potential for breaches”
“Lawmakers at the hearing […] took Danny Harris, the chief information officer of the Education Department, to task for the way data is handled,” and found that USED “needs significant improvement in four key security areas: continuous monitoring, configuration management, incident response and report, and remote access management.”
When “a congressional scorecard issues this month on how well federal agencies were implementing four key areas of the Federal Information Technology Acquisition Reform Act, or FITARA gave the Education Department three Fs and one D,” Danny Harris, the CIO of the Education Department, “said he thinks the department should have received a C.”
When asked about “how long it would take to modernize all of its data systems, Harris “said he didn’t know across the entire platform.” But, he says, “we are working hard”
Read more about the hearing: “Congress blasts U.S. Education Department for vulnerabilities in data bases” (The Washington Post), and from a more partisan perspective: “U.S. Department of Education Data System Riddled with Vulnerabilities for Students” (Breitbart).
Watch the hearing on YouTube: Department of Education — Information Security Review
Articles/Resources
- EducationWorld: “New York to Potentially Reduce Role of Test Scores in Teacher Evaluations”
- EdSurge: “A New Vision to Personalize Writing Instruction”
- On EdX’s outlook: “EdX Stays Committed to Universities, Offering Credits for MOOCs” (EdSurge), “EdX pivots while retaining focus on traditional higher ed” (EducationDIVE)
- InformationWeek: “McGraw-Hill Education Shows How Small Data Trumps Big”
- EdSurge: “A Night to Remember: Photos from the 2015 DILAs Gala”
- Education Week: “8 Ways Machine Learning Will Improve Education”
- EdSurge: “The Uncertain Future of Mozilla’s Once-Hyped Badges Project”
- EducationDIVE: “OECD: US is middle-of-pack among global peers in education”
- Dedham Transcript: “Massachusetts Senate passes public education, social media privacy legislation”
- Havasu News: “Arizona education leader talks teacher pay, student data in Kingman”
- The Commercial Appeal (Memphis): “SCS says it will reject ASD student data request”
- Waltham News Tribune: “Waltham schools release student privacy documents”
- Wisconsin State Journal: “Jesse Kremer: Protect student privacy at Wisconsin high schools” (opinion)
This update was compiled by Jeremiah Milbauer, with help from Paulina Haduong. Jeremiah is a first year at the University of Chicago and an intern for the Student Privacy Initiative at the Berkman Center for Internet & Society.