There Is No Protection For Student Data
“The control of information is something the elite always does, particularly in a despotic form of government. Information, knowledge, is power. If you can control information, you can control people.” – Tom Clancy
Electronic information certainly hurt Missouri Republicans this week. We all got to see how dangerous and powerful digitized information is and how little control over it we have once it is digitized. And though Clancy’s quote above refers to powerful governments, in today’s world the line between business and government has become extremely blurred. The Supreme Court ruled that NSA collection of private phone information violated the constitution. But phone companies’ collection of that data as part of their normal course of business was not questioned. All the NSA will have to do is subpoena that information from the phone companies if they have probable cause to investigate those records. In fact, they don’t even need to have the subpoena. Companies like Google regularly turn over data without being legally required to. Government now has an incentive to make sure that private companies hold on to data for longer periods, too.
Phone and internet companies are not the only ones collecting data. Why should you be concerned?
Ed Week – Millions of Student Records Sold in Bankruptcy Case
Data in education is the wild wild west. Technology and business are moving so fast that public policy has not been able to keep up. The ConnectEDU case provides the ultimate cautionary tale to districts and individuals who think their data is safe because there are policies and contractual terms in place to protect it. Those policies and procedures failed in the end at ConnectEDU, even with conscious knowledge of the situation.
ConnectEDU had amassed, in its college- and career-ready technology platform for students from middle school through college, millions of data records. The company filed for bankruptcy this year. Of course, in bankruptcy, part of the process is to liquidate assets to satisfy debt. Those data records were a tremendous asset. As Silicon Valley is likely to say, “If the software is free, you are the product.” Not that ConnectEDU’s products were free, unlike Google’s education apps, but the greater value to many of these companies is the data that those products can collect from users. What happened in the bankruptcy case was the sale of that data to two other companies, a sale which violated ConnectEDU’s own privacy policies and ignored federal warnings.
The Federal Trade Commission’s Consumer Protection Bureau was aware of the potential exposure of the millions of records while the case was working its way through the court. They sent a letter to the court that states that, “the terms of the sale of the company and its subsidiary Academic Management Systems, Inc., in bankruptcy do not provide consumers the notice and choice set forth in the privacy policy and could potentially run afoul of both the FTC Act and the Bankruptcy Code.” They asked the court to have ConnectEDU “1) provided users with notice of the sale of their personal information and opportunity for its removal; or (2) destroyed the personal information. Alternatively, under Section 363(b)(1)(B), the Court could appoint a privacy ombudsman to ensure that the privacy interests of ConnectEDU’s customers are protected.”
Sadly for the millions of students and their families who potentially had their student’s test scores, grade point average, learning disability, email and home addresses, phone number, date of birth and more collected by There Is No Protection For Student Data » Missouri Education Watchdog:
