Additional resources from education privacy groups, such as the Student Data Privacy Consortium, the Data Quality Campaign and the Future of Privacy Forum, will also be included as part of the free Check the Privacy resource, whose 20-member advisory board will regularly update the library and ensure it's current.
While the site is up and running, its searchable library will not be available until the 2019-20 school year, EdSurge reports. Ed tech vendors should make sure their privacy policies and terms of service are updated in the meantime.
As the importance of both data privacy and efficient budgeting become bigger parts of the education industry, ed tech products must be carefully vetted to protect the personal information and data of students, faculty and schools.
Though the industry offers cool features that enhance curricula and classroom learning, ed tech is also a growing security risk. In September 2018, the FBI issued a public service announcement warning parents that K-12 students are at risk of illicit data collection, including personal identifiable information, biometric data, academic progress and students’ geolocations.
Ultimately, districts are responsible for ensuring all ed tech adheres to the Children’s Internet Protection Act, The Children’s Online Privacy Protection Act and the Family Educational Rights and Privacy Act, as well as any state laws that may be in effect. They're also responsible for ensuring that district data — including students' and families' grades, personal information and financial statuses — are protected and unable to be hacked into by foreign parties. And with more and more products entering the market, added to administrators' already heavy loads is the task of vetting products, vendors and tools to make sure everything that gets integrated into the district complies with all necessary regulations.
Despite the prevalence of ed tech sprouting up around the country, few districts have created full-time positions dedicated to protecting privacy. Denver Public Schools and Baltimore County Schools, though, are two exceptions. In those districts, an administrator is tasked with making sure the district stays in compliance with federal privacy laws such as FERPA, COPPA and CIPA, as well as any other state-specific student privacy laws that may be in effect.