Your SlideShare is downloading. ×
GAMABrief: When Education Meets Big Data
GAMABrief: When Education Meets Big Data
GAMABrief: When Education Meets Big Data
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

GAMABrief: When Education Meets Big Data

274

Published on

The move by many schools to adopt cloud-based data storage and data analytics solutions is unsurprising, since schools can generate significant pedagogical value through use of these technologies. …

The move by many schools to adopt cloud-based data storage and data analytics solutions is unsurprising, since schools can generate significant pedagogical value through use of these technologies. With these rewards come broad risks associated with legal and regulatory data privacy compliance. Given the slew of recent retail industry data breaches making national headlines, the risks of data collection and storage are immediately apparent. With data privacy on everyone’s mind, there has never been a better time for school administrators to fully evaluate and address their student data privacy policies.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
274
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. GAMABrief: When Education Meets Big Data The move by many schools to adopt cloud-based data storage and data analytics solutions is unsurprising, since schools can generate significant pedagogical value through use of these technologies. With these rewards come broad risks associated with legal and regulatory data privacy compliance. Given the slew of recent retail industry data breaches making national headlines, the risks of data collection and storage are immediately apparent. With data privacy on everyone’s mind, there has never been a better time for school administrators to fully evaluate and address their student data privacy policies. Big  Data  and  Educa-on:  The  Rewards According to one recent study, “[n]early 90 percent of K–12 institutions report[ed] using one or more cloud-based applications.” Data storage and analytics can provide powerful pedagogical tools. In fact, “data analytics is identified as one of the two most important emerging technology trends in the coming two- to three-year ‘horizon’ for learning.” The rewards are evident – data driven education can help differentiate coursework in a highly targeted and automated way never previously possible. Analytics can help teachers assess student progress faster, saving teachers’ valuable time. Big  Data  and  Educa-on:  The  Risks Like any organization that collects and stores user data, schools must abide by certain national- and state-level regulations, including avoiding deceptive business practices under the Federal Trade Commission’s (FTC) regulatory scheme, abiding by data breach notification laws, and, in California, maintaining separate privacy policies for any mobile applications and identifying in any website privacy policies how the site handles do-not-track browser settings. Schools are unique and face an even greater data privacy burden under the Children’s Online Privacy Protection Act (COPPA) and the Family Education Rights and Privacy Act (FERPA). The patchwork of laws and regulations at all levels makes the increasing collection of student data all the more risky. For schools, a full understanding of relevant privacy laws—specifically FERPA—is imperative before engaging in the collection, analysis or storage of student data. Cloud  Storage,  Data  Analy-cs  &  FERPA The Family Education Rights and Privacy Act (FERPA) restricts the disclosure of student records that are maintained by educational institutions who receive funds from the Department of Education. Generally speaking, FERPA allows disclosure of personally identifiable information (PII) from a student’s education record only with consent from that student’s parent or guardian. An exception to the rule – known as the “school official” exception – allows disclosure without consent to contractors or other outside parties (known as third party providers or TPPs) if that TPP meets certain requirements. For example, the TPP must: (1) perform an institutional service or function for which the educational institution would otherwise use employees; (2) be under the direct control of the educational institution with respect to the use and maintenance of education records; (3) not disclose the information to any other party without the prior consent of the parents or eligible student; and (4) may only use the information for the purposes for which the disclosure was made. A  GAMA  White  Paper  produced  by  Brandon  Wiebe  &  Noah  Johnson                                            ©  2014.  Gagnier  Margossian  LLP.    All  rights  reserved.  
  • 2. Some important questions to ask when selecting a cloud service provider: • Will parents be able to review and potentially delete portions of a student’s education data record if they so request? • What are the cloud service provider’s data retention and deletion policies? • Does the cloud service provider disclose information to third parties? • Does the cloud service provider plan to release any anonymized data to third parties? • How will the cloud service provider implement data security protections for the education data records? What  About  COPPA? The Children’s Online Privacy Protection Act (COPPA) restricts the online collection of personally identifiable information of any child aged 12 or younger without parental consent. Websites that aim their services towards children must adopt some mechanism of obtaining parental consent before they begin data collection and must permit parents to access and delete data records regarding their children. COPPA generally does not effect educational institutions directly, as very few build and maintain their own websites or mobile applications. As the line between big data and education further blurs, schools should be aware of COPPA and its implications. It is quite possible that schools themselves may be drawn to develop their own proprietary data technologies – a move that would directly implicate COPPA. Compliance in California: Even More Legal Risks California has led the way in passing a variety of data privacy laws, including state-specific additions to the FERPA requirements, as well as robust regulations governing the collection of data online. Any educational institutions located in California must also be aware of these regulations before drafting and implementing a student data privacy policy. The California Attorney General’s Office maintains a website summarizing the major aspects of these privacy laws: http://oag.ca.gov/privacy/privacy-laws. Conclusion The regulatory landscape regarding data privacy can be overwhelming for institutions handling sensitive student information. As districts continue to embrace new data-driven technologies, they must develop plans to assess and maintain compliance with both federal and state rules. A data privacy attorney can help a school district makes sense of the requirements imposed by the web of data laws, allowing districts to mitigate legal risks while reaping the rewards of exciting new technologies. For  more  informa-on  on  how  your  school  district  can  manage  data  privacy, contact  an  aIorney  at  Gagnier  Margossian  LLP.
  • 3. References Jim Finkle and Mark Hosenball, Exclusive: More Well-Known U.S. Retailers Victims of Cyber Attacks, REUTERS (January 12, 2014), available at http://www.reuters.com/article/2014/01/12/us-target-databreach-retailersidUSBREA0B01720140112. Keith R. Krueger, Data Privacy: What School Leaders Should Know, ESCHOOLNEWS (January 6, 2014), available at http://www.eschoolnews.com/2014/01/06/data-privacy-cosn-119/ (study citation omitted). See generally 20 U.S.C. § 1232g; 34 C.F.R. 99. See generally 15 U.S.C. §§ 6501–6506. See, e.g., CAL. EDUC. CODE § 49069, et seq. (specifying a parent’s right to inspect, review and challenge the content of a student’s records maintained at a school district); Id. § 49073 et seq. (specifying requirements for school districts pertaining to student directory information and exceptions to parental consent requirements). See, e.g., California Online Privacy Protection Act of 2003, CAL. BUS. & PROF. CODE §§ 22575-22579. Internet Intellectual Property Privacy Social Media Technology The Good Stuff #nerdlawyers Los Angeles Sacramento T: 415.766.4591 F: 909.972.1639 E: consult@gamallp.com gamallp.com @gamallp San Francisco

×