PROTECTING STUDENT PRIVACY AS PART OF THE NYS BUDGET BILL

Class Size Matters has led the fight for student data privacy in NY State.  We are encouraged that the Governor and Legislature appear to be discussing the possibility of severing the state’s relationship with inBloom as part of the budget negotiations.  As New York is now the only state still participating in this egregious project, this would be an important step forward.  However, cancelling inBloom would NOT be sufficient to provide the comprehensive privacy protections that New York’s children need and deserve.

We continue to support A6059A/S5932-A13 as the best and the most workable legislation to protect student privacy and security.  This bill would provide parents the right to consent to any redisclosures, as inBloom was designed to do.  It would also ensure full transparency and strict requirements for any vendor gaining access to personal student information, including the strongest encryption standards, regular audits, and full indemnification for breaches.  We believe that some additions should be made to the bill, including that an independent taskforce of stakeholders be appointed to investigate current and future plans for data-sharing and come up with additional recommendations in the area of student privacy.  The bill language, along with annotated commentary and suggested additions, is posted here:  http://tinyurl.com/mqhc8gn

We also support the provisions in A8929 that would allow parents to opt out of data-sharing with vendors, although the bill includes ambiguous language that seems to take away that right by merely “authorizing” the State Education Department to list services that parents “may” opt out of.  Our suggestions to strengthen and clarify the language in the bill and add the sort of transparency and security measures that should be required in A6059A/S5932-A13 are posted here: http://tinyurl.com/llpbrc7

Although S6007  has strong sanctions for criminal and civil sanctions for unauthorized disclosures, it gives too much discretion to the Commissioner to withhold penalties if breaches occur via hacking.  It also withholds from parents the right to opt out of any data-sharing.  The concept of a “privacy officer” who would draw up a “parent bill of rights” is drawn straight from a bill devised by the American Legislative Exchange Council or ALEC.  This officer would be appointed by the Commissioner, who has been steadfast in his opposition to allowing either parental notification or consent before the state or districts share highly sensitive student data with vendors.  Moreover, the Personal Privacy Protection Act, approved by the NY Legislature in 1984, already requires that every state agency have a privacy officer.

Our comparison chart with the various bills is posted here: http://go.shr.lc/1jvqupF

We would be happy to answer any questions you might have,

 

Leonie Haimson, Executive Director, leonie@classsizematters.org; 917-435-9329

Categories Uncategorized | Tags: | Posted on March 26, 2014

Social Networks: RSS Facebook Twitter Google del.icio.us Stumble Upon Digg Reddit

Comments are closed.