- Professional Development
- LIVE Virtual Professional Development
- IN-PERSON Teacher Development
- IN-PERSON Leadership Development
- School Improvement
- Tech Tools
- Federal Funding
- Classroom Resources
- Core Instruction and Formative Assessment
- Instructional Leadership
- Equity and Access/SEL
- Socially Distant Learning Resources
Protecting Student Data in the Age of Cambridge Analytica
Recently, I was asked, “How do districts ensure that student data and information are protected?” This question was precipitated by the recent disclosure Cambridge Analytica’s use of Facebook data. If you have unsubscribed from the news (personally, I unsubscribe for days at a time for a brief respite from reality), the New York Times article, “Facebook and Cambridge Analytica: What You Need to Know,” should bring you up to speed.
As I thought about the question, I realized my answer would require some research. I have worked at the school district level for 15 years (state level for two years) and have taken for granted that the tech people are diligent about protecting student information.
What else did I need to know? As it turns out, quite a bit….
The district platforms that store student data are secure on multiple levels. This includes requiring login permission from a top-level district administrator—and this person is very strict with who gets access to read-only student data—as well as a unique login that can only access from district servers.
Access to websites and/or social media for district staff is also dependent on the level of sophistication of the technology department and the hardware used. In my experience, some districts block YouTube for all staff, including district administrators. In other districts, access to YouTube is available when using a district login. Many districts use social media to promote events or get district-related information to parents and the community. These sites would likely be available to school district employees.
Student access to websites, apps, social media, etc. is even more strict
Districts must have a district practice and policy for student use of technology/internet. Although a great idea, the Bring-Your-Own-Device (BYOD) has caused many sleepless nights for those overseeing server security and access to websites outside the district.
I encourage teachers to use tablets, cell phones, and other technology to enhance the learning in the classroom, but “secure surfing” must be monitored. Many districts with BYOD programs have required training for teachers and students, and parents must sign technology/internet contracts. Social networks are usually blocked for student use when they are logged onto the school network.
The importance of data governance
All school districts must adhere to the federal regulations when it comes to access to student data. This is referred to as data governance. The rules and regulations for student data governance are defined by the Children’s Internet Protection Act (CIPA), and the release of any student data is clearly defined by the Family Educational Rights and Privacy Act.
If you just cannot get enough information on data governance policies, the U.S. Department of Education established the Protecting Student Privacy website and the National Center for Education Statistics has the Privacy Technical Assistance Center.
Approaches to keeping data secure
Typically, districts will use internet filters and restrict access to all non-district-based platforms, and even strictly control access to approved online platforms.
One approach is tiered access to different networks, with access depending on the group assigned to that network/server. For example, students in a school may have access to a network with strong CIPA compliant protections. Another school network would be available to staff that has fewer restrictions but still maintains protections and restrictions on certain platforms (e.g. YouTube, Facebook, etc.).
A more sophisticated approach, and one becoming more popular with technology departments, is to set filter permissions based on the login type and permissions associated with the specific user (or job type).
Which platforms should be available?
We know our kids are plugged into social media for a good part of their non-school time, and we know that the use of this technology is a good motivator for learning. However, most school administrators, and district technology departments would not consider Snapchat, Facebook, Twitter, Instagram, and other social media platforms to be necessary for school-related use.
So, what are the alternatives? There are many free platforms available for teachers to use that are geared toward online learning (e.g., Edmodo, Moodle, Google Hangouts, etc.). I have used most of these platforms at one time or another, and each one has some unique features. I encourage teachers to try them out – they really do up-the-ante for student engagement in the classroom.
And did I mention that when students are engaged in their learning, there is a decrease in behavioral issues and an increase in LEARNING!