The first of a four-part blog series as part of the CoSN Student Data Privacy Advisory’s commemoration of Global Data Privacy Day.
My brother and I were talking on the phone one afternoon, reminiscing about the good old days, and talking about things that Mom would say to us when we were kids. These were the classic mom statements but gentle, caring reminders to keep us safe. After I hung up, I opened my laptop and began preparing for an upcoming professional development on student data privacy. And then it hit me! I realized that those things that mom said made more sense now than ever, but in an entirely new way.
Mom always said:
- Look both ways before you cross the street. When talking about data privacy, “look both ways” takes on an entirely new meaning. “Look” at “both” the terms of service and privacy policies for “ways” that data will be collected and how the data will be used. Specifically look for clear definitions of personally identifiable information (PII), if the provider can modify the terms of service without notice, how the data will be de-identified if it will be used for product development or research, or if the data will be shared with any additional parties. Beware of any language that states or implies that the provider maintains the right to personally identifiable data even after the contract has ended. “Look both ways” at all terms and conditions will allow you to “cross the street” safely and without unexpected surprises, such as student data being shared without your knowledge.
- I don’t care what everyone else is doing. I care what you are doing. Maybe you have heard this from some teachers at your school. “Well, my neighbor teaches at X school district, and they don’t care about data privacy. Why do we need to?” As schools, we collect a wide variety of data on our students. Having a listing of parent/guardian names, and contact information helps us communicate between school and home. Knowing a student’s birthday, favorite color, favorite foods, and other information helps make students feel welcome in their classroom. Schools also keep information such as discipline referrals, social-emotional and physical wellness, and socio-economic status as required by our state and federal departments of education. Schools rely on third-party vendors and student information systems (SIS) to organize and store this information. While some information may appear harmless, it may be kept alongside other critical pieces of data. Schools need policies and procedures in place that protect student data. Such processes should include defining who needs access to the data, how to respond to requests for the data, and procedures for securely sharing the data. But more importantly, school leaders need to provide training to staff on these policies and procedures, and how to protect student data. This training should include FERPA, PPRA, and state legislation which applies to the protection of student information.
- Don’t talk to strangers. Are you giving strangers access to your data without knowing it? Many websites and online tools offer the option to sign in with Google or Facebook. Clicking on this option to create an account or sign in, gives permission for one account to authenticate into another. While you and your students may feel this is safe since no password is being shared, you are giving permission to provide some data to the app or website developer. Some of this data can be your preferences, contact lists, phone number, demographic data, and other information that may compromise your privacy. This data can then be used in phishing attacks sent to your email account. This attack will prey on your curiosity as information about your favorites and likes will be contained in these emails. Sometimes these “single sign on” solutions can be a benefit with limited data shared. Other times, it can lead down a darker path. Make sure you “meet” your vendors before signing on, by “looking both ways” before you go.
- Don’t make me turn this car around. Teachers are now more responsible than ever for carefully selecting digital tools that they incorporate into their lessons. Students need to be aware of how sharing information online can impact their safety. Providing professional development for teachers and digital citizenship lessons for students and educators is key. While mom had the ability to “turn this car around” once student data has been breached, it is extremely difficult to “turn around” and fully recover.
Mom always had our best interest at heart. Even now, these mom statements are helping to keep us safe online in an ever-changing digital world.
Author: Karyn Dobda, Director of Innovation and Strategic Initiatives, Quaker Valley School District (PA)
CoSN Student Data Privacy Advisory Member
Karyn Dobda has been working in K-12 education for over thirty years and is currently the Director of Innovation with the Quaker Valley School District in Sewickley, Pennsylvania, a position she has held since 2018. In her role she provides leadership and direction in the effective use of instructional technology to enhance instruction and is the liaison between the IT Department and the classroom. Karyn has presented as several state and national conference on the topics of professional learning, innovation, and educational technology.
Published on: January 18th, 2023
CoSN is vendor neutral and does not endorse products or services. Any mention of a specific solution is for contextual purposes.