School districts across the country have embraced education technology (“EdTech”) as a means for enhancing school operations and classroom instruction. While the practice of collecting student data is not new – K-12 schools and institutions of higher education have been gathering and reporting test scores, grades, retention records, and the like for years – the means by which student information is collected, the types of information collected, and the entities that ultimately have access to this data have expanded dramatically.
At the same time, stories of misuse of student data and poor data security practices in K-12 schools, as well as large-scale breaches of universities’ data systems, are increasingly reported. Collection of student data by educational technologies is widespread, though there is not an extensive regulatory framework in place to complement this data collection. Federal student privacy law is outdated and state approaches are inconsistent. Furthermore, federal laws that can be used to reach EdTech directly are limited in their applicability. These gaps in the United States’ student privacy legal regime hinders industry innovation and school adoption of EdTech.
CDT believes realizing the full potential of EdTech in the classroom requires robust student privacy standards. Alex Bradshaw delves in to what needs to be accomplished so that student privacy can be greatly enhanced.