As government leaders, policymakers, and technology companies continue to navigate the global coronavirus pandemic, CDT is actively monitoring the latest responses and working to ensure they are grounded in civil rights and liberties. Our policy teams aim to help leaders craft solutions that balance the unique needs of the moment, while still respecting and upholding individual human rights. Find more of our work at cdt.org/coronavirus.
New educational technologies are filling an essential role in allowing schools to continue to serve their student populations amidst COVID-19. However, they also raise a novel set of privacy issues that warrant careful attention from state and local practitioners. The demand for data and technology has never been greater, and there’s a shared agreement that knowledge is power. The current state of data privacy training in education brings to mind a classic comic book character—Spiderman: “With great power comes great responsibility.” To help educators fulfill their student privacy responsibilities, CDT recently released an online interactive training about how to navigate new issues that have resulted from the rapid shift to distance learning. The free training is accessible here.
Mistakes happen. We’re only human, right? Unfortunately, mistakes in the student privacy context can jeopardize the safety, well-being, and educational outcomes of students. For example, a parent may discover that their child’s special education information was inadvertently posted on a public website, thus stigmatizing their child. A teacher may have the troubling experience of their virtual classroom being infiltrated by a man who exposes himself. A school district may need to close for several days due to a ransomware attack. Or, a transgender student may be inadvertently outed because of how a student information system was configured. These are all real and unfortunate situations that the education sector has had to address because of human error.
In fact, human error is a factor in 95 percent of all data security incidents, according to IBM’s 2014 Cyber Security Intelligence Index. The good news is that these situations are preventable with training. Because the need for and risks related to education technology and data have never been greater, CDT created an online interactive training module designed to equip state and local education practitioners to better incorporate student privacy protections into their COVID-19 response.
The training module, “COVID-19 and Student Privacy,” can be completed in about 20 minutes and includes narrated slides, a comprehension quiz, and downloadable resources.The objective is to create a privacy mindset and develop professional judgment related to data privacy, security, and confidentiality amidst COVID-19. The training focuses on four topics:
- Legal requirements surrounding student privacy and data protection;
- Technical best practices for implementing new technologies and workflows;
- Governance strategies that ensure administrative decisions are sensitive to student privacy issues;
- Further resources on addressing student privacy issues in the context of COVID-19.
Unfortunately, the COVID-19 pandemic has created unique challenges for education systems, exacerbating risks to student privacy, which can take many forms. To respond to these diverse challenges, privacy protection requires a thoughtful, multifaceted strategy centered on keeping students safe during this crisis, and that includes training on how to protect students online to the same degree that they would be protected in person.
State and local leaders are wielding their power to continue to serve students and their families during this national crisis, but they must also ensure that they are fulfilling their responsibilities to protect students and their families privacy in the process.