Report – Out of Sight, Out of Mind? School Districts’ EdTech Efforts Have Outpaced Transparency and Student Privacy

By Elizabeth Laird, with consulting support from Maya Lagana, Independent Contractor

The use of data and technology in education has increased substantially in recent years, and, along with it, has come increased attention on the need for education agencies to protect student privacy. This is not a new responsibility. For decades, education leaders have been legally responsible for protecting student information, beginning with the enactment of the main federal student privacy law that protects student data, the Family Educational Rights and Privacy Act (FERPA) of 1974.

But these legal requirements are no longer sufficient to fully protect student privacy. As this report discusses in detail, research conducted by the Center for Democracy and Technology (CDT) has found that education agencies do not have fully dedicated staff and resources to meet these increased obligations.

As the use of technology in education and corresponding privacy concerns have increased, dedicating appropriate staff to protecting student privacy has become more essential. Research suggests that 95% of security incidents are at least partially the result of human error, underscoring the importance of allocating and building staff capacity. Historically, privacy responsibilities have been distributed over multiple departments without clear ownership. This results in unclear roles, lack of accountability, and the absence of an organizational strategy on how to balance the benefits of data and technology with privacy risks.

In addition to staffing, it is vital that families and other stakeholders understand their rights and potential risks related to student privacy. While federal and, in many cases state, laws give students’ families significant rights to protect their children’s privacy in schools, research shows that families do not fully understand these rights. In addition to raising awareness of legal rights, additional transparency and public-facing resources can support meaningful engagement with communities, establish public trust, and proactively address parents’ questions and concerns. Without these elements, governments can trigger a backlash that prevents data from being used effectively by education organizations.

To assess local education agencies’ (LEAs) progress, CDT examined publicly available information about student privacy staffing and transparency decisions in 43 LEAs of various sizes, geographies, and socioeconomic status in four states. CDT wanted to understand what information is transparently and proactively available to families, staff, and other stakeholders.

The scope of this research is primarily focused on LEA practices but also examines the relationship between LEAs and their state education agency (SEA). CDT research shows that families are much more likely to look to their LEA for resources, but SEAs can provide support to LEAs in doing this work. Therefore, it is important to understand LEA practices, as well as how states are supporting them.

Read the full report here.