State Student Privacy Law Compendium

Student privacy has never faced greater challenges. While the practice of collecting data about students is not new – schools have been gathering and reporting test scores, grades, retention records, and the like for years – the means by which student data is collected, the types of data collected, and the entities that ultimately have access to this data have expanded dramatically. At the same time, stories of misuse of student data and poor data security practices have increased.

In response, state legislatures have proposed a number of laws to regulate student data collection, use, and sharing. For example, in 2015, state legislatures introduced over 180 bills, 28 of which were passed. CDT expects the number of student data privacy laws to increase exponentially over the next decade.

CDT has developed a state-by-state compendium of privacy laws relating to the collection, use, and sharing of student data. The compendium lists key student data privacy laws for all 50 states and the District of Columbia. The compendium is accurate as of October 2016. Please note that the compendium is neither intended to be and should not be used as a substitute for reviewing statutory language nor does it constitute legal advice. If you require more information please consult legal counsel.