Legislative Analysis

Fixing FERPA: Strengthening Transparency & Confidence in FERPA Enforcement

Strengthening Transparency & Confidence in FERPA Enforcement June 2024 Jessica Arciniega, Katherine Kalpos, Morgan Sexton, Amelia Vance, and Casey Waughn   CC BY-NC 4.0 There is a pervasive myth among stakeholders concerned about student privacy that FERPA is not enforced––that it is toothless. This misconception stems from a lack of public transparency throughout the whole FERPA enforcement process at the Department of Education (USED). The public-facing parts of USED’s FERPA enforcement portray FERPA enforcement as weak, specifically due to the low number of punitive enforcement decisions and past systematic problems detailed in a 2018 USED Office of Inspector General (OIG) […]

Fixing FERPA: Strengthening Transparency & Confidence in FERPA Enforcement Read More »

Fixing FERPA: Increasing Transparency to Make FERPA’s Privacy Protections More Meaningful

Increasing Transparency to Make FERPA’s Privacy Protections More Meaningful June 2024 Katherine Kalpos, Morgan Sexton, Amelia Vance, and Casey Waughn   CC BY-NC 4.0 Schools must communicate about their data collection and privacy policies so that parents and eligible students can effectively exercise their FERPA rights to access, amend, and request deletion of personally identifiable information (PII) in education records. But in their efforts to be more transparent, schools should strive to provide clarity rather than simply providing more information. Transparency does not require (and should not equate to) information overload. While FERPA provides a good starting point toward transparency

Fixing FERPA: Increasing Transparency to Make FERPA’s Privacy Protections More Meaningful Read More »

Fixing FERPA: Enhancing EdTech Accountability

Enhancing EdTech Accountability June 2024 Katherine Kalpos, Morgan Sexton, Amelia Vance, and Casey Waughn   CC BY-NC 4.0 Sharing student data with a 4th grade teacher, Mr. Stevens, so he can tailor his lesson plans for the upcoming school year? Use the school official exception. Sharing student data with an edtech company to create student profiles on a new app that customizes lessons based on students’ strengths and weaknesses? Use the school official exception. Although it may seem counterintuitive, schools must use the same exception to FERPA’s consent requirement in order to share student data with teachers and with edtech

Fixing FERPA: Enhancing EdTech Accountability Read More »

Fixing FERPA: Clarifying Data Sharing Through a Defined Pedagogical Exception

Clarifying Data Sharing Through a Defined Pedagogical Exception June 2024 Katherine Kalpos, Morgan Sexton, Amelia Vance, and Casey Waughn   CC BY-NC 4.0 A second-grade teacher, Ms. Montana, is teaching her class about multiplication. She writes “2 x 3 = _” on the board and asks if anyone would like to come forward and write the answer. When a student raises his hand, Ms. Montana says, “Yes, Jackson, come on up.” Jackson walks to the board, writes the number “6”, and goes back to his seat. Ms. Montana congratulates him on getting the correct answer and continues the lesson. Sounds

Fixing FERPA: Clarifying Data Sharing Through a Defined Pedagogical Exception Read More »

Fixing FERPA: Distinguishing Between Core & Secondary Technology Uses

Distinguishing Between Core & Secondary Technology Uses June 2024 Katherine Kalpos, Morgan Sexton, Amelia Vance, and Casey Waughn   CC BY-NC 4.0 Schools use technology to take attendance to ensure they create accurate records of which students are present, and FERPA protects this personally identifiable information (PII). Students might wear heart monitors as part of gym class, which also creates PII. FERPA protects this very different type of PII in the same way and to the same degree that it protects attendance data. A fundamental problem with FERPA is that it includes all-or-nothing protections for data regardless of why the

Fixing FERPA: Distinguishing Between Core & Secondary Technology Uses Read More »

Fixing FERPA

Did you know that the Family Educational Rights and Privacy Act (FERPA), a student privacy law that has been around for nearly 50 years, was influenced by the rise of computers? Did you know that FERPA restricts educational apps from using student’s personally identifiable information for anything other than the educational purpose approved by the school? Did you know that, contrary to popular belief, FERPA is continuously and actively enforced by the U.S. Department of Education? Despite its continued applicability and relevance in today’s data-driven education landscape, FERPA is often criticized as outdated and insufficient. But the prevalence of inaccurate

Fixing FERPA Read More »

Comparing Provisions in KOSMA and KOSA

Comparing Provisions in KOSMA and KOSA The Kids Off Social Media Act (KOSMA) and the Kids Online Safety Act (KOSA) are progressing through Congress, both with the shared objective of protecting children online. KOSA attempts to achieve this goal with broad requirements that are aimed at making the platforms minors use safer. KOSMA, on the other hand, aims to protect children from social media in two main ways: Prohibiting minors under age 13 from creating or maintaining social media accounts Prohibiting social media companies from targeted content to to minors using algorithms Requiring schools to block and filter social media

Comparing Provisions in KOSMA and KOSA Read More »

Comparing Definitions of “Social Media Platform” in KOSMA

Comparing Definitions of “Social Media Platform” in KOSMA The Kids Off Social Media Act (KOSMA),* introduced on May 1st, is a bipartisan bill that combines Senator Schatz’s Protecting Kids on Social Media Act and Senator Cruz’s Eyes on the Board Act. According to the press release, KOSMA aims to: “Prohibit children under the age of 13 from creating or maintaining social media accounts, consistent with the current stated policies of major social media companies; Prohibit social media companies from pushing targeted content using algorithms to users under the age of 17; Provide the FTC and state attorneys general authority to

Comparing Definitions of “Social Media Platform” in KOSMA Read More »

House Improves KOSA, but Major Problems Persist for Schools

House Improves KOSA, but Major Problems Persist for Schools May 2024 Katherine Kalpos, Morgan Sexton, and Amelia Vance       CC BY-NC 4.0 Introduction On April 9, 2024, Representative Bilirakis released the text of the House version of Senator Blumenthal’s Kids Online Safety Act (KOSA). The bill, which is fundamentally based on valuable goals and principles, includes many positive revisions to better align with KOSA’s underlying goal to protect kids online. However, concerns remain that it may create major unintended consequences for schools. In particular, KOSA may limit the ability of schools to effectively implement edtech into instruction and

House Improves KOSA, but Major Problems Persist for Schools Read More »

Comparing Requirements for Schools Under E-Rate & KOSMA

Comparing Requirements for Schools Under E-Rate & KOSMA The Kids Off Social Media Act (KOSMA), introduced on May 1st, is a bipartisan bill that combines Senator Schatz’s Protecting Kids on Social Media Act and Senator Cruz’s Eyes on the Board Act. According to the press release, KOSMA aims to: “Prohibit children under the age of 13 from creating or maintaining social media accounts, consistent with the current stated policies of major social media companies; Prohibit social media companies from pushing targeted content using algorithms to users under the age of 17; Provide the FTC and state attorneys general authority to

Comparing Requirements for Schools Under E-Rate & KOSMA Read More »