SB 1177 protects online personal data created by students in California classrooms
Common Sense Media
Monday, September 29, 2014
SAN FRANCISCO, Calif. -- Common Sense, the nation's leading nonprofit organization dedicated to helping kids thrive in a world of media and technology, is congratulating Governor Jerry Brown for signing into law SB 1177, the Student Online Personal Information Protection Act (SOPIPA). This first-in-the-nation law strengthens privacy protections for the personal information of California students while permitting innovation in education and technology.
"SOPIPA is a true landmark in the efforts to safeguard the privacy of children and teens who are using technology to enhance and personalize their learning," said James Steyer, CEO and founder of Common Sense. "Thanks to the governor and the leadership of the bill's author, Senate Leader Darrell Steinberg, families in the Golden State can rest assured that their kids and their schools now can benefit from the vast potential of educational technology while keeping students' sensitive information safe from commercial exploitation."
"This is a win for kids, teachers, and California's booming edtech industry," said Senate Leader Darrell Steinberg (D-Sacramento). "We moved ahead of a problem by working closely with educators, parents, and technology companies to write a first-in-the-nation law that also proves that privacy and online innovation can be complementary."
As the nation's schools integrate laptops and tablets in the classroom and rely on cloud-computing services for a variety of academic and administrative functions, education technology providers collect massive amounts of sensitive data about students, including contact information, performance records, online searches and schoolwork, health information, behavior and disciplinary records, eligibility for free or reduced-price lunches -- even cafeteria selections and whether or not students ride the bus to school.
SOPIPA prohibits K–12 websites, online services, and apps from using any student's personal information for targeted advertising or creating a commercial profile, and it prohibits the selling of any student's information. The law also requires K–12 websites, services, and apps to maintain reasonable security procedures for students' personal data and to delete the information at the schools' request. Whereas other states have passed laws or are considering legislation that regulates education technology contracts or certain types of cloud-service vendors, SOPIPA is the only law that covers a broad range of K–12 focused websites, services, and apps, whether a contract exists or not.
It's important to note that SOPIPA also fosters innovation by allowing for de-identified data to be used to improve educational products and services without being linked to specific students. This use of anonymized information will enable further innovation of educational technology products -- but not at the expense of student privacy.
In conjunction with the recently passed AB 1584 (requiring specific privacy-related provisions in contracts between a K–12 education agency and a third-party provider) and last year's "Eraser Button" legislation (SB 568), SOPIPA is the latest example of the premium that California places on protecting children's privacy online.
About Common Sense
Common Sense is the nation’s leading nonprofit organization dedicated to helping families and educators thrive in a world of media and technology. We rate, educate, and advocate on behalf of kids, families and schools. Common Sense offers the world’s largest and most trusted library of age-based ratings and reviews of all types of content targeted at kids, and our research-based curriculum and tools are used in over 75,000 U.S. schools. For more information, go to: www.commonsense.org.