Groundbreaking Bill Would Help Protect Students' Personal Information
I wanted to share the letter I sent to California Governor Jerry Brown's office this week in regards to important legislation (SB 1177, "SOPIPA") to protect student privacy. We know there's been growing concern about everyone's privacy, especially when it comes to our kids. This groundbreaking bill would help ensure the privacy and security of schoolchildren's personal and academic information in schools across California. SOPIPA will also permit innovation and research, so industry may improve educational products and services and provide customized and digital learning for students.
Dear Governor Brown:
We respectfully urge you to sign Senate Bill 1177, the Student Online Personal Information Protection Act (“SOPIPA”), introduced by Senate President pro Tempore Darrell Steinberg, and passed unanimously by both the Senate and the Assembly. This groundbreaking bill would help ensure the privacy and security of schoolchildren’s personal and academic information in schools across California. SOPIPA will also permit innovation and research, so industry may improve educational products and services and provide customized and digital learning for students. We understand that Senator Steinberg worked with industry and other stakeholders in crafting the measure – and that there is no opposition to this bill.
California schools are increasingly integrating laptops and tablets in the classroom, and relying on cloud computing services for a variety of academic and administrative functions. This technology, used wisely, has the vast potential to enhance and personalize student learning and to improve school efficiency. To realize this potential, we must protect students’ privacy. Through online platforms, mobile applications, digital courseware, and cloud computing, education technology providers collect massive amounts of sensitive data about students – including contact information, performance records, online searches and schoolwork, health information, behavior and disciplinary records, eligibility for free or reduced-price lunch – even cafeteria selections and whether or not students ride the bus to school. This personal student information is at risk.
Some online services have collected and analyzed personal details about students without clear limits on use of the student data for educational purposes. Other online services have failed to adequately secure and encrypt students’ personal information from potential misuse. In fact, a recent study by Fordham Law School’s Center on Law and Information Policy found that the majority of school district cloud service agreements have serious deficiencies in the protection of student information, “generally do not provide for data security and even allow vendors with alarming frequency to retain student information in perpetuity.”
Students shouldn’t have to surrender their right to privacy and security at the schoolhouse door. We need clear rules of the road to ensure that schoolchildren’s information is not exploited for commercial purposes and stays out of the wrong hands.
SOPIPA would provide strong protections to safeguard and secure students’ sensitive data. The bill would prohibit K-12 websites, online services, and mobile applications from:
using students’ personal information for targeted advertising;
using students’ personal information for commercial profiling;
selling students’ personal information; and
disclosing students’ personal information (except as provided).
In addition, SOPIPA would require these online companies to implement reasonable security for students’ personal information, and to delete the information upon the school’s request. The measure would apply to a broad range of K-12 directed websites, services, and apps, whether a contract exists or not.
Furthermore, AB 1584, introduced by Assembly Member Buchanan, likewise passed unanimously by both Chambers, would provide complementary protection by requiring specified privacy and security provisions in contracts entered between K-12 educational institutions and third-party cloud service and educational software providers.
Simply put, the school zone should be a privacy zone, a safe and trusted environment where our kids can learn and explore, where educators can harness technology to enrich their learning, and where their sensitive information is safe and secure.
We strongly urge you to sign SB 1177, along with the complementary AB 1584. With these measures, California would lead the nation in establishing a landmark framework for student privacy, while permitting innovation in education and technology.
James P. Steyer
Founder and CEO
Common Sense Media
E.g., Stephanie Simon, Data Mining Your Children, Politico (May 15, 2014), https://www.politico.com/story/2014/05/data-mining-your-children-106676.html; Benjamin Herold, Google Under Fire for Data-Mining Student Email Messages, Education Week (Mar. 13, 2014), https://www.edweek.org/ew/articles/2014/03/13/26google.h33.html?cmp=ENL-EU-NEWS2. (In April, Google stated that it will stop using student data from its Apps for Education for advertising purposes.)
 Press Release, Fordham Law National Study Finds Public School Use of Cloud Computing Services Causes Data Privacy Problems (Dec. 13, 2013), https://www.fordham.edu/info/23830/research/5917/privacy_and_cloud_compu... Natasha Singer, Schools Use Web Tools, and Data is Seen at Risk, New York Times (Dec. 12, 2013).
September 3, 2014
Your privacy is important to us. When you sign up as an advocate:
- Common Sense Kids Action will send you periodic email alerts on legislative activity that affects your community.
By providing us with your email address and clicking the submit button (above), you acknowledge and agree to the above.
Search by Age and Topic
Director, Platform Accountability and State Advocacy
Law and policy intern at Common Sense
Senior Advocacy Manager
CEO and Founder | Dad of four
Director, Equity Policy | Mom of one
Senior Counsel, Global Policy