A new report released on Wednesday by California’s Attorney General aims to send a warning to private educational technology companies hired by public schools to abide by new student data privacy laws.
“In some instances we’re seeing evidence of companies mining data from school children beyond what’s necessary for their education,” said Daniel Suvor, chief of policy for California Attorney General Kamala Harris.
That kind of data mining is illegal. Two recent laws, SB1177 and AB1584, place strict limits on how education technology companies can use public school student data. It’s illegal for these companies to collect student data to market to students or their families or take the student data and sell it to other companies.
Companies hired by public school districts must also put in writing how they’re going to keep student data secure and confidential.
Harris’s office released their report, titled "Ready for School: Recommendations for the Ed Tech Industry to Protect the Privacy of Student Data," to encourage companies to develop stronger best practices around the use of data gathered from The intent of the recommendations is to encourage Ed Tech to focus on educational purposes, by limiting the collection and use of the student information acquired through the technology,” her office said in a written statement.
Kamala Harris’s office said the report is not timed to her run for U.S. Senator.
The report comes after meetings this year, Suvor said, with privacy advocates and technology companies.
“Most of the companies we spoke to throughout this process thought it made sense for us to lay a set of recommendations they could use to govern the sector,” he said.
The state attorney general’s office has created a way for the public to report breaches of student data privacy.
Public schools have been increasingly using technology to manage schedules, student information, and run schools. Staff also rely on technology to help them teach and test students, as well as provide educational content to students through websites and apps.
According to the report the educational technology sector has become an $8 billion yearly business.
Despite the new protections, education officials say they must remain vigilant.
“Never assume that a company is going to follow the law,” said Alex Cherniss, superintendent of San Marino public schools. School districts need to thoroughly research a company’s reputation before signing a contract.
His school district has new electronic English curriculum this year for elementary and middle school students. Students should only need to log on with a username and password, he said, and should not have to provide any other information to access content.
The compliance is in the details of the contract between a school district and the technology company and that’s forced school districts to turn to outside lawyers for help to draw up those contracts.
“We came up with an addendum to these contracts because a lot of the vendors weren’t even aware that these laws had been passed,” said lawyer Peter Fagen of Fagen, Friedman, & Fulfrost, a law firm that represents school districts.
His firm holds workshops to train school staff and administrators on student privacy laws and how to recognize violations of the laws.
It was a struggle at first, he said, for technology companies – especially the large multinational ones – to sign off on the student privacy language school districts added to contracts but now more companies are complying.
CORRECTION: A previous version of this story misspelled Peter Fagen's name. KPCC regrets the error.