On the threat to student privacy and safety represented by inBloom, Inc. Common Core forum Hudson Valley Community College December 18, 2013.

Slides:



Advertisements
Similar presentations
The Role of the IRB An Institutional Review Board (IRB) is a review committee established to help protect the rights and welfare of human research subjects.
Advertisements

FERPA - Sharing Student Information
The Family Educational Rights & Privacy Act (FERPA) & other statutes related to student information.
FERPA: UPDATE ON THE FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Presented by Brenda V. S. Selman University Registrar-MU University of Missouri-Columbia.
Protection of privacy for all Students!
Safeguarding Data to Ensure Effective Data Use Paige Kowalski |Director| State Policy & Advocacy July 2014.
Ensuring Effective Services to Immigrant &/or LEP/ELL Children & Families: It’s Right, & It’s the Law! © Statewide Parent Advocacy Network.
1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
Confidentiality and HIPAA
Issue Brief National Association of School Nurses Privacy Standards for Student Health Records.
The crisis in NYC class sizes & threat to student privacy Presentation to Community Education Council District 6 January 17, 2013 Leonie Haimson, Class.
Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.
On the threat to student privacy and safety represented by inBloom, Inc. Testimony for the NY State Senate Committee on Education Prepared by Leonie Haimson,
The crisis in NYC class sizes & threat to student privacy Presentation to Community Education Council District 3 Spring, 2013 Leonie Haimson, Class Size.
FERPA and IRB: Implications for Testing Centers Judith W. Grant, Ph.D.,CIP NCTA Conference San Antonio, Texas August 6, 2009.
Our Students’ Data and inBloom. What and Why? NYSED contract with US Dept. of Education Race To The Top requirement Data is collected to: – Share more.
ADULT EDUCATION LEGISLATIVE UPDATE. Adult Ed Redesign & Reinvestment The League is tracking three key elements of the adult education reform work: AB.
Hong Kong Privacy Code on Human Resource Management
Riverside Community School District
2/16/2010 The Family Educational Records and Privacy Act.
Accessing Higher Education The Undocumented Student Pipeline.
Office of Safe and Drug-Free Schools Advisory Committee Meeting February 21, 2007.
Confidentiality… important facts to know and critical things to do!
GW101 presents… Financial Matters Presented by Colonial Central.
Common Core Implementation Update Supporting College- and Career-Readiness DATAG December 2012.
INBLOOM & THE THREAT TO STUDENT PRIVACY Plattsburgh Forum -- March 13, 2014 Leonie Haimson, Class Size Matters.
The threat to student privacy and safety represented by inBloom, Inc. Prepared by Leonie Haimson, Class Size Matters Updated: September 2013.
What’s In the Pipeline Notes from the GADOE Policy Division.
Evaluation 101: After School Programs February 1, 2007 Region 3 After School Technical Assistance Center Conference.
Marketing Systems Group Southern California MRA Education Seminar Presentation September 17, 2005 Privacy and Current Issues.
FERPA Questions and Answers Lenawee Data Camps June and August, 2009.
Enhancing Communication Among Health Care and Educational Programs How Privacy Regulations Impact Delivery of Effective Services by Karl R. White National.
BOCES Advisory Council for Curriculum & Instruction NYS Board of Regents Adjustment Options to Common Core Implementation Teresa Prendergast, Ed.D. Garden.
Managing Risks Associated With Privacy Alison Baker- Senior Associate Hall & Wilcox 24 November
Family Educational Rights and Privacy Act. From the moment a child enters the school system, sensitive information is collected about the child (and even.
Security of the Distributed Electronic Patient Record: A Case-Based Approach James G. Anderson, Ph.D. Purdue University.
NEW FERPA REGULATIONS: ARE YOU IN COMPLIANCE? Presented by Cristi Millard.
FERPA Regulation Changes Effective December 2008 Presented by Karen Schultz University Registrar.
Session Title: FERPA: What You Need To Know Presented By: Jeffery Loggins Institution: Mississippi Valley State University September 15, 2015.
Colonial Inauguration Fall What is Colonial Central?What is Colonial Central? Colonial Central ServicesColonial Central Services Online ResourcesOnline.
The crisis in NYC class sizes & threat to student privacy Class Size Matters Citywide analysis 2013 Leonie Haimson, Class Size Matters.
The threat to student privacy: NYS & NYC sharing confidential student and teacher data with inBloom Inc. For Brooklyn Town Hall meeting April 29,2013 Prepared.
State Advisory Council Community Support Grant Summary Presentation for Policy Committee Meeting December 3, 2012.
Overview of The Legislation’s Purpose and Requirements CONNECTICUT STATE DEPARTMENT OF EDUCATION School Governance Councils.
Serving the Public. Regulating the Profession. CANADA’S ANTI-SPAM LEGISLATION (CASL) Training for Chapters Based on Guidelines for Chapters First published.
Sharing Information (FERPA) FY07 REMS Initial Grantee Meeting December 5, 2007, San Diego, CA U.S. Department of Education, Office of Safe and Drug-Free.
Your Rights! An overview of Special Education Laws Presented by: The Individual Needs Department.
FERPA: An introduction to the Family Educational Rights and Privacy Act Presented by: Kristy Giacomelli Assistant Registrar
Procedural Safeguards for Parents What Educators Should Know Michelle Mobley NELA Cohort III.
HOW IS STUDENT DATA SHARED? HOW IS STUDENT PRIVACY THREATENED? Parent Action Conference Leonie Haimson, Parent Coalition for Student Privacy Nov. 7, 2015.
TASFAA 2016 Legacy of Leadership. TASFAA 2016 Legacy of Leadership Family Educational Rights and Privacy Act (FERPA) An Overview Molly Thompson Associate.
Why and How Webinar Thursday, October 23. Welcome  Raise Your Hand and More Than A Score  Basic info on participating in the webinar  How and when.
“Kids First, New Mexico Wins!” NMPED Data Conference Spring 2016 Dan Hill General Counsel, Public Education Department Randi Johnson General Counsel, State.
Laws and Regulations. Family Educational Rights and Privacy Act Children’s Online Privacy Protection Act Protection of Pupil Rights Amendment Health Insurance.
1 HIPAA’s Impact on Depository Financial Institutions 2 nd National Medical Banking Institute Rick Morrison, CEO Remettra, Inc.
FERPA Family Educational Rights and Privacy Act
Nassau Association of School Technologists
The Attendance Matters Project
Student Data Privacy and Security
Obligations of Educational Agencies: Parents’ Bill of Rights
Leonie Haimson, Class Size Matters
Family Engagement Coordinator Meeting July 25, 2018
Data Security and Privacy
College Counseling Dilemmas
Data Security and Privacy
What does that have to do with me?
Student Data Privacy: National Trends and Wyoming’s Role
Contracts for Excellence
Protecting Student Data
Presentation transcript:

On the threat to student privacy and safety represented by inBloom, Inc. Common Core forum Hudson Valley Community College December 18, 2013

inBloom Inc. is a non-profit corporation funded by $100M from the Gates Foundation to collect and share personally identifiable student data with vendors. The information is being uploaded onto a cloud operated by Amazon.com. In NY State, districts have been told they must sign up for “data dashboards” from three vendors, ConnectEDU, eScholar or NCS Pearson/Schoolnet, populated with student data from inBloom cloud. inBloom plans to commercialize this sensitive data, with state & district consent, and provide it to additional for-profit vendors, to help them develop and market their “learning products.” Wireless Generation/Amplify, a subsidiary of Rupert Murdoch’s NewsCorp, is building inBloom’s operating system. What is inBloom Inc.?

inBloom Timeline May 5, 2011: NYSED sends letter to the State Comptroller, asking approval of a $27 million no-bid contract with Wireless Generation, to build state’s longitudinal student data systemNYSED sends letter to the State Comptroller June 8, 2011: Daily News breaks the story of this proposed contract. Controversy ensues, primarily as a result of conflict of interest, as 6 months before, Wireless bought by Murdoch’s News Corporation, just days after Joel Klein announced he would resign from DOE to work at the company.Daily News breaks the story July 2011: News Corp engulfed in a huge scandal, including allegations that its newspapers in the UK engaged in phone hacking. Several advocacy groups & NY state legislators urge State Comptroller to reject contract based on privacy concerns.huge scandal Aug 25, 2011: NY State Comptroller Thomas DiNapoli rejects contract: “in light of the significant ongoing investigations and continuing revelations with respect to News Corporation, we are returning the contract with Wireless Generation unapproved.” December 13, 2011: the NY Board of Regents approves NYSED’s plan to share student data with Shared Learning Collaborative LLC, with an operating system built by Wireless for $44 million. Contract bypasses State & City Comptroller because no funds initially change hands.

Timeline (part II) October 10, 2012: Class Size Matters, NYC parents and our attorney write to SED, urging them to hold hearings and give parents the right to consent before children’s personal data is shared with inBloom. October 24, 2012: SED says will not hold hearings since plans are “public knowledge” already – yet few if any elected officials, parents, superintendents or school board members are aware. February 6, 2013: the Shared Learning Collaborative becomes inBloom inc. March 3, 2013: Stephanie Simon of Reuters writes the first national story about inBloom inc.

Parent protests erupt throughout nation & 8 of 9 inBloom states pull out or put plans on hold April 19, 2013: Louisiana Superintendent John White pulls data out of inBloom. May 4, 2013: Georgia Superintendent assures parents that he will not disclose any student data to inBloom. May 29, 2013: Reuters confirms Delaware, Georgia and Kentucky have no plans to share data with inBloom. August 1, 2013: The only NC “pilot” district, Guilford Co., pulls out of inBloom. Nov. 7, 2013: After anti-inBloom slate of candidates sweeps election, Jeff Co. school board votes to withdraw & Colorado severs all ties to inBloom. November 26, 2013: Illinois says will keep data system separate & make data-sharing with inBloom optional; Chicago immediately pulls out.

What information is being shared? The highly sensitive data that NYSED intends to share with inBloom and other dashboard vendors includes student names, addresses, phone nos., s, grades, test scores & proficiency levels, ethnicity, economic, racial and disability status, health (504) conditions, attendance and suspension records. The info will include students’ records from day they enroll in school, includingup to 12 yrs of data for HS students. NYSED urging districts to share even more detailed information, including health & pregnancy information, family structure and immigration records. If information leaks out or misused could imperil child’s security, safety & future, including college admission & employment.

What is inBloom’s goal? InBloom claims that this project will lead to greater efficiency, data analysis and integration, and create a vibrant market in “personalized” learning tools – by allowing vendors to data-mine student information. Ken Wagner of NYSED says that service providers, tools and standards will converge in "a magic mix that hasn't come together before." In NYC, the Department of Education spent $80M on ARIS data system, with data dashboards also built by Wireless Generation. Many of same claims were made, yet ARIS is rarely used and considered by many a boondoggle.

Dashboards will also include “warning flags” and “behavioral incidents” Sample dashboard from inBloom video

In a recent survey, 86% of technology experts say they do not trust clouds to hold their organization’s “more sensitive” data.* inBloom’s security policy states they “cannot guarantee the security of the information stored in inBloom or that the information will not be intercepted when it is being transmitted.” In April, the personal information of 50 million customers of LivingSocial was inadvertently disclosed when an Amazon.com cloud was hacked into. The sharing of personally identifiable student data with inBloom is being done without parental notification or consent. * Lieberman Software's 2012 Cloud Security Survey What about security?

Though NYSED claims inBloom FERPA-compliant, Family Educational Rights and Privacy Act regulating privacy of educational records weakened by US Dept of Ed in 2009 and 2011 to encourage data sharing with contractors & “authorized agents” without parental consent. US Dept of Ed has now been sued in federal court for rewriting FERPA regulations in way violating original intent and language of law. The same data stored in child’s health records or gained through online usage could NOT be shared with any 3 rd parties without parental consent, acc. to HIPAA (Health Insurance Portability and Accountability Act) or COPPA (Children’s Online Protection Act) What about privacy?

Issues with the dashboards -- even if there are no breaches Minor incidents will now enter into a student’s permanent record and be easily accessible to teachers and others through the dashboards. Research shows that teachers tend to stereotype students based on prior knowledge and that this can become a self-fulfilling prophecy. If dashboards reveal details in an academic or disciplinary history before teachers have met students, this can create negative expectations that seriously impair their prospects.

Considerable costs & risks to states/districts Starting in 2015, inBloom says it will start charging states/ districts for its services by $2-$5 per student per year. Data dashboard vendors will charge an additional $1-$3 per year; additional fees will incur for any other software tools using data from the inBloom cloud. If this data leaks out or is used inappropriately, the potential cost to the state or district from class action lawsuits is far greater, since inBloom & Gates Foundation have insulated themselves from legal liability. inBloom says it is now also “exploring” charging vendors for its services. If not selling student data, this could be likened to renting it out.

Sample racial, economic, language data to be being collected by inBloom Source:

Sample disability & medical data collected by inBloom, Inc. Source:

Huge resistance from district officials &electeds of both parties as well Recent survey: 75% of NYS school board members oppose inBloom plan; 78% say parents shd be allowed to opt out At least 40 superintendents have returned RTTT funds & are opting out of data dashboards (though NYSED says will share their student data anyway) Mary-Fox Alter, Pleasantville Superintendent says student privacy better served in criminal justice system than inBloom/dashboard plan 50 Assemblymembers have signed letter to Commissioner expressing their serious concern. Sen. Flanagan calls for 1 yr moratorium on Education Portal.

What about legislatively? Last session, two bills were passed with bipartisan support by NYS Assembly to block inBloom. A.6059A sponsored by O’Donnell would bar re-disclosures of personal student data without parental consent, and would require full indemnification for data breaches. A.7872A sponsored by Nolan would allow parents the right to opt out of their child’s personal data being shared with any third parties. Identical versions of these bill have been introduced in the NYS Senate, by Senator Martins, S.5930, and Senator Robach, S.5932.S.5930S.5932 Sen. Flanagan has introduced new privacy bill, S. 6007, allowing for district opt out of “Education portal” but not parent opt outS. 6007

Data collection/connection with Common core InBloom sold itself as helping states and districts attain higher standards with CC aligned materials and software tools. With uniform tests and test score data across nation, multi-state databases more valuable to vendors & groups like Gates Foundation. Through federal stimulus funds & RTTT, US Dept of Ed pushed states to create longitudinal “cradle to grave” data systems These systems supposed to collect and share info on children among many state agencies.

What about federal data collection? Though feds claim no intention of doing so, 2 testing consortia, PARCC and Smarter Balanced, have clauses in their agreements saying US Dept of Ed should be able to gain access to any and all student data they obtain.

Watch out!

Happy holidays!