Thu, 01/14/2021
I am Elsbeth Magilton, the executive director of the Nebraska Governance and Technology Center. In addition to my administrative work for the center, I do my own research primarily in space law and national security – but when it comes to the amazing work our faculty is doing at the intersection of law and technology, I don’t know much besides I wish I knew more. In this series I’m sitting down with our faculty and fellows for short interviews on their work. In the future, others on our team will also take over as interviewer, but for now I’m here to learn: teach me.
In this post I asked Elana Zeide about my children’s privacy in the era of remote learning and “Zoom School.” Elana also appeared on Tech Refactored, our podcast, to discuss student privacy with several of her colleagues across the country. Readers can find that here.
Hi Elana – thanks for taking the time to answer these questions! Let’s start with “FERPA.” What is it and does it (or did it) protect K-12 kids in school adequately in your opinion?
FERPA stands for the Family Educational Rights and Privacy Act. It was one of the first federal privacy laws passed in 1974. It governs how schools that receive federal funding can – and cannot – share personally identifiable information about students maintained in education records. While the statute ostensibly requires parental consent for data sharing about K-12 students, its “school official” exception allows schools to share information with technology companies, among others, without requiring prior parental consent as long as the disclosure serves a legitimate educational interest, among other things. This is an important ability – otherwise it would be very difficult for schools to contract with any companies using databases or cloud services, which might range from busing companies to cafeteria facilities to testing vendors. But law is outdated. It doesn’t account for the large volume of information about students that gets collected as they use software – so-called “data exhaust,” nor does it address the many ways problematic ways that student data can be used by schools themselves.
As you know I have a kindergartener and a third grader who have spent most of 2020 in remote learning on Zoom via a dedicated student portal run by our district, on district issued laptops. I already felt weird with teachers and other parents seeing our living spaces so regularly, but let’s be honest – my kids also use those laptops to play games after classes. Are schools collecting that use data when kids aren’t in class? Can they?
It's hard to make blanket statements about what schools are doing across the nation because local districts vary tremendously. You should assume anything done while on a school portal is collected by the school. Information on a laptop or other device may stay on that device, but could be collected when a student turns it in unless parents erase web browsing histories, caches, or other digital traces. At this point, schools don’t really have use for information about the games your children play or really anything else extraneous they do online, so it’s unlikely they’ll take the time or effort to gather, let alone analyze, that information. But I’d erase it beforehand out of caution.
So, will their teachers know I allowed an hour of screen time on those laptops after class each day?
Probably not, but it’s possible depending on your school’s set up. But it’s more likely that your childrens’ teacher would care about other details, like whether your child logged on to Zoom school on time.
Let’s talk about screen shots. Legally, can my kid’s teachers take a picture of their screen that displays my child and their name?
This varies a little depending on state student privacy laws. The key is not so much the taking of the photos as the sharing them – teachers should not share any images, audio, video, or any other information that might identify a student on social media without parent’s prior consent.
Setting the school district aside, can Zoom, Google Classroom, or any private company the school contracts with collect all their useage and location data while they’re in school – and who can they give that to?
Zoom, Google, or other classroom software vendors should not be sharing personally identifiable student information unless it is part of their provision or improving of services. For example, the recipient of student data may share it with security subcontractors or cloud services.
If I want to approach my school district about privacy concerns are there resources available to help me navigate that process?
Yes, there is plenty out there. For academics and policy wonks, I’d recommend looking at some of my articles. Parents and administrators should definitely check out the Future of Privacy Forum’s Student Privacy Compass, which has the most up-to-date links to other resources as well.
If you were me, what would scare you the most?
Two things scare me. First, that schools will adopt technologies too quickly without questioning their efficacy and long term impact on children’s motivation and well-rounded learning. Also, that long-standing records and predictive analytics (a topic for another day) will end up preventing equal access to opportunity.
Thank you so much Elana!
Elana Zeide teaches, researches, and writes about privacy and the legal, policy, and ethical implications of data-driven systems and artificial intelligence. Her work focuses on the modern day permanent record and how new learning, hiring, and workplace technologies impact education and access to opportunity. Recent articles include Student Privacy in the Age of Big Data, The Structural Consequences of Big Data-Driven Education, and Algorithms Make Lousy Fortune Tellers. Zeide previously served as a PULSE Fellow in Artificial Intelligence, Law & Policy at UCLA's School of Law, a Visiting Assistant Professor at Seton Hall University’s School of Law, an Associate Research fellow at Princeton University’s Center for Information Technology Policy, a Visiting Fellow at Yale School of Law’s Information Society Project, and a Microsoft Research Fellow at New York University's Information Law Institute. She is also an affiliate at Data & Society Research Institute and at the University of Colorado-Boulder’s Silicon Flatirons and serves on advisory boards for The Future of Privacy Forum, Macmillan Learning’s Impact Research Advisory Council, and Blackboard’s Taskforce to Develop Framework and Standards for the Ethical and Legal Use of Artificial Intelligence in Higher Education.
Zeide received her B.A. cum laude in American Studies from Yale University, her M.F.A. from Columbia University, and her J.D. and LL.M. from New York University School of Law where she was a Notes Editor of the New York University Law Review. Elana worked as a Litigation Associate at Cravath, Swaine & Moore and a Legal Analyst at Bloomberg Media before opening her own privacy, media, and platform law practice. Prior to becoming an attorney, Elana was a journalist and pop culture columnist in London and New York.
Tags: Weekly Roundup
_0.jpg)