The problems of keeping student data private in an increasingly complex world of networked information and online tracking were addressed in a Monday morning session, “Student Privacy: The Big Picture on Big Data,” sponsored by the ALA Office of Government Relations and the Office for Intellectual Freedom (OIF). The featured speaker was Elana Zeide, a privacy advocate, attorney and research fellow at New York University’s Information Law Institute.
Zeide opened by saying that “Intellectual privacy is at the core of why people are concerned about student data. There needs to be a zone of privacy—a place where students and other users feel safe and can learn about things without repercussions.” Libraries can be that space; however, the “digital environment is not particularly an enclosed one” and needs extra protection.
She cautioned that the student records—what we traditionally think of as grades, transcripts, teacher notes, attendance, conduct—are “vastly different now. They are more granular in detail and include metadata (login times, type and location of device, websites, and social interactions). Metadata is extraordinarily revealing and can provide insights into student activities” that were impossible to evaluate before. Even student ID cards record financial information and track where students go. “That might be nice for adding to well-intentioned educational resources,” Zeide said, but depending on the wording of a contract, schools could be permitted to share some of this data with commercial vendors, such as advertisers, who are not subject to the restrictions that schools are under the 1974 Family Educational Rights and Privacy Act (FERPA). She added, “FERPA does not cover metadata and offers very little transparency and accountability.”
What can librarians do? Zeide said that they can increase awareness among students and teachers to make sure they are using their data correctly and why it is being collected. Librarians can also be mindful in adopting new technologies: “It’s tempting to use a new technology, but you must assess its benefits and burdens. What happens if there is a hack? What happens if the company is acquired?” Librarians can also put pressure on companies to reign in their data practices, she said. “You have the power of the pocketbook. You must require them to meet your standards of privacy.”
OIF Deputy Director Deborah Caldwell-Stone added that “library confidentiality statements can provide an additional layer of protection.” Librarians can also work with state legislators to incorporate privacy protections into new laws. “Some ALA chapters are attempting to add protections for K-12 and higher education student electronic data,” she said.
Some resources on the privacy rights of students and minors are found on the Choose Privacy Week website.