Protecting Your Child’s Student Data Privacy

By Tammy Luty

We all have the luxury of Googling anything that we want to know, learn or buy while sitting home watching TV on our couch, attending our kid’s sporting event or waiting at the doctor’s office. “Google it” is a popular phrase in today’s society, but if you stop to think about it, Google hasn’t been around for a very long time. It was created in 1998, when my oldest child was less than one-year-old.

My son grew up in a world bursting with significant technology changes, and his younger siblings were exposed to even more technology at an earlier age. Smartphones and tablets and apps have radically changed the world in the 21st century and kids today face new challenges than we did when we were in school.

Student Data in the Digital Age

Report cards that used to come home in the standard manila envelope, transported in my oldest son’s backpack, have now transformed into an email that notified parents that grades had been posted online.

I watched as more and more online educational programs and software were introduced to my younger children to improve their reading, writing and math scores. Since it was all handled by their school, I never even thought to question whether my children’s data was being protected.

Fast forward to December 2014, when I was asked to attend a conference with National PTA and Microsoft on Student Data Privacy. This conference exposed me to a new reality about technology use in our schools and how our students’ data is (or isn’t) protected. As a mom, it was a wake up call. As the chair of the State Advocacy Day committee, I realized this was the advocacy work that Michigan PTA should focus on during our time meeting with policymakers.

Michigan PTA and Microsoft teamed up to speak to Michigan’s House Education Committee about student data privacy in October 2015. We shared with our legislators thoughts and information that every parent should think about, and asked them to really consider the ramifications of our new reality.

Our children’s data is no longer stored in a locked office at the school. Their grades, disciplinary record, schoolwork, home address, email address, etc. are now stored on a computer or in a data bank somewhere, and the software on which our children’s important information is stored is not always owned by the school district.

That’s a big problem that raises some even bigger questions, including: Who owns our children’s data or the reports that our students write? How long will this information be stored and saved? Will this information later be released and published or shared and possibly impact them when applying for college or getting a job? Are we sure that a company will not use this data to negatively impact my child or sell the data to another company?

Make no mistake, your child’s data could become a commodity. We have few options as parents to protect our children from data theft. We must demand that these important questions be answered.

Need for Updates to Federal Laws on Data Privacy

There is a law currently in place to protect student data privacy at the federal level, called the Family Education Rights and Privacy Act (FERPA). However, it clearly needs to be updated as it was passed in 1974, two decades before Google was even created and certainly well before any student currently enrolled in a K-12 public school was born. Policymakers back in 1974 could never have dreamed of the things we need to consider regulating now.

Current federal laws do not address electronic records, online service provider rights and responsibilities or individual electronic student profiles. Our data privacy laws absolutely must be modernized to better protect student records and the collection of information gathered online. What is currently in place simply does not address the growing use of technology and data in education and throughout society.

Since advocating to modernize this law, I have had the opportunity to share information across the state of Michigan and with the US Department of Education. My hope is that before our elementary school students graduate high school, we will have a law that effectively protects our student’s data privacy at a federal level. Our children have a right to their privacy, and to their intellectual property.

What constitutes student data?

Student data includes any information about a student that is collected, stored and communicated by schools or technology vendors on behalf of schools that is particular to that individual student. This includes name, address, names of parents or guardians, date of birth, grades, attendance, disciplinary records, eligibility for lunch programs, special needs and other information necessary for basic administration and instruction.

It also includes the data created or generated by the student or teacher in the use of technology— email accounts, online bulletin boards, work performed with an educational program or app, anything that is by or about the individual student in the educational setting. For more information, go to


In April 2016, The Data Quality Campaign (DQC) released a new set of policy recommendations that provide a guide for states to ensure that data is working in service of student learning. The Four Policy Priorities to Make Data Work for Students are:

  1. Measure what matters. Be clear about what students must achieve and have the data to ensure that all students are on track to succeed.
  2. Make data work for students. Provide teachers and leaders the flexibility, training and support they need to answer their questions and take action.
  3. Be transparent and earn trust. Ensure that every community understands how its schools and students are doing, why data is valuable and how it is protected and used.
  4. Guarantee access and protect privacy. Provide teachers and parents timely information on their students and make sure it is kept safe.

In its report, “Student Data Privacy Legislation: A Summary of 2016 State Legislation,” the Data Quality Campaign found that as of Sept. 1, 2016, states introduced bills to take the following actions:

  • Govern the data use and privacy activities of online school service providers.
  • Establish greater transparency around how states and districts are managing student information.
  • Grant new responsibilities for safeguarding data to districts.

In all, 34 states introduced 112 bills addressing student data privacy and 15 states passed 18 new student data privacy laws.

Find out more about protecting student data.

Tammy Luty is the Michigan PTA federal legislative chair and mother of three children.

Leave a Reply