Rachel Shinder, member of several grassroots efforts to Stop Common Core, recently had time to really go through the rushed to release before the deadline Parents’ Bill of Rights for New York State.
The Parents’ Bill of Rights is a farce. I spent my flight to California combing through the document and sent my comments out today. Please feel free to copy, revise, use, share, send with your name. Whatever you wish to do with it is fine with me, just lets get this info widespread please. The letter below was sent to the following people in slightly different forms, you get the idea of the points of concern. It was sent to to my school district, legislatures, principals and SED/ acting Chief Privacy Officer, Tina Sciocchetti at the New York State Education Department, 89 Washington Avenue, Albany NY 12234 or by email to CPO@mail.nysed.gov.
I am writing you today to address the recent release of the Parents Bill of Rights For Data Privacy and Security on July 29, 2014. While I am not a lawyer, I was able to discern most of this document. After careful review, I am more concerned than ever about information in my children’s educational records being released without my permission. Since I was involved and opposed to CCSD’s relationship with the former inBloom company, I felt equipped to evaluate this “Bill” to see if further “rights” have been afforded to parents through this document. Sadly, it has not.
Please note that while I am grateful the inBloom relationship has been dissolved, this document is wholly inadequate at quelling my fears as a mom, advocate for teachers/principals, and community member. I have found to my extreme disappointment that this DOES NOT give parents back ANY rights to who has access to our children’s educational data AND in fact, GIVES LESS!
Furthermore, this title does not address the teachers and principals whose rights are discussed in this document as well. It clearly indicates that the rights of teachers and principals regarding the release of the APPR data are included and there would be no way for them to know by the title. It appears that this “Bill” is strictly for parents.
Please remember that FERPA law has been weakened to such a significant degree that it essentially allows for greater access to anyone claiming an “educational purpose.” This is evident on the 10th page of this document on the Attachment-Model Notification of Rights under FERPA for Elementary and Secondary Schools. Page 10, at the bottom paragraph, last line reads “A school may disclose PII (private identifiable information) from the education records of a student without obtaining prior written consent of the parents or the eligible student…then it goes on to list a multitude of ways which the data may be obtained via bullet points that continue onto the 11th page. With this in mind I will begin to address this document.
Page 2, #3:
“The right to provide written consent before the school discloses PII from the student’s education records, except to the extent that FERPA authorizes disclosure without consent…” Again, this goes on to list the myriad of those who may acquire the record without parental consent.
Referring to FERPA may look protective to those who are not aware. Deceiving the public in order to gain access to their children’s information is most unethical and immoral.
Page 2, #4:
“…the parent has a right to refuse to let the school or school district designate any all of such information as directory information.” Later in the paragraph on the last line it reads:”Where disclosure without consent is otherwise authorized under FERPA, however, a parent’s refusal to permit disclosure of directory information does not prevent disclosure pursuant to such separate authorization.”
This is written in such a way as to make parents believe they have a right to protect the info in the data directory, yet it appears later in the paragraph no actual protection can be guaranteed.
Page 4, #3:
“The confidentiality…….FERPA extends only to PII and not student data that is not PII.”
This is a deceiving comment as well. It is well known that all that is needed is a few data points to locate a persons identity. PII is irrelevant in our technologically advanced world. ALL STUDENTS ARE AT RISK if only a few non PII data are released on them.
Page 4, #4 (A):
“A student’s PII cannot be sold or released by the educational agency for any commercial or marketing purposes.” Then, two bullet points later: “However, sale to a third party SOLELY for commercial purposes or receipt of payment by an educational agency, or disclosure of PII that is not related to a service being provided to the educational agency, is strictly prohibited.”
Why would this go onto discuss HOW a “sale to a third party” should be regulated when just two bullet points earlier it stated that “A student’s PII cannot be sold or released….” These are contradicting and completely misleading. Not only does the second quote negate the first but it actually discusses the path to take for vendors to get around this “restriction” of sale or release of data. The word SOLELY allows for a vendor to first access the data via a stated “educational purpose” and THEN use this obtained data for their own commercial or marketing purposes! Shameful and again INSULTING to parents!
Page 5, second ( C):
“Except as required by law….school districts shall not report to NYSED student data regarding juvenile delinquency records, criminal records, medical and health records or student biometric information.”
Extremely concerning! The laws are written to make a clear distinction between HIPAA and FERPA and allows for FERPA to trump HIPAA when needed. We know the above quote of “except as required by law” is referring to the FERPA law and as discussed, it hold no basis for protecting our kids data. Therefore any medical records, put in our children’s records in order to acquire the services needed for our children to perform optimally, are at risk! UNACCEPTABLE! Furthermore, “biometric information” is a very real and invasive threat to our children and teachers basic human rights. There are devices listed on page 44 of the “Promoting Grit, Tenacity, and Perseverance: Critical Factors for Success in the 21st Century, Feb 2013” (see link below,pg. 44) that lists many ways the government plans to assess our children’s minds and actions that could affect not only their personal obtained data but their teacher’s outcome as well. To predict what is going on inside a childs mind or “engagement” in learning is truly a slippery slope and one that MUST be stopped. It is frightening because we can already read about these Galvanic Skin Conductance Sensors being used to predict a child’s engagement in learning. How will a bad home situation affect the “engagement” level of a student? How will the teachers APPR be affected from the data obtained?
Page 6, #6:
“The term “third party contractor” also includes an educational partnership organization that receives student and/or teacher or principal APPR data from a school district to carry out its responsibilities pursuant to Education Law 211-e and a not for profit…..”
Here is where the “Parents Bill of Rights” includes the teachers and principals which, if not read closely, one would not realize this is not just for parents. Also, I find it is unacceptable to include notations of laws in a number (i.e.:Ed Law 211-e) to explain rights to a layman. Unfair and in a paper such as this, suspicious. Numerical notation were used several times in this document which leaves gaping holes in my understanding of my rights. The devil is in the details.
Page 7, paragraph 2:
“When and educational……….However, the standards for an educational agency’s policy on data security and privacy must be prescribed in Regulations of the Commissioner that have not yet been promulgated.”
How can the government require our districts to comply when they are not given the necessary tools to comply with? We need the prescribed regulations from our Commissioner before we can understand what will be required.
Page 7, third bullet:
“except for authorized representatives of the third party contractor to the extent they are carrying out the contract, not disclose any PII to any other party, (a) without the prior written consent of the parent or eligible student or..”
“Prior written consent” means nothing when there are so many loopholes in FERPA.
Page 8, #9:
NO PRIVATE RIGHT OF ACTION:
“….ED LAW 2-d EXPLICITLY STATES THAT IT DOES NOT CREATE A PRIVATE RIGHT OF ACTION AGAINST NYSED OR ANY OTHER EDUCATIONAL AGENCY, SUCH AS A SCHOOL, SCHOOL DISTRICT, OR BOCES.”
Right of Action
The privilege of instituting a lawsuit arising from a particular transaction or state of facts, such as a suit that is based on a contract or a tort, a civil wrong.
So what this means is that maybe inBloom WAS THE BETTER OPTION. At least in that contract, parents had a “Right of Action” against the school district if a breach of data was to occur. With this new “Parents Bill of Rights” the SED CLEARED THE WAY FOR THE DATA TO BE GIVEN FREELY. Absolution of any culpability on the schools, district and BOCES was created to promote compliance when the SED/Vendor calls for the data. No recourse for parents or principals or teachers if data is breached! What did we fight for last Fall? NOT THIS! Now all we have to stop the free flow of our children’s data is the morality of those in charge of our children’s educational records. YOU!!! PLEASE DO NOT LET US DOWN!!! We will not stop educating and fighting to get this overreach out of our district! Will you do your part? HOW??