GothamSchools — daily independent reporting on NYC public schools

This entire project is designed to hand over personally identifiable confidential data to third party for profit vendors without parental notification or consent. Just a little detail Geoff you left out of the story. Parents and others interested in learning about this risky project should check out the far more accurate and revealing reporting by Stephanie Simon in Reuters or Ben Chapman and Corinne Lestch at the Daily News.

There is a paragraph in the Speaker’s letter than doesn’t appear to me to be correct. I called his offices to point this out but they never called me back:

Speaker Silver’s letter says:

[The SED has taken steps, required by Family Education Rights and Privacy Act (FERPA) to ensure that there are adequate privacy protections. Information will not be used or re-disclosed for financial gain or private use by the SLC or any of its vendors.]

I don’t think his statement is accurate. Information (data) WILL be used for financial gain. The ‘information’ will be used by VENDORS (not the SLC) to develop the apps that will be sold. I believe that’s financial gain.

Breaches are inevitable. All of the security in the world can’t protect against unlawful access & inappropriate sharing of information, in this case children’s. Human error is going to play an even greater role if ‘personalized learning’ becomes a reality. Massive amounts of data will live on children’s, parents, teacher’s, administrators — in fact — anyone designated as a school official or authorized representative’s mobile devices.

FERPA allows what concerns Leonie & others, myself included. InBloom can legally (FERPA OK’s) give vendors student data & use it to make money even though parents do not think it should be shared without their consent for profit. And parents are concerned about the cloud, as are privacy advocates & even the cloud providers, themselves.

InBoom vendors aren’t being given PII & using it for profit. They are being given aggregated data to use for profit.

It may be aggregated now but de-anonyization of data can be done.

RTTT money is stimulus money. The inBloom vendors’s INNOVATIVE, PERSONALIZED LEARNING & Common Core State Standards (CCSS) aligned products can’t make money without student data.

Our stimulated economy can’t survive without children’s academic & non-academic data.

My concerns about personally identifiable information being disclosed are strong. I don’t think it should be disclosed for-profit or for profiling. Not even with parental consent. Schools shouldn’t be in the data broker business, although that’s essentially what RTTT has created. Schools have agreed to exchange student (and teacher) data for dollars.

I have data concerns separate from the SLI data.

Student directory information (name, address, phone #, email address, DOB, place of birth, height weight picture & more) can be disclosed without parents consent. Sometimes it’s sold. Indiscriminate disclosure of PII, given anyone can get the info & give it to anyone who can give it anyone. Anyone could be people who want to harm children.

Or domestic abusers.

Are NYC parents’ concerns about the misuse of their children’s aggregated & personal information legitimate. Absolutely.

Is the SLC legal? YES. FERPA enables it. Do I think it was carefully planned? Absolutely.

If EPIC wins the lawsuit against the US DEPT of Education the SLC/inBloom may be illegal. However the sharing of kids’ PII (contact information including pictures) via student directory information without parental consent? That will remain legal until states start protecting their children.