How to Protect Privacy While Helping Children Learn

Last week Politico featured a piece entitled “Data Mining Your Children.”  The article depicts the education technology landscape as largely lawless. It’s critical to consider the larger context in our schools and elsewhere on the Internet.  The authors contend that “students are tracked as they play games, watch videos, read books and take quizzes.”  While the author raises some important concerns, regulation should not occur in a way that stifles the potential of data in education.

Here are three policies to help regulate education data mining without stopping the electronic learning revolution:

One: Create an Open Data Warehouse

Creating a single location for education data storage has numerous advantages.  Such a facility would keep data from every school district or state that wanted to participate.  It could provide access to researchers, non-profits, or for-profits that would use it for educational purposes.  Storing data in a single location makes it simpler to establish uniform data privacy rules rather than the current mishmash of policies.  Keeping data in a central location would also make it considerably easier for parents to set access rules for their children’s data. Today it is functionally impossible to determine where a student’s data ends up.  The organization in charge would also be of sufficient size to invest the necessary resources into security.  A school district’s ability to defend itself against a cyber-attack varies widely across the country.  A single data warehouse can improve privacy while simultaneously increasing the utility of education data.

Two: Direct NIST to Create Education Privacy Standards

The National Institute of Standards and Technology (NIST) could help by issuing voluntary standards for anonymization and privacy of data.  In his recent blog post Cameron Kerry discusses research on how to equip consumers with information about the data that applications gather.  Standards for education data privacy could easily present a similar dashboard that conveys relevant information to parents and allows them to adjust their settings.  Setting anonymization standards is also a critical part of privacy protection.  Some organizations merely assign a unique identifier but others take more rigorous approaches to protecting the identity of students.  A federal agency like NIST is well situated to gather experts and determine best practices for anonymization.

Three: Make It Illegal to Use Education Data for Non-Educational Purposes

Selling education data to commercial vendors should be monitored carefully.  Knewton, Khan Academy, Clever, and many others are doing amazing work that helps students learn.   These organizations need a business model to grow and innovate.  For revenue they should depend on targeted advertisements or contracts with school districts, but selling student data should be out of bounds.

Americans believe strongly in a right to privacy and the education realm should not be an exception.  Many are comfortable with the notion that in return for a free web service we will encounter personalized advertisements.  What’s alarming about education data mining is that it’s perfectly legal for an online tutoring website to sell personal information without the permission or even the notification of a parent.  All students and parents deserve a system that safely stores anonymized education data.  They also deserve the benefits from personalized teaching tools to help brighten their futures.