Updated: Protect Children’s Privacy: UT Legislature MUST Support HB0358   4 comments

Update 3/10/16:  Utah’s legislative session has passed, but HB 358, the student privacy bill, has not been funded.  And so we are stuck, at least for another year, without proper protections for our children.  (If you don’t know why that’s bad, begin by reading a recent article in the Atlanta Journal Constitution, by Jane Robbins, on why Georgia is considering a student privacy bill):

Robbins explains,  “…parents have heard glowing claims that ‘digital’ or ‘personalized’ learning will transform education, but they may not understand exactly what this means…[I]nteractive programs, marketed by private ventors, frequently use sophisticated software that collects massive amounts of highly personal information about the student’s behaviors, mindsets and attitudes”. She mentions the fact that the U.S. Department of Education is gung-ho on slurping up that personal, psychological information about beliefs and attitudes, as evidenced in its own published draft  reports.  (Must-reads!)  Robbins makes the real point when she writes,  “The issue here goes far beyond data security.  It is whether the government and private companies have any right to collect this highly sensitive data in the first place.”

Not passing/funding the Utah HB 358 privacy bill, while passing and funding HB 277, the digital education bill, was crazy.  It was the worst mistake of this entire legislative year.

Does the legislature not know that data is the new gold rush, and that education vendors are behaving as if this is the old wild west, without solid laws to govern student data sharing and partnering and selling?  Does the legislature not know that to the federal government, also, data is the new gold rush as well, and that our own Congressman Jason Chaffetz held recent hearings against the Department of Education for its data insecure practices– and gave the Dept. an “F”?

Think of it this way:  legislators just barely bought the children and teachers of Utah the trendiest, shiniest $15 million vehicle (HB 277) while saying, “We are unable –or unwilling — to pay for seat belts and air bags” –though the safety features would have cost a tiny, tiny fraction (one-sixteenth) of what the vehicle cost.

Where are their brains?

That digital vehicle, HB277 is worthless, at least to this mom, without the seat belts for the kids.  I, for one, will not allow my own children to get into that wild, glittering ride.

 

—————————————————————————————–

Original post:

——————————————————————————————

HB 358 is here.  It is no small miracle.

If it does not pass (and get funded) tomorrow, the Utah legislature is silently informing us that privacy protections for children’s data do not really matter, and that citizens should not have rights to personal ownership over their personal data.

Even though HB 358 is scheduled for a hearing today at the Capitol:  Tuesday, March 8th, at 5:00 p.m., the bill is in trouble because the executive appropriations committee did not fund it.  That’s almost the same thing as killing the bill.   (The appropriations committee needs to hear from MANY of us, as fast as possible.  See below for contact information.)

I have been head-bangingly furious about the lack of proper privacy protections for my children since 2012, when I found out that there was such a thing as a State Longitudinal Database System (SLDS)– here and in every other state–and when I then asked to opt out of SLDS tracking, I just received the State School Board’s official “no” letter.

In America, land of the free!  In Utah, land of family-friendly liberty.  Here, I was told that I was not allowed to opt my child out of  SLDS, so that being tagged, tracked, and longitudinally stalked, from day one in school until my child was a working adult and beyond, was a mandate.

I also found out that:

1-  Although it starts with the word “State,” the SLDS is federally paid-for and is aligned to federal data standards and is federally interoperable;

2.  Those who house Utah’s SLDS have zero legislative oversight.  Incredibly, when SLDS began in 2009, there was zero vote-taking; SLDS came because of a grant application filled out by a clerk at the state office of education simply asking for a federal SLDS grant, and then it was implemented without voter approval.  Yet SLDS is 100% applied to all school children, non-consensually.

4.  FERPA (federal privacy law) was altered in 2009 by the Department of Education to become almost meaningless.  Despite a huge law suit, FERPA stayed in its altered, privacy-harming state.   So:  in-state or beyond, proper privacy protections do not exist.  (For more on that, see the recent hearings of Rep. Jason Chaffetz against the U.S. Dept. of Education)

5.  SLDS interfaces with many other state agencies in the Utah Data Alliance, so there is no guarantee that a student’s private data, collected by a school, won’t end up in the data silo of another agency totally unrelated to education.  SLDS has the ability, if state policy allows, to also interface with federal agencies’ data, other states’ and even other nations’ data collections.

 

This situation has literally kept me up at night, many nights, including tonight.

Along with countless other moms and dads, lawyers, think tanks, and legislators, I’ve done a lot of research and writing and speaking and pleading on this subject.  See some of what I learned and shared in the past four years, here or here or here or here or here or here or here or here.

I tell you all this in case you are new to this issue so that you’ll understand how INCREDIBLY important passing  HB 358 is.

House Bill 358 ought to be treated as one of the very most, if not the most, important bill at the Capitol this year.  But the legislature is saying that there isn’t enough money to pass the privacy bill, which has an implementation price tag of $800,000.  Oddly, the legislature has agreed to fund the FIFTEEN MILLION DOLLAR technology grant program, HB 277, but that technology bill is meaningless without privacy protections for students’ data.

Is the “no funding for HB 358” decision truly a budgeting pinch decision, or is it a matter of the legislators not caring enough about the rights of students to have privacy?

Here are a few of the lines in the bill that I really appreciate:

Line 463 says:   “A student owns the student’s personally identifiable student data”.

Lines 494-503 say that schools have to give disclosure statements to parents, promising not to share certain types of data with out a data authorization.

Lines 775-792 prohibit psychiatric or psychological tests or analysis without prior written consent of parents, and specifically protect data collection about sexual orientation and behavior, mental problems, religious beliefs, self-incriminating behavior, appraisals of individuals with whom the student has a close family relationship; income, etc, and that written consent is required in all grades, kindergarten through 12th.

The bill designates three different types of data that schools may collect:  necessary, optional, and prohibited.

Even though the “necessary” list seems too long, at least it limits data collection.  It will collect data “required by state statute or federal law to conduct the regular activities of an education entity” such as name, date of birth, sex, parent contact information, student i.d., test results or exceptions from taking tests, transcript information, immunization record or exception from an immunization record, drop out data, race, etc.

Line 346-351    The “optional” list includes IEP information, biometric information, and information that is required for a student to participate in federal data gathering programs.

Lines 356 – 376  The bill also defines “personally identifiable student data” as data that cannot be legally disaggregated (identified by a particular student)  (See lines 224-227 for disaggregation language):

356          (i) a student’s first and last name;
357          (ii) the name of a student’s family member;
358          (iii) a student’s or a student’s family’s home or physical address;
359          (iv) a student’s email address or online contact information;
360          (v) a student’s telephone number;
361          (vi) a student’s social security number;
362          (vii) a student’s biometric identifier;
363          (viii) a student’s health or disability data;
364          (ix) a student’s education entity student identification number;
365          (x) a student’s social media login or alias;
366          (xi) a student’s persistent identifier, if the identifier is associated with personally


367     identifiable student data, including:
368          (A) a customer number held in a cookie; or
369          (B) a processor serial number;
370          (xii) a combination of a student’s last name or photograph with other information that
371     together permits a person to contact the student online;
372          (xiii) information about a student or a student’s family that a person collects online and
373     combines with other personally identifiable student data to identify the student; and
374          (xiv) other information that, alone or in combination, is linked or linkable to a specific
375     student that would allow a reasonable person in the school community, who does not have
376     first-hand knowledge of the student, to identify the student with reasonable certainty.

We need to protect our kids!  This bill NEEDS to pass!

If you’ve ever read 1984 and remember Big Brother; if good old-fashioned history books have taught you that tyranny has been far more dominant than liberty throughout world history (with the exception of a freedom experienced in the U.S. under the Constitution for a few 200+ years) –or if you’ve been paying attention to the recent struggle between big-data and individual rights–  then you know:  allowing any person or government –unfettered–  to track individuals without their consent, for virtually the duration of their entire lives, is a very bad idea.

We need as many emails and phone calls or texts as we can muster before 5:00 p.m. tomorrow, Tuesday, March 8,  to the following representatives, and especially to Speaker of the House Greg Hughes and President Niederhauser:

Representative (Speaker) Hughes  greghughes@le.utah.gov

Senator (President) Niederhauser   wniederhauser@le.utah.gov

Senator Sanpei       dsanpei@le.utah.gov

Senator Hillyard  lhillyard@le.utah.gov

Senator Dunnigan  jdunnigan@le.utah.gov

Senator Adams  jsadams@le.utah.gov

Representative Gibson  fgibson@le.utah.gov

Senator Okerlund  rokerlund@le.utah.gov

Here they are, ready to cut and paste into your email:     dsanpei@le.utah.gov lhillyard@le.utah.gov jdunnigan@le.utah.gov jsadams@le.utah.gov  fgibson@le.utah.gov  rokerlund@le.utah.gov  greghughes@le.utah.gov   wniederhauser@le.utah.gov

 

Thank you.

 

http://le.utah.gov/~2016/bills/static/HB0358.html

 

4 responses to “Updated: Protect Children’s Privacy: UT Legislature MUST Support HB0358

Subscribe to comments with RSS.

  1. Just a heads up, these are State Senators, not State Representatives.

  2. HB358 just passed the Senate Revenue and Taxation Committee!

  3. Here is where you can track the bill’s progress on the State’s website: http://le.utah.gov/~2016/bills/static/HB0358.html

    Interestingly, the bill passed out of the Senate Revenue and Taxation Committee with a Favorable Recommendation with only two votes because four members of the committee were absent when the vote was held.

    Yeas – 2
    Henderson, D.
    Stephenson, H.

    Nays – 1
    Harper, W.

    Absent – 4
    Bramble, C.
    Dabakis, J.
    Davis, G.
    Niederhauser, W.

Comments are welcome here.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: