Archive for the ‘informed consent’ Tag

If Many Agree to Participate in Stealing, is it Still Stealing? Stop #FEPA in the Senate: S.2046   5 comments

Knowing that the history of liberty is “the history of the limitation of government power,” I ask you to take action to stop the bills known as FEPA (HR4174/S.2046) and CTA (S.1121).  This post will focus on the first bill, which is already teetering on the edge of passing into law.

FEPA is a pompous euphemism that stands for Foundations for Evidence-Based Policymaking.  But “evidence based policymaking” means that they’ll redefine data theft and stalking by calling it “evidence-based research”.  Because if agencies and organizations on the state and federal level  participate in the data-looting act together, it doesn’t feel quite like looting or stealing, as it would if just one well-intentioned, evidence-collecting creep stole data by himself.

All the fancy commissions and all the big-data infatuations in the world cannot change a wrong principle into a good one.  I’d love to ask the CEP leaders face to face whether big data is so important that freedom basics should be made obsolete.  Do we no longer worry about having our personal personal power limited– in consequence of personal data being taken?  No big deal?

I used to think that while all Democrats pushed for increased government, all Republicans sought limited government.  Not now:  Republicans Orrin Hatch, Paul Ryan, and even Trey Gowdy are supersizing government to empower big-data goals in their current bills– without any informed consent from the individuals whose data will be confiscated.

Representative Paul Ryan’s baby, the 2017 Commmission on Evidence-Based Policy, birthed this uglier baby,  Foundations of Evidence-Based Policymaking (FEPA HR4174)  that passed the U.S. House of Representatives without debate or a roll call vote, this month.

Unless the Senate ditches it next week, which is extremely unlikely, it will become national law.  But do you know what’s emerging in the bill?  Does your senator know?

The news media haven’t covered it, and Congress hasn’t debated it.  In fact, the House of Representatives suspended its rules to pass the House version super quickly, without a normal roll call vote: because it was supposedly so uncontroversial that there was no reason to have a real debate nor a recorded vote.

Yet it is highly controversial to those Americans who are passionate about a thing called human freedom.  We watched and listened to the CEP’s year-long hearings and submitted public comment and read the CEP’s final report.

Unpaid moms at Missouri Education Watchdog and expert lawyers at American Principles Project each recently published important warnings about the FEPA bill.   But proponents of FEPA rebutted those moms and lawyers.  What followed were brilliant, unarguable rebuttals to that rebuttal.  If truth and liberty were prime concerns to Congress, then FEPA would, following the study of these rebuttals, surely be gone.  But no.

 

 

You see, a lot of people are  counting on this particular set of claims to make them wealthy or powerful.

I am having what I wish was only deja vu.

Do you remember another Thanksgiving week, with freedom-harming bills slimeing their secretive way through Congress without debate, while most of us were too busy eating cranberries and turkey to pay attention?  Remember, after the ESSA bill passed, that then-Secretary Duncan boasted about the secretive nature of passing the ESSA bill into law.

He said, “We were intentionally quiet on the bill – they asked us specifically not to praise it – and to let it get through. And so we went into radio silence and then talked about it after the fact. . . . Our goal was to get this bill passed. . . [W]e were very strategically quiet on good stuff”.

Now it’s 2017.

Not surprisingly, proponents of FEPA (HR4174/S2046)  say that FEPA is so harmless and uncontroversial as to require zero debate– but in the same week, proponents released a myths-vs-facts sheet to Congressmen, rebutting the controversies outlined by the American Principles Project and by the Missouri Education Watchdog.   Hmm.

Additionally, although the majority of the public commenters who wrote to the CEP said that they were opposed to the data-sharing of student records without consent, FEPA does direct agencies to ignore their concerns.

FEPA says that agencies must report “statutory restrictions to accessing relevant data”–in other words, muggle bureaucrats must find ways to overcome people’s privacy rights.

FEPA gives no provisions for data security, while encouraging and enabling unlimited data swapping between government agencies.

FEPA  creates a “National Secure Data Service” with such extensive data sharing that creation of one central housing agency would be completely redundant.

There is much more.  You can read the bill.

The American Principles Project produced a rebuttal to the rebuttal of FEPA.  I am reposting just a piece of it.

 

RESPONSE TO HOUSE MAJORITY STAFF’S ARGUMENTS IN FAVOR OF FEPA

EXECUTIVE SUMMARY

 

Claim: FEPA doesn’t create a centralized data repository.

Rebuttal: FEPA moves toward the recommendation of the Commission on Evidence-Based Policymaking (Commission) to create a “National Secure Data Service” by 1) requiring each agency to create an evidence- building plan; 2) requiring the OMB Director to unify those plans across the entire federal government; 3) creating a “federal data catalog” and a “national data inventory”; and 4) requiring various councils to recommend how to vastly increase data linking and sharing among federal agencies, with states, and with public and private research entities.

Claim: FEPA doesn’t authorize any new data collection or data analysis.

Rebuttal: Regardless of whether FEPA expressly authorizes new data collection, it 1) incentivizes agency heads to expand, not maintain or minimize, data collection; 2) creates new sources of data for agencies by allowing unfettered access to other agencies’ data; 3) creates a process whereby public and private organizations can access non-public government data; 4) allows the OMB Director to expand the universe of statistical agencies and units; and 5) allows one person, the OMB director, to decide via post-enactment “guidance” what if any data will be exempt from sharing as too private or confidential.

Claim: FEPA “does not overturn an existing student unit record ban, which prohibits the establishment of a database with data on all students,” so parents need not worry about their children’s personally identifiable information (PII).

Rebuttal: FEPA doesn’t overturn this ban – that will almost certainly come later. But its extensive data-linking and data-sharing mandates create a de facto national database, whereby the data stays “housed” within the collecting agency but can be accessed by all. Title III specifically authorizes data “accessed” by federal agencies to be shared. This will threaten the security of not only the student data already maintained by the U.S. Department of Education (USED), but also the data in the states’ longitudinal data systems.

Claim: FEPA doesn’t repeal CIPSEA but rather strengthens it.

Rebuttal: FEPA strengthens nothing. It merely reiterates the same penalties (fine and jail term) in existence since 2002 that have rarely or never been enforced. Worse, FEPA increases threats to privacy and data security by mandating increased access to confidential data and metadata and encouraging unlimited data-swapping with no provisions for data security.

Claim: FEPA “does not respond to the Commission’s recommendations to repeal any ban on the collection or consolidation of data.”

Rebuttal: FEPA directs agency heads to identify and report “any statutory or other restrictions to accessing relevant data . . . ” Because the entire thrust of the bill is to use more and more data for “evidence-building,” the inevitable next step will be to implement the Commission’s recommendation of repealing these pesky statutory obstacles to acquiring “relevant” data.

Claim:  FEPA will make better use of existing data.

Rebuttal:  The federal government has reams of data showing the uselessness or harm of existing programs. When the government continues to fund those programs despite this data (see Head Start and manifestly ineffective programs under ESEA), there’s no reason -none- to assume it will change its behavior with even more data.

 

The following list of contact information is supplied by Missouri Education Watchdog Cheri Kiesecker.  Please don’t just share this on social media; actually call, yourself.  Actually tweet, yourself.  Others may not be doing their part.  Please, do yours and a few extra calls, if you can.

The Senate version of the bill (S2046) has been read twice and was referred to the Senate Committee on Homeland Security and Governmental Affairs.

Here is the list of the committee members.

The message is: vote no.  We don’t want information about private citizens shared at the national level, without any individual consent.

NO on  S.2046   NO on the Foundations for Evidence-Based Policymaking Act of 2017 (FEPA).

(And, coming up soon:  No on S.1121 – College Transparency Act – for the same reason: student privacy.)

Thank you.

Happy Thanksgiving.

 

Advertisements

Chicken Thieves and Data Thieves: What’s Up with CEP?   3 comments

chick-in-ladle

 

In The Adventures of Huckleberry Finn, Huck stole chickens.  Huck’s father had taught him how to stomach chicken theft.

That reminds me of the way the federal CEP (Commission on Evidence Based Policy) stomachs human data theft.  Huck said:

… Pap always said, take a chicken when you get a chance, because if you don’t want him yourself you can easy find somebody that does, and a good deed ain’t ever forgot. I never see pap when he didn’t want the chicken himself, but that is what he used to say, anyway.

Just as the Finn thieves lied to themselves, saying that they might do society a favor while they did themselves a favor, stealing chickens, so ed reformers and CEP data gatherers lie to themselves and to the public.  After all, the CEP doesn’t do its own thieving; why should it judge or disclose the immoral origins of the data?

CEP simply says that it wants to centrally house data (that’s previously been taken, without permission from citizens, by school State Longitudinal Database Systems and by other entities.)  CEP members wring their hands over the inconvenience they have endured, not fully being able to access all the pii.  So also say the elite researchers and Gates-linked business people testifying at CEP’s public hearings.

Maybe you didn’t know that citizens’ data is being taken without our permission.

Think: when did you receive a permission slip from the school district, or from the state, asking you to sign away all student academic and nonacademic data for the rest of your child’s life?  Never.

Yet SLDS systems do track a child for life.  That’s what “longitudinal” means: through time.  They call it P-20W.  That means preschool through grade 20 and Workforce. Life.

Well, now you know.  And we can’t opt out of the data theft system.  I tried.  The biggest, most vibrant source of citizen data is our public school system, and the government is unwilling to stop stealing from us in this way.

I do not use the word “stealing” lightly, nor am I exaggerating.  Personal data is literally being confiscated without informed consent or permission of any kind, via school databases linked with many state agencies.  Every digital record created by students, teachers, counselors, school nurses or administrators can be stored (and shared) from there.

Sometimes it is hijacked by unethical researchers entrusted with care of the pii.

chick-on-skate

No one seems to notice these articles about stolen pii.

And on it goes.  Data points are taken and taken and taken –about both academic and nonacademic lives. Schools feed aggregate data and pii into federally-created “State Longitudinal Database Systems” (SLDS). Because SLDS systems use common educational data standards (CEDS) that the federal-corporate partners created, that data is portable and re-shareable (or re-stealable).

Many people believe that federal FERPA privacy laws protect the data, but it doesn’t.  It used to.  The Department of Education shredded the protective parts of FERPA several years ago.  What’s actually protecting student privacy right now is the territorial unwillingness of agencies to share all data.

But the CEP is out to change that.

gold-bars

CEP will lead you to believe that it’s all about benefiting society.  But that’s a side show, because data is the new gold.   Everyone wants the data!

Sadly, individuals aren’t guarding this irreplaceable gold; most people aren’t aware that this pii is so valuable, that it’s being taken –and that it’s THEIRS.

Meanwhile, the elite at the CEP speak about data as if it’s oxygen, free for all, belonging to all.  It makes sense from their (bottom line) point of view; governments and ed vendors have financially benefited from SLDS’s taking students’ data since about 2009, when SLDS databases were installed in every state by federal grants, and when federal FERPA changes allowed almost anyone access, for supposed research purposes.

Luckily, there’s so much territorialism by the various holders of the taken data that it hasn’t yet been centrally housed all in one spot.  The federal EdFacts Data Exchange has some data. Each state’s SLDS has tons of data. Universities, hospitals, corporations, criminal justice agencies, and other organizations have other caches of pii.  But the elite (the federal government, globalists, corporate elite, and some scientists) are desperate to have one national “clearinghouse” so that they can see and use our data to their own designs.  They speak a smooth line in each of their CEP hearings.  But don’t forget:  that data is your life.  Yours.  Not theirs.

There was a recent three hour conversation that you most likely missed last week. Held in Chicago, this “public” hearing of the federal Commission on Evidence-Based Policymaking (CEP) discussed what should be done with the  pii (personally identifiable information) that federal agencies, state agencies, counties, school systems, hospitals, criminal justice systems, colleges and other organizations have collected.  They’ve been discussing this all year long.

I picture Pap with a crate of stolen chickens.  I picture his pirating friends with their own crates nearby.  I think there might even be a few crate-holders who ethically came by their chickens, but the federal Chicken Evidence Policy says that all chickens go in one central pen, on an ongoing basis, so all the elite can access the chickens conveniently–  conveniently for everyone except the chickens and their owners.

chicks-and-lab-coat

When you listen to their hearings, you find that the federal CEP is leaning toward creating a federal clearinghouse where every individual’s data can be centrally managed.  CEP is also hoping to overturn the federal ban on unit-record identifiers.

Welcome to the real live prequel to Orwell’s 1984.

Do I sound calm?  I’m not.  This makes me almost unspeakably angry.

While trusting parents, teachers, school administrators and students are being used as pawns in the great data-gathering heist, arrogant members of Congress, of science, of CEP, of big data, are assuming authority over MY life and yours in the form of our personally identifiable data.  And who is stopping them?

Despite a huge number of public comments that told the CEP that Americans want the CEP to get its hands off our data, the CEP moves ahead at a steady pace.  And why not?  We can never un-elect this appointed group that Congress created less than a year ago.  What motivation would CEP have to actually incorporate the public comments?

As the Missouri Education Watchdog pointed out in October, there was only one man in America who seemed to care about protecting citizen privacy at that month’s hearing.  Mr. Emmett McGroarty testified to the CEP that what they were doing was wrong.  Similarly, at last week’s January 5 CEP hearing, there was only one woman who spoke ethically about children’s data privacy rights.  She did a magnificent job.  Everyone else testified that data should be gathered in one place, or possibly in a few places; and none of the others mentioned permission or informed consent. I took pages and pages of notes, since the meeting was only public in the sense that I could listen in to it on my phone.

It wasn’t filmed.  It wasn’t truly public.  It’s aiming to fly under the radar because it’s theft.

chicks

Huck Finn’s father’s plan to later share the stolen chickens didn’t make the chickens less stolen.  Other people’s information doesn’t suddenly become your “scientific research” or your “evidence” for “evidence-based policymaking” just because Congress created a commission and appointed you to chat about it.

Shame on the CEP.  Shame on all who turn a blind eye to this evil, open assault on the basic freedom of personal privacy.

Updated: Protect Children’s Privacy: UT Legislature MUST Support HB0358   4 comments

Update 3/10/16:  Utah’s legislative session has passed, but HB 358, the student privacy bill, has not been funded.  And so we are stuck, at least for another year, without proper protections for our children.  (If you don’t know why that’s bad, begin by reading a recent article in the Atlanta Journal Constitution, by Jane Robbins, on why Georgia is considering a student privacy bill):

Robbins explains,  “…parents have heard glowing claims that ‘digital’ or ‘personalized’ learning will transform education, but they may not understand exactly what this means…[I]nteractive programs, marketed by private ventors, frequently use sophisticated software that collects massive amounts of highly personal information about the student’s behaviors, mindsets and attitudes”. She mentions the fact that the U.S. Department of Education is gung-ho on slurping up that personal, psychological information about beliefs and attitudes, as evidenced in its own published draft  reports.  (Must-reads!)  Robbins makes the real point when she writes,  “The issue here goes far beyond data security.  It is whether the government and private companies have any right to collect this highly sensitive data in the first place.”

Not passing/funding the Utah HB 358 privacy bill, while passing and funding HB 277, the digital education bill, was crazy.  It was the worst mistake of this entire legislative year.

Does the legislature not know that data is the new gold rush, and that education vendors are behaving as if this is the old wild west, without solid laws to govern student data sharing and partnering and selling?  Does the legislature not know that to the federal government, also, data is the new gold rush as well, and that our own Congressman Jason Chaffetz held recent hearings against the Department of Education for its data insecure practices– and gave the Dept. an “F”?

Think of it this way:  legislators just barely bought the children and teachers of Utah the trendiest, shiniest $15 million vehicle (HB 277) while saying, “We are unable –or unwilling — to pay for seat belts and air bags” –though the safety features would have cost a tiny, tiny fraction (one-sixteenth) of what the vehicle cost.

Where are their brains?

That digital vehicle, HB277 is worthless, at least to this mom, without the seat belts for the kids.  I, for one, will not allow my own children to get into that wild, glittering ride.

 

—————————————————————————————–

Original post:

——————————————————————————————

HB 358 is here.  It is no small miracle.

If it does not pass (and get funded) tomorrow, the Utah legislature is silently informing us that privacy protections for children’s data do not really matter, and that citizens should not have rights to personal ownership over their personal data.

Even though HB 358 is scheduled for a hearing today at the Capitol:  Tuesday, March 8th, at 5:00 p.m., the bill is in trouble because the executive appropriations committee did not fund it.  That’s almost the same thing as killing the bill.   (The appropriations committee needs to hear from MANY of us, as fast as possible.  See below for contact information.)

I have been head-bangingly furious about the lack of proper privacy protections for my children since 2012, when I found out that there was such a thing as a State Longitudinal Database System (SLDS)– here and in every other state–and when I then asked to opt out of SLDS tracking, I just received the State School Board’s official “no” letter.

In America, land of the free!  In Utah, land of family-friendly liberty.  Here, I was told that I was not allowed to opt my child out of  SLDS, so that being tagged, tracked, and longitudinally stalked, from day one in school until my child was a working adult and beyond, was a mandate.

I also found out that:

1-  Although it starts with the word “State,” the SLDS is federally paid-for and is aligned to federal data standards and is federally interoperable;

2.  Those who house Utah’s SLDS have zero legislative oversight.  Incredibly, when SLDS began in 2009, there was zero vote-taking; SLDS came because of a grant application filled out by a clerk at the state office of education simply asking for a federal SLDS grant, and then it was implemented without voter approval.  Yet SLDS is 100% applied to all school children, non-consensually.

4.  FERPA (federal privacy law) was altered in 2009 by the Department of Education to become almost meaningless.  Despite a huge law suit, FERPA stayed in its altered, privacy-harming state.   So:  in-state or beyond, proper privacy protections do not exist.  (For more on that, see the recent hearings of Rep. Jason Chaffetz against the U.S. Dept. of Education)

5.  SLDS interfaces with many other state agencies in the Utah Data Alliance, so there is no guarantee that a student’s private data, collected by a school, won’t end up in the data silo of another agency totally unrelated to education.  SLDS has the ability, if state policy allows, to also interface with federal agencies’ data, other states’ and even other nations’ data collections.

 

This situation has literally kept me up at night, many nights, including tonight.

Along with countless other moms and dads, lawyers, think tanks, and legislators, I’ve done a lot of research and writing and speaking and pleading on this subject.  See some of what I learned and shared in the past four years, here or here or here or here or here or here or here or here.

I tell you all this in case you are new to this issue so that you’ll understand how INCREDIBLY important passing  HB 358 is.

House Bill 358 ought to be treated as one of the very most, if not the most, important bill at the Capitol this year.  But the legislature is saying that there isn’t enough money to pass the privacy bill, which has an implementation price tag of $800,000.  Oddly, the legislature has agreed to fund the FIFTEEN MILLION DOLLAR technology grant program, HB 277, but that technology bill is meaningless without privacy protections for students’ data.

Is the “no funding for HB 358” decision truly a budgeting pinch decision, or is it a matter of the legislators not caring enough about the rights of students to have privacy?

Here are a few of the lines in the bill that I really appreciate:

Line 463 says:   “A student owns the student’s personally identifiable student data”.

Lines 494-503 say that schools have to give disclosure statements to parents, promising not to share certain types of data with out a data authorization.

Lines 775-792 prohibit psychiatric or psychological tests or analysis without prior written consent of parents, and specifically protect data collection about sexual orientation and behavior, mental problems, religious beliefs, self-incriminating behavior, appraisals of individuals with whom the student has a close family relationship; income, etc, and that written consent is required in all grades, kindergarten through 12th.

The bill designates three different types of data that schools may collect:  necessary, optional, and prohibited.

Even though the “necessary” list seems too long, at least it limits data collection.  It will collect data “required by state statute or federal law to conduct the regular activities of an education entity” such as name, date of birth, sex, parent contact information, student i.d., test results or exceptions from taking tests, transcript information, immunization record or exception from an immunization record, drop out data, race, etc.

Line 346-351    The “optional” list includes IEP information, biometric information, and information that is required for a student to participate in federal data gathering programs.

Lines 356 – 376  The bill also defines “personally identifiable student data” as data that cannot be legally disaggregated (identified by a particular student)  (See lines 224-227 for disaggregation language):

356          (i) a student’s first and last name;
357          (ii) the name of a student’s family member;
358          (iii) a student’s or a student’s family’s home or physical address;
359          (iv) a student’s email address or online contact information;
360          (v) a student’s telephone number;
361          (vi) a student’s social security number;
362          (vii) a student’s biometric identifier;
363          (viii) a student’s health or disability data;
364          (ix) a student’s education entity student identification number;
365          (x) a student’s social media login or alias;
366          (xi) a student’s persistent identifier, if the identifier is associated with personally


367     identifiable student data, including:
368          (A) a customer number held in a cookie; or
369          (B) a processor serial number;
370          (xii) a combination of a student’s last name or photograph with other information that
371     together permits a person to contact the student online;
372          (xiii) information about a student or a student’s family that a person collects online and
373     combines with other personally identifiable student data to identify the student; and
374          (xiv) other information that, alone or in combination, is linked or linkable to a specific
375     student that would allow a reasonable person in the school community, who does not have
376     first-hand knowledge of the student, to identify the student with reasonable certainty.

We need to protect our kids!  This bill NEEDS to pass!

If you’ve ever read 1984 and remember Big Brother; if good old-fashioned history books have taught you that tyranny has been far more dominant than liberty throughout world history (with the exception of a freedom experienced in the U.S. under the Constitution for a few 200+ years) –or if you’ve been paying attention to the recent struggle between big-data and individual rights–  then you know:  allowing any person or government –unfettered–  to track individuals without their consent, for virtually the duration of their entire lives, is a very bad idea.

We need as many emails and phone calls or texts as we can muster before 5:00 p.m. tomorrow, Tuesday, March 8,  to the following representatives, and especially to Speaker of the House Greg Hughes and President Niederhauser:

Representative (Speaker) Hughes  greghughes@le.utah.gov

Senator (President) Niederhauser   wniederhauser@le.utah.gov

Senator Sanpei       dsanpei@le.utah.gov

Senator Hillyard  lhillyard@le.utah.gov

Senator Dunnigan  jdunnigan@le.utah.gov

Senator Adams  jsadams@le.utah.gov

Representative Gibson  fgibson@le.utah.gov

Senator Okerlund  rokerlund@le.utah.gov

Here they are, ready to cut and paste into your email:     dsanpei@le.utah.gov lhillyard@le.utah.gov jdunnigan@le.utah.gov jsadams@le.utah.gov  fgibson@le.utah.gov  rokerlund@le.utah.gov  greghughes@le.utah.gov   wniederhauser@le.utah.gov

 

Thank you.

 

http://le.utah.gov/~2016/bills/static/HB0358.html

 

%d bloggers like this: