Archive for the ‘informed consent’ Tag

Chicken Thieves and Data Thieves: What’s Up with CEP?   2 comments

chick-in-ladle

 

In The Adventures of Huckleberry Finn, Huck stole chickens.  Huck’s father had taught him how to stomach chicken theft.

That reminds me of the way the federal CEP (Commission on Evidence Based Policy) stomachs human data theft.  Huck said:

… Pap always said, take a chicken when you get a chance, because if you don’t want him yourself you can easy find somebody that does, and a good deed ain’t ever forgot. I never see pap when he didn’t want the chicken himself, but that is what he used to say, anyway.

Just as the Finn thieves lied to themselves, saying that they might do society a favor while they did themselves a favor, stealing chickens, so ed reformers and CEP data gatherers lie to themselves and to the public.  After all, the CEP doesn’t do its own thieving; why should it judge or disclose the immoral origins of the data?

CEP simply says that it wants to centrally house data (that’s previously been taken, without permission from citizens, by school State Longitudinal Database Systems and by other entities.)  CEP members wring their hands over the inconvenience they have endured, not fully being able to access all the pii.  So also say the elite researchers and Gates-linked business people testifying at CEP’s public hearings.

Maybe you didn’t know that citizens’ data is being taken without our permission.

Think: when did you receive a permission slip from the school district, or from the state, asking you to sign away all student academic and nonacademic data for the rest of your child’s life?  Never.

Yet SLDS systems do track a child for life.  That’s what “longitudinal” means: through time.  They call it P-20W.  That means preschool through grade 20 and Workforce. Life.

Well, now you know.  And we can’t opt out of the data theft system.  I tried.  The biggest, most vibrant source of citizen data is our public school system, and the government is unwilling to stop stealing from us in this way.

I do not use the word “stealing” lightly, nor am I exaggerating.  Personal data is literally being confiscated without informed consent or permission of any kind, via school databases linked with many state agencies.  Every digital record created by students, teachers, counselors, school nurses or administrators can be stored (and shared) from there.

Sometimes it is hijacked by unethical researchers entrusted with care of the pii.

chick-on-skate

No one seems to notice these articles about stolen pii.

And on it goes.  Data points are taken and taken and taken –about both academic and nonacademic lives. Schools feed aggregate data and pii into federally-created “State Longitudinal Database Systems” (SLDS). Because SLDS systems use common educational data standards (CEDS) that the federal-corporate partners created, that data is portable and re-shareable (or re-stealable).

Many people believe that federal FERPA privacy laws protect the data, but it doesn’t.  It used to.  The Department of Education shredded the protective parts of FERPA several years ago.  What’s actually protecting student privacy right now is the territorial unwillingness of agencies to share all data.

But the CEP is out to change that.

gold-bars

CEP will lead you to believe that it’s all about benefiting society.  But that’s a side show, because data is the new gold.   Everyone wants the data!

Sadly, individuals aren’t guarding this irreplaceable gold; most people aren’t aware that this pii is so valuable, that it’s being taken –and that it’s THEIRS.

Meanwhile, the elite at the CEP speak about data as if it’s oxygen, free for all, belonging to all.  It makes sense from their (bottom line) point of view; governments and ed vendors have financially benefited from SLDS’s taking students’ data since about 2009, when SLDS databases were installed in every state by federal grants, and when federal FERPA changes allowed almost anyone access, for supposed research purposes.

Luckily, there’s so much territorialism by the various holders of the taken data that it hasn’t yet been centrally housed all in one spot.  The federal EdFacts Data Exchange has some data. Each state’s SLDS has tons of data. Universities, hospitals, corporations, criminal justice agencies, and other organizations have other caches of pii.  But the elite (the federal government, globalists, corporate elite, and some scientists) are desperate to have one national “clearinghouse” so that they can see and use our data to their own designs.  They speak a smooth line in each of their CEP hearings.  But don’t forget:  that data is your life.  Yours.  Not theirs.

There was a recent three hour conversation that you most likely missed last week. Held in Chicago, this “public” hearing of the federal Commission on Evidence-Based Policymaking (CEP) discussed what should be done with the  pii (personally identifiable information) that federal agencies, state agencies, counties, school systems, hospitals, criminal justice systems, colleges and other organizations have collected.  They’ve been discussing this all year long.

I picture Pap with a crate of stolen chickens.  I picture his pirating friends with their own crates nearby.  I think there might even be a few crate-holders who ethically came by their chickens, but the federal Chicken Evidence Policy says that all chickens go in one central pen, on an ongoing basis, so all the elite can access the chickens conveniently–  conveniently for everyone except the chickens and their owners.

chicks-and-lab-coat

When you listen to their hearings, you find that the federal CEP is leaning toward creating a federal clearinghouse where every individual’s data can be centrally managed.  CEP is also hoping to overturn the federal ban on unit-record identifiers.

Welcome to the real live prequel to Orwell’s 1984.

Do I sound calm?  I’m not.  This makes me almost unspeakably angry.

While trusting parents, teachers, school administrators and students are being used as pawns in the great data-gathering heist, arrogant members of Congress, of science, of CEP, of big data, are assuming authority over MY life and yours in the form of our personally identifiable data.  And who is stopping them?

Despite a huge number of public comments that told the CEP that Americans want the CEP to get its hands off our data, the CEP moves ahead at a steady pace.  And why not?  We can never un-elect this appointed group that Congress created less than a year ago.  What motivation would CEP have to actually incorporate the public comments?

As the Missouri Education Watchdog pointed out in October, there was only one man in America who seemed to care about protecting citizen privacy at that month’s hearing.  Mr. Emmett McGroarty testified to the CEP that what they were doing was wrong.  Similarly, at last week’s January 5 CEP hearing, there was only one woman who spoke ethically about children’s data privacy rights.  She did a magnificent job.  Everyone else testified that data should be gathered in one place, or possibly in a few places; and none of the others mentioned permission or informed consent. I took pages and pages of notes, since the meeting was only public in the sense that I could listen in to it on my phone.

It wasn’t filmed.  It wasn’t truly public.  It’s aiming to fly under the radar because it’s theft.

chicks

Huck Finn’s father’s plan to later share the stolen chickens didn’t make the chickens less stolen.  Other people’s information doesn’t suddenly become your “scientific research” or your “evidence” for “evidence-based policymaking” just because Congress created a commission and appointed you to chat about it.

Shame on the CEP.  Shame on all who turn a blind eye to this evil, open assault on the basic freedom of personal privacy.

Updated: Protect Children’s Privacy: UT Legislature MUST Support HB0358   4 comments

Update 3/10/16:  Utah’s legislative session has passed, but HB 358, the student privacy bill, has not been funded.  And so we are stuck, at least for another year, without proper protections for our children.  (If you don’t know why that’s bad, begin by reading a recent article in the Atlanta Journal Constitution, by Jane Robbins, on why Georgia is considering a student privacy bill):

Robbins explains,  “…parents have heard glowing claims that ‘digital’ or ‘personalized’ learning will transform education, but they may not understand exactly what this means…[I]nteractive programs, marketed by private ventors, frequently use sophisticated software that collects massive amounts of highly personal information about the student’s behaviors, mindsets and attitudes”. She mentions the fact that the U.S. Department of Education is gung-ho on slurping up that personal, psychological information about beliefs and attitudes, as evidenced in its own published draft  reports.  (Must-reads!)  Robbins makes the real point when she writes,  “The issue here goes far beyond data security.  It is whether the government and private companies have any right to collect this highly sensitive data in the first place.”

Not passing/funding the Utah HB 358 privacy bill, while passing and funding HB 277, the digital education bill, was crazy.  It was the worst mistake of this entire legislative year.

Does the legislature not know that data is the new gold rush, and that education vendors are behaving as if this is the old wild west, without solid laws to govern student data sharing and partnering and selling?  Does the legislature not know that to the federal government, also, data is the new gold rush as well, and that our own Congressman Jason Chaffetz held recent hearings against the Department of Education for its data insecure practices– and gave the Dept. an “F”?

Think of it this way:  legislators just barely bought the children and teachers of Utah the trendiest, shiniest $15 million vehicle (HB 277) while saying, “We are unable –or unwilling — to pay for seat belts and air bags” –though the safety features would have cost a tiny, tiny fraction (one-sixteenth) of what the vehicle cost.

Where are their brains?

That digital vehicle, HB277 is worthless, at least to this mom, without the seat belts for the kids.  I, for one, will not allow my own children to get into that wild, glittering ride.

 

—————————————————————————————–

Original post:

——————————————————————————————

HB 358 is here.  It is no small miracle.

If it does not pass (and get funded) tomorrow, the Utah legislature is silently informing us that privacy protections for children’s data do not really matter, and that citizens should not have rights to personal ownership over their personal data.

Even though HB 358 is scheduled for a hearing today at the Capitol:  Tuesday, March 8th, at 5:00 p.m., the bill is in trouble because the executive appropriations committee did not fund it.  That’s almost the same thing as killing the bill.   (The appropriations committee needs to hear from MANY of us, as fast as possible.  See below for contact information.)

I have been head-bangingly furious about the lack of proper privacy protections for my children since 2012, when I found out that there was such a thing as a State Longitudinal Database System (SLDS)– here and in every other state–and when I then asked to opt out of SLDS tracking, I just received the State School Board’s official “no” letter.

In America, land of the free!  In Utah, land of family-friendly liberty.  Here, I was told that I was not allowed to opt my child out of  SLDS, so that being tagged, tracked, and longitudinally stalked, from day one in school until my child was a working adult and beyond, was a mandate.

I also found out that:

1-  Although it starts with the word “State,” the SLDS is federally paid-for and is aligned to federal data standards and is federally interoperable;

2.  Those who house Utah’s SLDS have zero legislative oversight.  Incredibly, when SLDS began in 2009, there was zero vote-taking; SLDS came because of a grant application filled out by a clerk at the state office of education simply asking for a federal SLDS grant, and then it was implemented without voter approval.  Yet SLDS is 100% applied to all school children, non-consensually.

4.  FERPA (federal privacy law) was altered in 2009 by the Department of Education to become almost meaningless.  Despite a huge law suit, FERPA stayed in its altered, privacy-harming state.   So:  in-state or beyond, proper privacy protections do not exist.  (For more on that, see the recent hearings of Rep. Jason Chaffetz against the U.S. Dept. of Education)

5.  SLDS interfaces with many other state agencies in the Utah Data Alliance, so there is no guarantee that a student’s private data, collected by a school, won’t end up in the data silo of another agency totally unrelated to education.  SLDS has the ability, if state policy allows, to also interface with federal agencies’ data, other states’ and even other nations’ data collections.

 

This situation has literally kept me up at night, many nights, including tonight.

Along with countless other moms and dads, lawyers, think tanks, and legislators, I’ve done a lot of research and writing and speaking and pleading on this subject.  See some of what I learned and shared in the past four years, here or here or here or here or here or here or here or here.

I tell you all this in case you are new to this issue so that you’ll understand how INCREDIBLY important passing  HB 358 is.

House Bill 358 ought to be treated as one of the very most, if not the most, important bill at the Capitol this year.  But the legislature is saying that there isn’t enough money to pass the privacy bill, which has an implementation price tag of $800,000.  Oddly, the legislature has agreed to fund the FIFTEEN MILLION DOLLAR technology grant program, HB 277, but that technology bill is meaningless without privacy protections for students’ data.

Is the “no funding for HB 358” decision truly a budgeting pinch decision, or is it a matter of the legislators not caring enough about the rights of students to have privacy?

Here are a few of the lines in the bill that I really appreciate:

Line 463 says:   “A student owns the student’s personally identifiable student data”.

Lines 494-503 say that schools have to give disclosure statements to parents, promising not to share certain types of data with out a data authorization.

Lines 775-792 prohibit psychiatric or psychological tests or analysis without prior written consent of parents, and specifically protect data collection about sexual orientation and behavior, mental problems, religious beliefs, self-incriminating behavior, appraisals of individuals with whom the student has a close family relationship; income, etc, and that written consent is required in all grades, kindergarten through 12th.

The bill designates three different types of data that schools may collect:  necessary, optional, and prohibited.

Even though the “necessary” list seems too long, at least it limits data collection.  It will collect data “required by state statute or federal law to conduct the regular activities of an education entity” such as name, date of birth, sex, parent contact information, student i.d., test results or exceptions from taking tests, transcript information, immunization record or exception from an immunization record, drop out data, race, etc.

Line 346-351    The “optional” list includes IEP information, biometric information, and information that is required for a student to participate in federal data gathering programs.

Lines 356 – 376  The bill also defines “personally identifiable student data” as data that cannot be legally disaggregated (identified by a particular student)  (See lines 224-227 for disaggregation language):

356          (i) a student’s first and last name;
357          (ii) the name of a student’s family member;
358          (iii) a student’s or a student’s family’s home or physical address;
359          (iv) a student’s email address or online contact information;
360          (v) a student’s telephone number;
361          (vi) a student’s social security number;
362          (vii) a student’s biometric identifier;
363          (viii) a student’s health or disability data;
364          (ix) a student’s education entity student identification number;
365          (x) a student’s social media login or alias;
366          (xi) a student’s persistent identifier, if the identifier is associated with personally


367     identifiable student data, including:
368          (A) a customer number held in a cookie; or
369          (B) a processor serial number;
370          (xii) a combination of a student’s last name or photograph with other information that
371     together permits a person to contact the student online;
372          (xiii) information about a student or a student’s family that a person collects online and
373     combines with other personally identifiable student data to identify the student; and
374          (xiv) other information that, alone or in combination, is linked or linkable to a specific
375     student that would allow a reasonable person in the school community, who does not have
376     first-hand knowledge of the student, to identify the student with reasonable certainty.

We need to protect our kids!  This bill NEEDS to pass!

If you’ve ever read 1984 and remember Big Brother; if good old-fashioned history books have taught you that tyranny has been far more dominant than liberty throughout world history (with the exception of a freedom experienced in the U.S. under the Constitution for a few 200+ years) –or if you’ve been paying attention to the recent struggle between big-data and individual rights–  then you know:  allowing any person or government –unfettered–  to track individuals without their consent, for virtually the duration of their entire lives, is a very bad idea.

We need as many emails and phone calls or texts as we can muster before 5:00 p.m. tomorrow, Tuesday, March 8,  to the following representatives, and especially to Speaker of the House Greg Hughes and President Niederhauser:

Representative (Speaker) Hughes  greghughes@le.utah.gov

Senator (President) Niederhauser   wniederhauser@le.utah.gov

Senator Sanpei       dsanpei@le.utah.gov

Senator Hillyard  lhillyard@le.utah.gov

Senator Dunnigan  jdunnigan@le.utah.gov

Senator Adams  jsadams@le.utah.gov

Representative Gibson  fgibson@le.utah.gov

Senator Okerlund  rokerlund@le.utah.gov

Here they are, ready to cut and paste into your email:     dsanpei@le.utah.gov lhillyard@le.utah.gov jdunnigan@le.utah.gov jsadams@le.utah.gov  fgibson@le.utah.gov  rokerlund@le.utah.gov  greghughes@le.utah.gov   wniederhauser@le.utah.gov

 

Thank you.

 

http://le.utah.gov/~2016/bills/static/HB0358.html

 

%d bloggers like this: