NSA Privacy Concerns Apply to Education

Published October 7, 2013

By Paul Kengor

There’s an intense debate right now over Common Core, a major effort to implement national education standards in public schools nationwide. So far, these education goals and corresponding national tests have been adopted by 45 states and the District of Columbia.

Though it isn’t my area of expertise, I’ve received numerous impassioned emails on the subject. Among them, one person’s concerns particularly struck me.

This person is an education expert. She is thoughtful, serious, and no foe of public education. Her concerns especially hit home given current fears over privacy intrusions by the federal government. Those fears have swirled around the National Security Agency, Justice Department, and Internal Revenue Service. But they don’t end there. There are potentially serious privacy problems involving Common Core, which likewise relate to data collection, dissemination, and use.

My friend hopes to at least help kindle some public awareness of this reality.

Forget the Parents
“The portion [of Common Core] that I believe is most important for raising public awareness,” she writes, “is the changes to the FERPA regulations, which have greatly expanded who has access to student data.” FERPA is the Federal Education Rights and Privacy Act of 1974.

The Obama administration changed FERPA in a way that leaves (some believe) parents uninformed as to how their children’s records are shared. “Parents seem totally unaware of what data is being collected,” she adds. “In Pennsylvania it is collected under something called the PIMS system, but in other states it has different labels.”

There’s more. There’s also the problem of a rise in “outside vendors and providers to manage student data—again, without parental consent.”

Rise in Data Collection
How would this happen?

For starters, Common Core includes a heavy testing component, which collects a great deal of student data. Coupled with this heightened data collection is the prevalence of so-called “longitudinal state reporting systems.” The federal Race to the Top initiative encouraged states to create “robust data collection systems.” These systems were touted as a mechanism to provide school districts, state governments, and federal policymakers with more data to analyze trends in student achievement and improve education efforts.

Although this might seem benign, my friend notes, we cannot ignore the sheer volume of data that will be collected and how that data might be misused. For instance, most parents have no idea that their child’s “personal information” includes not just test scores but Social Security numbers, attendance records, records of interaction with school counselors, identification of learning disabilities, and even disciplinary records.

All of this is being collected. 

Where’s the Oversight?
Yet because such enhanced data collection exceeds the resources of many districts and states, schools will be forced to contract for service to corporations that collect, manage, and store such data—and possibly share it. In other words, outside data managers must be employed to maintain this personal data on your kids. Is there any level of oversight to ensure this data is protected from hackers, data-mining companies, and social engineers?

My friend writes, “This trend of data collection relates to changes in the FERPA regulations by the Education Department in 2012. These changes, made without congressional approval, now allow third party access to student data without the consent of parents. For example, vendors, seeking to market particular products, can access this data.”

Religious Schools Not Exempt
And there’s still more, relating specifically to private religious schools. My friend adds, “One particular concern that I think speaks to Catholic interests is the rush on the part of some dioceses (and other private schools) to adopt the Common Core and buy-in to the assessments connected with such systems (and as such the data collection).”

Indeed, the Catholic press is hot on this issue, realizing the distinct impact Common Core can have on Catholic schools—the nation’s largest segment of private/religious schooling. Nationwide, groups of Catholics have sprung up in protest. The National Catholic Education Association hasn’t endorsed the standards, but it is helping Catholic schools prepare for implementation.

Perhaps most troublesome, all of this derives from federal/national influences, even as Common Core is instituted within states. As my friend notes, “the push for the adoption of the state longitudinal data systems and the Common Core assessment collection all stem from national influences. Certainly, the changes in FERPA were undertaken through the U.S. Department of Education.”

My friend sums up: “I find the level of data collection on individual students to be excessive, and the transparency … to be lacking.” Such data collection methods “put the federal government in a position to track student achievement in ways that have been previously unavailable due to the sheer size of data mining, and have been (until recently) safeguarded by privacy regulations. As an educator I care deeply about the ability for our nation’s school children to achieve high levels of learning, yet I believe the decisions for student learning are best accomplished at the classroom and school level, not the federal level.”

We’re facing, in essence, unchecked data collection as part of a significant and sweeping federal educational mandate. Are we ready for this, and its repercussions?

My friend pleads for some “public awareness and dialogue in this area.” Who could object to that?

Paul Kengor ([email protected] ) is professor of political science at Grove City College. Image by Jonathan McIntosh.