March 8, 2017 Board Meeting Agenda Item #19:

Board Audio: 

BLUE CARD Dawn Urbanek

AT page 364



SB 1177 lays out a number of do's and don'ts for operators of K-12 Internet websites, online services, online applications and mobile applications that apply broadly whether companies contract with schools or not:

Do not target advertising on the site or another site based on information from K-12 users.

Do not use information gathered through the service to build a profile about a K-12 student.

Do not sell a student's information.

Do not disclose covered information unless it's for legal, regulatory, judicial, safety or operational improvement reasons.

Do protect student information through reasonable security procedures and practices.

Do delete school- or district-controlled student information upon request from those entities.

Do disclose student information when required by law, for legitimate research purposes and for K-12 purposes to education agencies.

Companies can use de-identified student data within their sites to improve educational products, demonstrate their effectiveness and improve their sites.



AB 1584 dives into the details by spelling out what types of things local educational agencies should include in contracts with third-party digital record and educational software providers:

Do establish that the local educational agency owns and controls student records.

Do describe how students can keep control of their projects and other content created for school, along with a way to transfer their content to a personal account later.

Do prohibit third parties from using student information for purposes outside of those named in the contract.

Do describe how parents, legal guardians or students can review and correct personally identifiable information contained in their records.

Do outline actions that third parties will take to make sure that student data is secure and confidential.

Do describe procedures for notifying affected parents, legal guardians or eligible students when there is an unauthorized disclosure of student records.

Do certify that student records will not be retained or available to the third party once the contract is over and lay out how that will be enforced.

Do describe how local educational agencies and third parties will comply with the federal FERPA legislation.

Do prohibit third parties from using personally identifiable information from student records to target advertising to students.
Along with these do's, the bill says that contracts will be voided if they do not comply with the requirements laid out above after a reasonable amount of time and notice to do so.






No Right to Privacy If You Are A Public School Student




Common Core Implementation - CUSD Technology Spending Way Up- $3 million August 17, 2016



Student Data is not Protected due to FERPA Loop Hole



Obama's Executive Action to Rewrite No Child Left Behind Modifies Student Privacy Rights - Personally Identifiable Information Is Now Available To For Profit Companies


Poway data breach affects 30,000-plus students

The data included children’s names, nicknames, addresses, phone numbers, hearing and vision exam results, dates of birth, language fluency, academic test results and occupation of parents, according to the woman who received the data, Gabriela Dow.


Lawsuit Against the California Department of Education Raises Concerns About Student Privacy Rights


CUSD's BrightBytes Survey- What Business does CUSD have asking these types of questions? Why are students and families being forced to share data with 3rd party for profit vendors?