Group Works To Protect Students PII

In 2013, Rep. Jeremy Thiesfeldt, in his role as Chairman of the Assembly Select Committee on Common Core Standards, wrote a memo entitled Personal Reflections of Common Core Hearings, in which he discussed his concerns about the collection of personally identifiable data. Thiesfeldt’s primary concern was that “no more than aggregate data be provided outside of state borders.”

The State of Wisconsin Department of Public Instruction provides an application for access to – and use of confidential data. According to the DPI website, “This application is designed to assist in reviewing confidential data requests for purpose, scope, and compliance with data privacy and confidentiality required by federal and state law.” The form provides for organizations ranging in type from schools to interest groups to businesses.

As Thiesfeldt writes in his memo: “Until recently the Family Educational Rights and Privacy Act (FERPA) of 1974 disallowed the federal government from maintaining a database of personally identifiable student information. The USDE has rolled back some provisions of the FERPA by issuing a reinterpretation of the regulations in January 2012. Now, under certain constraints, personally identifiable student information may be released without parental consent.”

At the time, Thiesfeldt expressed concern for security and the use of that data. He noted: “Many private entities also have a strong desire to obtain student/family data for marketing purposes. It is clear that as legal data collection by states and/or the federal government multiplies, pressure from marketing agencies to sell will increase. In addition, a strong concern is evident for the viability of the security systems in place to protect such data from hackers. Based on history, it would be naïve to believe that personally identifiable data would never befall such a fate, or never be used against those from whom its collection was intended to help.”

Since then, the extent of damage done to government employees in the Office of Personnel Management hack and wannbe adulterers in the Ashley Madison hack attack has shook the country to its common core.

It is those very concerns that have caused a group of education activists to join forces in protecting students’ data. Lead by Arizona State Rep. Mark Finchem, It’s My PII was formed to protect student data after it was revealed that the Arizona Department of Education was delivering students’ personally identifiable date to political organizations and various researchers in and out of the United States.

According to the group’s website, its mission is to “Secure, protect and defend Parental Rights and Personally Identifiable Information (PII) of students, parents and teachers.” The group intends to pursue both legal and legislative action at all levels of civil government including federal, state, county and local to secure student data and parental rights associated with it.

In Arizona, rarely, if ever, are parents notified that their children’s personally identifiable information (PII) will be shared. In the case of PII shared by the Arizona Department of Education, parents would not have likely given permission to access the data, if they were granted the opportunity.

The data included:
• School identifier (AZED ID or NCES ID preferred)
• 8th grade AIMS Math and Reading scores Student Race and Ethnicity status
• Student disability status (general IEP codes are sufficient, if districts provide codes which identify the disability)
• Student Free/Reduced Price Lunch indicator (eligible or receiving), or another indicator of poverty
• Student English Leaner indicator
• Student gender
• Subject-specific ACT scores (all tests)
• Composite ACT scores (all tests)
• Any available non-cognitive elements of ACT scores (all tests)

Lisa Hudson, an Arizona mom behind the effort to protect data stated, “What we also found when we reviewed the contracts entered in to between the ADE and third parties is the ADE has no process by which to penalize third parties for use or misuse of data outside the terms of the contract. When I questioned the privacy officer about processes to ensure data is used and destroyed pursuant to contract, she told me they functioned on ‘the honor system’ which means once the data is out there, no one knows what happens to it.”

Logan Albright of Freedom Works, wrote in The Blaze on Wedensday, “The idea that the government can track everything about students should be frightening to anyone who values the right of self-determination. The data collected through standardized testing can be used to create a profile on children that follows them throughout their whole lives, especially given that the data is able to be shared across many governmental agencies.”

“What’s worse, the Arizona attorney general determined in 2014 that parents cannot opt their children out of state-mandated tests. So not only is data being collected without parental consent, but it is actually illegal for parents to refuse the tests where that data originates,” concluded Albright.

Last year Rep. Thiesfeldt fought for parental rights when he came to the defense of one parent who had wanted to opt their child out of the data generating testing.

Thiesfeldt concludes his 2013 memo: “It would be folly and a denial of history to believe that the acceptance of the CCS and the partner assessments will end the growth of federal intervention into Wisconsin’s schools. It would likewise be ignorant of factual history to believe any federal intervention in our schools will accomplish its stated goal.”

Thiesfeldt is right, and it would be folly not to join the It’s My PII fight.

To hear Rep. Finchem talk It’s My PII, click here.