Monday, April 18, 2011

Arne Duncan is From the Government and He is Here to Help you

[Reprinted with permission from Missouri Education Watchdog.]

In its effort to clarify student data privacy rules for researchers and education officials alike, the U.S. Department of Education proposed several changes to the Family Educational Rights and Privacy Act, or FERPA, on Thursday and named its first chief privacy officer.

"Data should only be shared with the right people for the right reasons," U.S. Secretary of Education Arne Duncan said in a statement on the proposals. "We need common-sense rules that strengthen privacy protections and allow for meaningful uses of data. The initiatives announced today will help us do just that."

There is a pesky problem standing in the way of sharing student data between states and Federal Agencies: present FERPA standards. If these standards are not altered, the data necessary to supply the workforce cannot be shared.

The DOE promises your student's data will be secure. Really? What's happened the last several weeks or years regarding cyber information?

•TJX, the parent company of T.J. Maxx, Marshalls, and other retailers, has not acknowledged how data on more than 45 million credit and debit card users who had shopped at the company's retail locations was stolen and sold to fraudsters. (May 9, 2007)

•A data breach involving online marketer Epsilon, whose clients are a Who’s Who of major banks and retailers, was only the latest in a string of hacking attacks aimed at getting email records for more thefts. Companies that have said they were exposed since then include banks Citigroup Inc and Capital One Financial Corp, and retailers Walgreen Co and Best Buy Co. (April 5, 2011)

•According to U.S. investigators, China has stolen terabytes of sensitive data -- from usernames and passwords for State Department computers to designs for multi-billion dollar weapons systems. And Chinese hackers show no signs of letting up. "The attacks coming out of China are not only continuing, they are accelerating," says Alan Paller, director of research at information-security training group SANS Institute in Washington, DC.

Secret U.S. State Department cables, obtained by WikiLeaks and made available to Reuters by a third party, trace systems breaches -- colorfully code-named "Byzantine Hades" by U.S. investigators -- to the Chinese military. An April 2009 cable even pinpoints the attacks to a specific unit of China's People's Liberation Army. (April 14, 2010).

The data sets from the National Data Education Model are set and ready to be used on your student. Don't worry if there is a cyber security attack on the Longitudinal Data Systems; information to be gleaned from an attack would only include some of the following:

•Base salary or wage
•Blood type
•Height and Weight

•Dwelling Arrangement
•Health Care History
•Health Care Plan
•Identification Results
•Immunization Status
•Insurance Coverage
•Overall Health Status
•Residence Block Number
•Social Security Number
•Voting Status

The United States Government cannot stop cyber attacks from China; why should taxpayers believe student privacy is secure because of a change in FERPA legislation?

If you believe this information is secure, you will also believe the following:

According to the No Child Left Behind Act, by 2014 every child is supposed to test on grade level in reading and math.

Not every child can test on grade level in reading and math. It's an admirable goal, but impossible to achieve. That's not going to happen. The goal for data systems is to beef up privacy protections. Like the NCLB goal, it sounds great, but if the government cannot stop foreign countries from hacking into military computers, do you believe the DOE can safeguard student data from hackers?

Read this sentence in the second paragraph again: We need common-sense rules that strengthen privacy protections and allow for meaningful uses of data. The problem with that sentence? Strengthening privacy protections don't safeguard the privacy and the "meaningful uses of data" should raise questions for anyone concerned about the constitutional right to individual privacy that your government is determined to document and share. 


  1. Some of those look to be inviolation of HIPPA.

  2. One of the "meaningful uses" proposed by Duncan's chief-of-staff is to allow researchers to access data to determine which materials and methods are most effective. This notion supposes that the human development can be reduced to data sets. How will third and fourth party access to data be handled? To question protection data collected in public schools and matters of privacy is legitimate.

  3. Just some minor issues there Marine...

    Sandra, on an earlier blog didn't you mention tha the patient application for the process specifically said the information could be sold "Down the road" for commercial purposes?

  4. Oh those infamous for profit mailing lists. Yep, if they are in play, a definite violation of the HC Information & Privacy Act.

  5. Here whe have the adminisration looking at voting records... souds a lot like something Tricky Dick played around with..

  6. Sorry Grumpyelder, I don't recall anything on patient applications; but on test development, the tests can be sold to a commercial company for resale and then, as they do now, would be the responsible entity for test correction and generating reports back to the school districts on each student. Reports are generated for State, and federal government compliance. Could the data be used to "assist" students and inform parents as to the "right" materials etc. It is a good question.


Note: Only a member of this blog may post a comment.