As Target, Home Depot, the U.S. Post Office and other entities find it difficult to protect consumer information, Virginia lawmakers are wondering how public schools will guard student data as they transition into electronic instruction, testing, and information storage. As Virginia Public Radio’s Anne Marie Morgan reports, the Joint Commission on Technology and Science aims to close the gaps in state laws and policies that might inadvertently allow the use of student data for unauthorized purposes.
JCOTS is weighing a bill to prohibit cloud computing service-providers under contract with schools from using the data for online behavioral advertising, creating household profiles, or selling student information for commercial purposes. But JCOTS chair Tom Rust also found another problem.
“Current law does NOT require notification of student data breaches—it has to be some kind of financial data. I think we need to fix that.”
Rust said the state could require all IT contracts to guarantee data security, but free APPs with their insidious terms of service are a different challenge.
“That’s a huge issue because they basically don’t have any control over it.”
That’s why one state attorney general entered into an agreement with APP providers that they could not use student information or metadata at all.