Read more here:

LA Times article: http://www.latimes.com/news/nation/nationnow/la-na-nn-san-antonio-scanner-chips-20120527,0,5517601.story.

ACLU’s article: http://www.aclu.org/blog/technology-and-liberty/dont-let-schools-chip-your-kids.

McGraw HIll technical report on privacy concerns see page 13 under RFID: http://www2.ed.gov/programs/racetothetop-assessment/rfi-response/mcgraw-hill-ed-rfi-1-17-11submission.pdf.

School law varies by state and jurisdiction and continues to change. If you need legal assistance, contact an attorney in your state.

Andrea M. Cascia, J.D.
M.A. Educational Technology
California Attorney at Law
edtechlaw.com

Balancing Filtering and Freedom of Speech

You have probably spent some time thinking about the sites that are blocked by your school’s filtering system. You may have also carefully considered the balance between maintaining a safe and effective learning environment and access to information on the Internet. Now, you should consider the viewpoint neutrality of your filtering system.

Recently in Missouri, Camdenton R-III School District settled out of court with Parents, Families and Friends of Lesbians and Gays (PFLAG) and others after the district was faced with a preliminary order to modify its filtering system.  Before the settlement, the district’s filter blocked websites that expressed a positive viewpoint toward Lesbian, Gay, Bisexual and Transgender (LGBT) individuals while leaving opposing websites accessible. Note that this ruling by the United States District Court for the Western District of Missouri is not directly applicable to cases outside of the court’s jurisdiction and turns on the specific facts of the case. However, the court’s reasoning makes interesting food for thought for school leaders.

Rules enforcing CIPA require that an E-rate applicant’s Internet safety policy include a technology protection measure that blocks Internet access by both adults and minors to visual depictions that are obscene, child pornography; or harmful to minors. The policy must also include a provision for monitoring the online activity of students.

The Missouri court referred to the ineffectiveness of the district’s filtering system in its opinion.  The system failed to block 30% of sites that the court considered obscene, child pornography or harmful to minors. In contrast, the district was blocking a long list of sites that portrayed LGBT issues in a positive light. The court considered this type of blocking viewpoint specific discrimination. Despite the fact that the district had a system to unblock sites upon request and approval of that request, the students’ access to information was unconstitutionally limited because their use of the system was tracked. The court reasoned that tracking would stigmatize the students. It found that the school district violated the First Amendment when it denied students access to the sites.

School leaders should have a discussion about the viewpoint neutrality of their filtering systems. Does their system block sites that espouse one side of an issue while leaving opposing sites accessible? For example, a district might block sites that promote intelligent design while leaving open the sites that describe the theory of evolution or vice versa. This type of blocking may be considered viewpoint specific discrimination.  It may also limit students’ ability to explore issues in an independent, nonpartisan and analytical manner.

Education is the Answer

CIPA has required schools to have Internet safety policies and technology protection measures since 2001. Now, it requires E-rate applicants to add an educational element to their Internet safety policies. This educational element must include education for students covering “appropriate online behavior including interacting with other individuals on social networking websites and in chat rooms, and regarding cyberbullying awareness and response.” This type of curriculum is commonly referred to as Digital Citizenship. The rule does not require that the policy itself should educate the students, but rather that the school district’s policy should include a plan to provide Digital Citizenship education for its students.

This new requirement takes effect July 1, 2012. It does not require a public hearing unless the school has never had an Internet safety policy in place. Further, it does not require a specific curriculum and does not provide specific implementation procedures for the programs. A school that has complied substantially with the spirit of the law will be allowed to cure minor defects in its policy without loss of funding.

At the Computer Using Educators Conference, Larry Magdid, a technology journalist, spoke about Digital Citizenship education. He suggested that Digital Citizenship education should include media literacy education to help students avoid social engineering. Perhaps, CIPA’s new education requirement is another opportunity to prepare our students to think independently.

Federal officials have written that social networking pages can be used as effective educational tools leaving school officials to determine whether the sites should be blocked.  Consider using education rather than unrequired blocking to prepare students for the future.

This article is intended to provide information about CIPA. Although I am an attorney, this article contains my opinion as an experienced technology educator and is not legal advice. School law varies by state and jurisdiction and continues to change. If you need legal assistance, contact an attorney in your state.

Andrea M. Cascia, J.D.
M.A. Educational Technology
California Attorney at Law
edtechlaw.com

This article describes Cloud Computing systems in schools, the privacy issues that arise from their use and general information about applicable laws. Education law varies by state and by court jurisdiction. This article is for informational purposes and does not constitute legal advice. To seek legal advice, contact a qualified legal professional in your state.

Schools are transitioning to Cloud Computing systems to increase the efficiency of student records management and to bring student learning into the twenty-first century. This means that schools store students’ personal information on offsite servers enabling students, staff and state officials to access this information from any device with access to the Internet. This type of access is both convenient and intended to be cost effective.

However, privacy advocates raise concerns about public school districts trading student information in exchange for access to Cloud Computing systems. Some school districts are purchasing access to Cloud Computing systems while others are relying on the services of companies that profit by providing services to users in exchange for access to the user’s personal information for advertising purposes.

Privacy advocates are especially concerned about the sale or transfer of students’ personal information to advertisers and the public. A Cloud Computing provider may sell personal information to advertisers or charge advertisers for access to its advertising system. More specifically, some providers or advertisers may use the personal information to create targeted advertising. Privacy advocates argue that this sharing of information violates student privacy rights.

Notions of privacy are changing in today’s society. Laws covering online privacy are in a state of flux. It is important that school districts stay up to date with changes in these laws to avoid litigation and loss of funding.

Providers that serve school districts must ensure that their privacy policies comply with Federal Trade Commission (FTC) regulations including the Children’s Online Privacy Protection Act (COPPA). Their systems must also comply with the Family Educational Rights and Privacy Act (FERPA) and the Protection of Pupil Rights Amendment (PPRA) and the Federal Communications Commission’s Children’s Internet Protection Act (CIPA), as well as state laws.

School administrators should review the privacy policies of their prospective Cloud Computing providers. The Federal Trade Commission requires that all Cloud providers have a privacy policy. A provider must disclose the ways in which it gathers, uses and discloses a user’s personal information in its privacy policy.

The Children’s Online Privacy Protection Act (COPPA) is intended to protect children from cybercrimes, including crimes by online predators, and to help parents shield their children under the age of thirteen from material that is inappropriate. COPPA regulates the management of websites that collect information from minors for commercial purposes. It applies to educational Cloud providers because they produce products for children. School districts should ensure that their provider complies with COPPA.

The Family Educational Rights and Privacy Act (FERPA) protects the privacy of student education records. FERPA applies to all schools that receive funds under an applicable program of the U.S. Department of Education. New FERPA regulations provide guidance as to how schools should manage student records in digital information systems. More specifically, it provides guidance as to how they must manage records when they outsource record management to providers. The U.S. Department of Education has created a privacy technical assistance center to serve education agencies. Districts may seek assistance from center officials to ensure compliance with FERPA.

The Protection of Pupil Rights Amendment (PPRA) is intended to protect student privacy rights. Specifically, it requires school districts that receive funds from the Federal Government to develop policies covering the collection, disclosure, or use of personal information collected from students. Unless state education agencies have implemented policies regarding information collection, PPRA requires school districts to create policies in consultation with parents. The Department of Education Family Policy Compliance Office provides model notices for FERPA and PPRA on its website.

The Children’s Internet Protection Act (CIPA) is a federal law enacted by Congress to address concerns about access to offensive content on the Internet viewed on school and library devices. Under CIPA, schools and libraries are required to adopt and implement an Internet safety policy addressing unauthorized disclosure, use and dissemination of their students’ personal information.

Many states are enacting statutes governing privacy. For instance, California law prohibits schools from entering into a contract for electronic products or services that requires the dissemination of advertising to pupils, unless the governing board of the school district does all of the following: enters into the contract at a noticed public hearing of the governing board; makes a finding that the electronic product or service in question is or would be an integral component of the education of pupils and that the school district cannot afford to provide the electronic product or service unless it contracts to permit dissemination of advertising to pupils; provides regular written notice to the parents or guardians of pupils that the advertising will be used in the classroom or other learning centers and offers the parents the opportunity to request in writing that the pupil not be exposed to the program that contains the advertising. All California public schools must comply with this statute.

As laws covering the integration of technology into school systems change, it will be increasingly important that school officials are aware of the changes in applicable laws.

Edtechlaw.com is a blog designed to keep school district officials aware of the most recent developments in the law and policy governing educational technology. It is managed by Andrea Cascia, an education law attorney and technology teacher in San Diego, California.

Andrea has worked in the field of educational technology for more than ten years. She thouroughly investigates the legal and policy issues related to educational technology. She is dedicated to improving the use of educational technology in schools.
In addition to teaching technology classes, Andrea guest lectures at the University of San Diego School of Law and University of San Diego School of Education and Leadership Sciences. She provides students with information on the latest educational technology innovations and the legal and policy issues related to these innovations.

Andrea Cascia, andrea@edtechlaw.com, is available to consult on legal and policy issues related to educational technology. Thus, this blog posting is an advertisement.