Sometimes it seems like your computer might know more about you than your family and friends. Due to efforts to collect and share personal data online, digital privacy has become a top concern — especially for students.
Two national legislators may have found a solution. In April, they introduced the Student Digital Privacy and Parental Rights Act of 2015 as a way to protect student digital information from third parties and give parents more access to modify student information.
Although the bill targets K-12 students, any changes it makes to the Family Educational Rights and Privacy Act (FERPA) may affect university students, said Dan Bowden, chief information security officer at the U. FERPA mandates that personal student educational records or files can be released only with the student’s written consent. The changes with the 2015 act may add restrictions to who can access those records.
Bowden said there has been a growing interest in the use of data that third-party online services collect from students.
“There’s a lot of concern about what does that particular business feel its obligations are for protecting the data and not using the data for other purposes,” he said.
In the digital age, most schools use online programs for teaching, communicating and posting grades (such as CIS and Canvas at the U). The bill would prohibit online services from selling student information or using that information to create demographic or marketing data.
The act was modeled after a California bill passed last year called the Student Online Personal Information Protection Act. Bowden believes if the national act is not passed, Utah may follow suit and pass a state law.
Tim Ebner, university registrar, said even though changes may come, the U has consistently adjusted its privacy of digital records to be ahead of the game.
“We are already doing what I would anticipate any legislation would require,” he said.
Possible changes could include lock-downs on what the U can send to vendors, such as student contact information, but Ebner is doubtful.
“Currently, I believe we have [students’] best interests in mind,” he said. “We hold their data to be very serious and very confidential.”
In order to stay on top of digital data security, the Academic Senate decided on May 4 to approve a new information security policy and new rules. This would address data classification and encryption, including FERPA data, Bowden said. A faculty committee will work over the summer to update the data protection policy and will convene with the full senate again in the fall.
Though not set in stone, the policies and changes would only affect faculty and staff who manage student data.
Bowden is eager to see security improvements and he is hopeful that the bill will pass.
@carolyn_webber