Senators Go After Ed Tech on Student Data Usage

Some of the biggest names in ed tech received word this week from a team of Democratic senators to hand over details on their data collection practices. The request from U.S. Senators Dick Durbin (D-IL), Ed Markey (D-MA) and Richard Blumenthal (D-CT) expressed concern that the amount of data and how it was being managed could "put students, parents and educational institutions at risk" of having their personal information "stolen, collected or sold without their permission or knowledge."

The letter was sent to 55 education technology organizations, including nonprofits, and data broker companies that compile and sell student lists. Among those who received the letter were Google and Facebook, along with major assessment companies (ACT, CollegeBoard and Kaplan among them), learning management system firms (including Blackboard, D2L, Instructure, Moodle and Sakai), curriculum publishers and distributors (Barnes & Noble Education, Cengage, Macmillan, McGraw-Hill, Pearson, VitalSource and Wiley) and more specialized operators (Civitas Learning, Curriculum Associates, Edmodo, Quizlet, Smart Sparrow and Turnitin).

The letter requested a list of responses, among them:

  • A list of the software and other offerings produced since the founding of the respective organization;
  • The count of schools and students (with their age ranges) that have used the products;
  • The type of data collected, how long it's retained, what opt-out or revision options are available and how the data is monetized;
  • What would happen to the data were the company merged, acquired, closed or dissolved;
  • Other sources of student data the company uses and where it comes from;
  • How students are categorized by their data and what those "labels" or "categories" are;
  • How students actively approve of the terms of service or licensing for use of the product;
  • Whether a breach or some other kind of unauthorized access has occurred involving the data; and
  • How the company is complying with privacy regulations contained in FERPA and COPPA.

The letters arrived on the tail of a major hack of Slate, an open source admissions and advancement platform, and a 2018 public service announcement from the Federal Bureau of Investigation warning that malicious use of data collected by ed tech could result in "social engineering, bullying, tracking, identity theft, or other means for targeting children."

The letter to data brokers specifically referenced research by Fordham University on how data brokers were making compilations of "sensitive" student data available for sale based on GPA, ethnicity, religion and affluence, among other highly targeted categories.

"From academic performance data and web histories, to location data and other personally identifiable information such as date of birth or address, it is imperative that we take steps to ensure students' data is being secured and protected. Parents, students, and educational institutions deserve to have more control over their data," the letter stated.

Links to full text of the letters (one for education technology companies and one for data brokers) are available here.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • landscape photo with an AI rubber stamp on top

    California AI Watermarking Bill Garners OpenAI Support

    ChatGPT creator OpenAI is backing a California bill that would require tech companies to label AI-generated content in the form of a digital "watermark." The proposed legislation, known as the "California Digital Content Provenance Standards" (AB 3211), aims to ensure transparency in digital media by identifying content created through artificial intelligence. This requirement would apply to a broad range of AI-generated material, from harmless memes to deepfakes that could be used to spread misinformation about political candidates.

  • Abstract geometric shapes connected by binary code and circuit patterns

    Rubrik-Okta Integration Offers AI-Driven Identity Threat Protection

    Cybersecurity companies Rubrik and Okta are partnering on a new AI-powered identity threat protection solution.

  • Two autonomous AI figures performing tasks in a tech environment; one interacts with floating holographic screens, while the other manipulates digital components

    Agentic AI Named Top Tech Trend for 2025

    Agentic AI will be the top tech trend for 2025, according to research firm Gartner. The term describes autonomous machine "agents" that move beyond query-and-response generative chatbots to do enterprise-related tasks without human guidance.

  • translucent lock composed of interconnected nodes and circuits at the center

    Cloud Security Alliance: Best Practices for Securing AI Systems

    The Cloud Security Alliance (CSA), a not-for-profit organization whose mission statement is defining and raising awareness of best practices to help ensure a secure cloud computing environment, has released a new report offering guidance on securing systems that leverage large language models (LLMs) to address business challenges.