FunnyMonkey


Bill Fitzgerald

Bill Fitzgerald

New York Pulls Out Of inBloom. Ho Hum.

6 min read

NOTE: An earlier version of this post included language from a draft version of a NY Assembly bill. Thanks to Paige Kowalski for pointing this out. END NOTE

Earlier this week, New York State pulled out of inBloom. While this has been hailed by some as a victory for privacy, it's worth noting that the data points that are collected - and have been collected for the last several years - haven't changed. The federal accountability requirements driving much of the data collection that currently occurs haven't changed. In New York, the withdrawal from inBloom means that districts are right back where they started: managing data collection and accountability reporting on their own. And it's worth noting here that all of the student data that was going to be stored in inBloom is already collected and stored in a statewide data repository, and that none of these conversations address data collection taking place via other apps and services.

Districts deserve the ability to control where their data is stored, what tools are used to store and manage it, and where the servers containing that data are located. While many districts do not appear to be doing a particularly effective job of exercising this control at present, that doesn't mean that districts should just cede this responsibility outright. New York's approach to the inBloom rollout was top down and paternalistic. inBloom, for it's part, failed to respond to and counter the narrative that the entire purpose of inBloom was to collect as much data as possible, and then sell that data to marketers, advertisers, and other corporate ne'er do wells.

New York State backing out of inBloom is less a victory for actual privacy than it is a change in software procurement. As discussed above, the data collected by schools has not changed, and the fact that it is stored in a single statewide source has not changed. The software used to store it, however has changed. It's comparable to a district banning the use of Microsoft Word - it doesn't mean that people won't create text documents; they'll just use different software to do their work.

The majority of the coverage - and most of the ongoing discussions about data collection and privacy - ignores the reality that data collection and management is a zero sum game. There are a limited number of vendors that can manage state and district level data storage, so not using one option means choosing another. As noted earlier in the post, New York State's decision to pull out of inBloom isn't a shift in data collection policy, it's a shift in what software and tools are provided to districts. As they have done in the past, districts are now outsourcing data storage to vendors, or maintaining solutions in-house. In New York, removing inBloom at the state level creates opportunities for the existing players - Pearson, eScholar, Infinite Campus, Agilx, Clever, etc - to sell directly to districts and regional educational agencies. So, the push to move away from inBloom to keep student data out of the hands of vendors creates opportunities for student data to flow directly to other vendors. Outsourcing data handling to vendors also requires adequate contracts to safeguard data, which many districts fail to do. And, even if districts get the contracting right, and/or maintain their own service, data compromises are, unfortunately, commonplace - as of March 27, 2014, over 725 data breaches have been reported in K12 and Higher Ed since April, 2005. Many of these breaches have occurred because of human error or interference, not because of hacking.

To be clear: the approach inBloom and New York took was incredibly flawed. But, unlike every other option that exists, inBloom provides an open source option that could have been adopted independently by districts, or regional service providers, or state educational agencies. It's possible to use inBloom - the software - without interacting with inBloom, the organization. inBloom provided a real alternative that could be used to break the dependency on vendors managing and storing student data. The fact that so few people understand the implications of this is probably the single biggest failure of inBloom, the organization.

Looking at this nationally, New York pulling out of inBloom is only good news for the other players in the space. inBloom had the potential to shift the dynamic in how states and districts managed their data. If inBloom had focused on supporting states and districts setting up their own hardware - rather than setting up a hosted solution where inBloom managed the servers - we might be having a different conversation now. However, with New York out of the picture, inBloom is pretty heavily tarnished, which helps the pre-existing players continue to expand their control over the market. One of the major concerns cited about using inBloom was that it would allow student data to be used to develop adaptive learning. However, if a student is using an electronic text from a textbook publisher, this is likely already happening. Pearson's partnership with Knewton shows exactly what this looks like. The move away from inBloom is a move to "protect" students from what is already happening.

But really, all of this is misguided. The lens of "privacy" is at least partially broken, as it relegates students to an observed object in system where they have limited input. Our considerations of privacy will remain divorced from learning (remember learning? It's why we do this whole school thing) until we recognize and acknowledge that students (or their parents) need to be the ones to control and reflect on any information that is collected about learning. Now, the emphasis is on building systems that collect data on students, to push content at them. We're not seeing much work on systems that empower students to reflect on their learning over time, and selectively share that information. Our data collection policies and habits reflect the reality that our educational system is more outcome-centered than student-centered. If we corrected this misplaced emphasis, we could do a better job educating all children, and improve privacy concerns along the way.

, , ,

0 stars 2 comments

There is language in NY law regarding contracts & penalties, so some progress has been made in addition to establishing the position of an education CPO. I have excerpted some of the vendor related text:

http://open.nysenate.gov/legislation/bill/S6356D-2013

E. EACH EDUCATIONAL AGENCY THAT ENTERS INTO A CONTRACT OR OTHER WRIT-
TEN AGREEMENT WITH A THIRD PARTY CONTRACTOR UNDER WHICH THE THIRD PARTY
CONTRACTOR WILL RECEIVE STUDENT DATA OR TEACHER OR PRINCIPAL DATA SHALL
ENSURE THAT SUCH CONTRACT OR AGREEMENT INCLUDES A DATA SECURITY AND
PRIVACY PLAN THAT OUTLINES HOW ALL STATE, FEDERAL, AND LOCAL DATA SECU-
RITY AND PRIVACY CONTRACT REQUIREMENTS WILL BE IMPLEMENTED OVER THE LIFE
OF THE CONTRACT, CONSISTENT WITH THE EDUCATIONAL AGENCY'S POLICY ON DATA
SECURITY AND PRIVACY. SUCH PLAN SHALL INCLUDE, BUT SHALL NOT BE LIMITED
TO, A SIGNED COPY OF THE PARENTS BILL OF RIGHTS FOR DATA PRIVACY AND
SECURITY, AND A REQUIREMENT THAT ANY OFFICERS OR EMPLOYEES OF THE THIRD
PARTY CONTRACTOR AND ITS ASSIGNEES WHO HAVE ACCESS TO STUDENT DATA OR
TEACHER OR PRINCIPAL DATA HAVE RECEIVED OR WILL RECEIVE TRAINING ON THE
FEDERAL AND STATE LAW GOVERNING CONFIDENTIALITY OF SUCH DATA PRIOR TO
RECEIVING ACCESS.
F. EACH THIRD PARTY CONTRACTOR THAT ENTERS INTO A CONTRACT OR OTHER
WRITTEN AGREEMENT WITH AN EDUCATIONAL AGENCY UNDER WHICH THE THIRD PARTY
CONTRACTOR WILL RECEIVE STUDENT DATA OR TEACHER OR PRINCIPAL DATA SHALL:
(1) LIMIT INTERNAL ACCESS TO EDUCATION RECORDS TO THOSE INDIVIDUALS
THAT ARE DETERMINED TO HAVE LEGITIMATE EDUCATIONAL INTERESTS;
(2) NOT USE THE EDUCATION RECORDS FOR ANY OTHER PURPOSES THAN THOSE
EXPLICITLY AUTHORIZED IN ITS CONTRACT;
(3) EXCEPT FOR AUTHORIZED REPRESENTATIVES OF THE THIRD PARTY CONTRAC-
TOR TO THE EXTENT THEY ARE CARRYING OUT THE CONTRACT, NOT DISCLOSE ANY
PERSONALLY IDENTIFIABLE INFORMATION TO ANY OTHER PARTY:
(I) WITHOUT THE PRIOR WRITTEN CONSENT OF THE PARENT OR ELIGIBLE
STUDENT; OR
(II) UNLESS REQUIRED BY STATUTE OR COURT ORDER AND THE PARTY PROVIDES
A NOTICE OF THE DISCLOSURE TO THE DEPARTMENT, DISTRICT BOARD OF EDUCA-
TION, OR INSTITUTION THAT PROVIDED THE INFORMATION NO LATER THAN THE
TIME THE INFORMATION IS DISCLOSED, UNLESS PROVIDING NOTICE OF THE
DISCLOSURE IS EXPRESSLY PROHIBITED BY THE STATUTE OR COURT ORDER;
(4) MAINTAIN REASONABLE ADMINISTRATIVE, TECHNICAL AND PHYSICAL SAFE-
GUARDS TO PROTECT THE SECURITY, CONFIDENTIALITY AND INTEGRITY OF
PERSONALLY IDENTIFIABLE STUDENT INFORMATION IN ITS CUSTODY;
(5) USES ENCRYPTION TECHNOLOGY TO PROTECT DATA WHILE IN MOTION OR IN
ITS CUSTODY FROM UNAUTHORIZED DISCLOSURE USING A TECHNOLOGY OR METHODOL-
OGY SPECIFIED BY THE SECRETARY OF THE UNITED STATES DEPARTMENT OF HEALTH
AND HUMAN SERVICES IN GUIDANCE ISSUED UNDER SECTION 13402(H)(2) OF
PUBLIC LAW 111-5.
6. BREACH AND UNAUTHORIZED RELEASE OF PERSONALLY IDENTIFIABLE INFORMA-
TION. A. EACH THIRD PARTY CONTRACTOR THAT RECEIVES STUDENT DATA OR
TEACHER OR PRINCIPAL DATA PURSUANT TO A CONTRACT OR OTHER WRITTEN AGREE-
MENT WITH AN EDUCATIONAL AGENCY SHALL BE REQUIRED TO NOTIFY SUCH EDUCA-
TIONAL AGENCY OF ANY BREACH OF SECURITY RESULTING IN AN UNAUTHORIZED
RELEASE OF SUCH DATA BY THE THIRD PARTY CONTRACTOR OR ITS ASSIGNEES IN
VIOLATION OF APPLICABLE STATE OR FEDERAL LAW, THE PARENTS BILL OF RIGHTS
FOR STUDENT DATA PRIVACY AND SECURITY, THE DATA PRIVACY AND SECURITY
POLICIES OF THE EDUCATIONAL AGENCY AND/OR BINDING CONTRACTUAL OBLI-
GATIONS RELATING TO DATA PRIVACY AND SECURITY, IN THE MOST EXPEDIENT WAY
POSSIBLE AND WITHOUT UNREASONABLE DELAY. THE EDUCATIONAL AGENCY SHALL,
UPON NOTIFICATION BY THE THIRD PARTY CONTRACTOR, BE REQUIRED TO REPORT
TO THE CHIEF PRIVACY OFFICER ANY SUCH BREACH OF SECURITY AND UNAUTHOR-
IZED RELEASE OF SUCH DATA. THE CHIEF PRIVACY OFFICER SHALL, UPON BELIEF
THAT SUCH BREACH AND UNAUTHORIZED RELEASE CONSTITUTES CRIMINAL CONDUCT,
REPORT SUCH BREACH AND UNAUTHORIZED RELEASE TO LAW ENFORCEMENT IN THE
MOST EXPEDIENT WAY POSSIBLE AND WITHOUT UNREASONABLE DELAY.
D. EACH VIOLATION OF A THIRD PARTY CONTRACTOR PURSUANT TO PARAGRAPH A
OF THIS SUBDIVISION SHALL BE PUNISHABLE BY A CIVIL PENALTY OF THE GREAT-
ER OF FIVE THOUSAND DOLLARS OR UP TO TEN DOLLARS PER STUDENT, TEACHER,
AND PRINCIPAL WHOSE DATA WAS RELEASED, PROVIDED THAT THE LATTER AMOUNT
SHALL NOT EXCEED THE MAXIMUM PENALTY UNDER PARAGRAPH (A) OF SUBDIVISION
SIX OF SECTION EIGHT HUNDRED NINETY-NINE-AA OF THE GENERAL BUSINESS LAW.
E. IF THE CHIEF PRIVACY OFFICER DETERMINES THAT A THIRD PARTY CONTRAC-
TOR OR ITS ASSIGNEE, IN VIOLATION OF APPLICABLE STATE OR FEDERAL LAW,
THE DATA PRIVACY AND SECURITY POLICIES OF THE EDUCATIONAL AGENCY
PROVIDED BY SUCH EDUCATIONAL AGENCY TO THE THIRD PARTY CONTRACTOR AND/OR
BINDING CONTRACTUAL OBLIGATIONS RELATING TO DATA PRIVACY AND SECURITY,
HAS RELEASED ANY STUDENT DATA OR TEACHER OR PRINCIPAL DATA RECEIVED FROM
AN EDUCATIONAL AGENCY TO ANY PERSON OR ENTITY NOT AUTHORIZED BY LAW TO
RECEIVE SUCH DATA PURSUANT TO A LAWFUL SUBPOENA OR OTHERWISE, THE CHIEF
PRIVACY OFFICER, AFTER AFFORDING THE THIRD PARTY CONTRACTOR WITH NOTICE
AND AN OPPORTUNITY TO BE HEARD, SHALL BE AUTHORIZED TO:
(1) ORDER THAT THE THIRD PARTY CONTRACTOR BE PRECLUDED FROM ACCESSING
STUDENT DATA OR TEACHER OR PRINCIPAL DATA, AS APPLICABLE, FROM THE
EDUCATIONAL AGENCY FROM WHICH THE CONTRACTOR OBTAINED THE DATA THAT WAS
IMPROPERLY DISCLOSED FOR A FIXED PERIOD OF UP TO FIVE YEARS; AND/OR
(2) ORDER THAT A THIRD PARTY CONTRACTOR OR ASSIGNEE WHO KNOWINGLY OR
RECKLESSLY ALLOWED FOR THE UNAUTHORIZED RELEASE OF STUDENT DATA OR
TEACHER OR PRINCIPAL DATA BE PRECLUDED FROM ACCESSING STUDENT DATA OR
TEACHER OR PRINCIPAL DATA FROM ANY EDUCATIONAL AGENCY IN THE STATE FOR A
FIXED PERIOD OF UP TO FIVE YEARS; AND/OR
(3) ORDER THAT A THIRD PARTY CONTRACTOR OR ASSIGNEE WHO KNOWINGLY OR
RECKLESSLY ALLOWED FOR THE UNAUTHORIZED RELEASE OF STUDENT DATA OR
TEACHER OR PRINCIPAL DATA SHALL NOT BE DEEMED A RESPONSIBLE BIDDER OR
OFFERER ON ANY CONTRACT WITH AN EDUCATIONAL AGENCY THAT INVOLVES THE
SHARING OF STUDENT DATA OR TEACHER OR PRINCIPAL DATA, AS APPLICABLE FOR
PURPOSES OF THE PROVISIONS OF SECTION ONE HUNDRED THREE OF THE GENERAL
MUNICIPAL LAW OR PARAGRAPH C OF SUBDIVISION TEN OF SECTION ONE HUNDRED
SIXTY-THREE OF THE STATE FINANCE LAW, AS APPLICABLE, FOR A FIXED PERIOD
OF UP TO FIVE YEARS; AND/OR
(4) REQUIRE THE THIRD PARTY CONTRACTOR TO PROVIDE TRAINING AT THE
CONTRACTOR'S EXPENSE ON THE FEDERAL AND STATE LAW GOVERNING CONFIDEN-
TIALITY OF STUDENT DATA AND/OR TEACHER OR PRINCIPAL DATA AND THE
PROVISIONS OF THIS SECTION TO ALL ITS OFFICERS AND EMPLOYEES WITH ACCESS
TO SUCH DATA, PRIOR TO BEING PERMITTED TO RECEIVE SUBSEQUENT ACCESS TO
SUCH DATA FROM THE EDUCATIONAL AGENCY FROM WHICH THE CONTRACTOR OBTAINED
THE DATA THAT WAS IMPROPERLY DISCLOSED OR FROM ANY EDUCATIONAL AGENCY;
AND/OR
(5) IF IT IS DETERMINED THAT THE UNAUTHORIZED RELEASE OF STUDENT DATA
OR TEACHER OR PRINCIPAL DATA ON THE PART OF THE THIRD PARTY CONTRACTOR
OR ASSIGNEE WAS INADVERTENT AND DONE WITHOUT INTENT, KNOWLEDGE, RECK-
LESSNESS OR GROSS NEGLIGENCE, THE COMMISSIONER MAY DETERMINE THAT NO
PENALTY BE ISSUED UPON THE THIRD PARTY CONTRACTOR.
7. IMPLEMENTATION AND ENFORCEMENT. A. THE COMMISSIONER, IN CONSULTA-
TION WITH THE CHIEF PRIVACY OFFICER, SHALL PROMULGATE REGULATIONS ESTAB-
LISHING PROCEDURES TO IMPLEMENT THE PROVISIONS OF THIS SECTION, INCLUD-
ING BUT NOT LIMITED TO PROCEDURES FOR THE SUBMISSION OF COMPLAINTS FROM
PARENTS AND/OR PERSONS IN PARENTAL RELATION TO STUDENTS, CLASSROOM
TEACHERS OR BUILDING PRINCIPALS, OR OTHER STAFF OF AN EDUCATIONAL AGEN-
CY, MAKING ALLEGATIONS OF IMPROPER DISCLOSURE OF STUDENT DATA AND/OR
TEACHER OR PRINCIPAL DATA BY A THIRD PARTY CONTRACTOR OR ITS OFFICERS,
EMPLOYEES OR ASSIGNEES THAT MAY BE SUBJECT TO THE SANCTIONS SET FORTH IN
SUBDIVISION SIX OF THIS SECTION. UPON RECEIPT OF A COMPLAINT OR OTHER
INFORMATION INDICATING THAT SUCH AN IMPROPER DISCLOSURE BY A THIRD PARTY
CONTRACTOR MAY HAVE OCCURRED, THE CHIEF PRIVACY OFFICER SHALL BE AUTHOR-
IZED TO INVESTIGATE, VISIT, EXAMINE AND INSPECT THE THIRD PARTY CONTRAC-
TOR'S FACILITIES AND RECORDS AND OBTAIN DOCUMENTATION FROM, OR REQUIRE
THE TESTIMONY OF, ANY PARTY RELATING TO THE ALLEGED IMPROPER DISCLOSURE
OF STUDENT DATA OR TEACHER OR PRINCIPAL DATA.
B. EXCEPT AS PROVIDED UNDER PARAGRAPH D OF SUBDIVISION SIX OF THIS
SECTION, EACH VIOLATION OF ANY PROVISION OF THIS SECTION BY A THIRD
PARTY CONTRACTOR OR ITS ASSIGNEE SHALL BE PUNISHABLE BY A CIVIL PENALTY
OF UP TO ONE THOUSAND DOLLARS; A SECOND VIOLATION BY THE SAME THIRD
PARTY CONTRACTOR INVOLVING THE SAME STUDENT DATA OR TEACHER OR PRINCIPAL
DATA SHALL BE PUNISHABLE BY A CIVIL PENALTY OF UP TO FIVE THOUSAND
DOLLARS; ANY SUBSEQUENT VIOLATION BY THE SAME THIRD PARTY CONTRACTOR
INVOLVING THE SAME STUDENT DATE OR TEACHER OR PRINCIPAL DATA SHALL BE
PUNISHABLE BY A CIVIL PENALTY OF UP TO TEN THOUSAND DOLLARS. EACH
VIOLATION OF THIS SUBDIVISION SHALL BE CONSIDERED A SEPARATE VIOLATION
FOR PURPOSES OF CIVIL PENALTIES AND THE TOTAL PENALTY SHALL NOT EXCEED
THE MAXIMUM PENALTY UNDER PARAGRAPH (A) OF SUBDIVISION SIX OF SECTION
EIGHT HUNDRED NINETY-NINE-AA OF THE GENERAL BUSINESS LAW.
C. NOTHING CONTAINED IN THIS SECTION SHALL BE CONSTRUED AS CREATING A
PRIVATE RIGHT OF ACTION AGAINST THE DEPARTMENT OR AN EDUCATIONAL AGENCY.
D. NOTHING IN THIS SECTION SHALL LIMIT THE ADMINISTRATIVE USE OF
STUDENT DATA OR TEACHER OR PRINCIPAL DATA BY A PERSON ACTING EXCLUSIVELY
IN THE PERSON'S CAPACITY AS AN EMPLOYEE OF AN EDUCATIONAL AGENCY OR OF
THE STATE OR ANY OF ITS POLITICAL SUBDIVISIONS, ANY COURT OR THE FEDERAL
GOVERNMENT THAT IS OTHERWISE REQUIRED BY LAW.

Sheila, Apr 04 2014 on funnymonkey.com

I'm sorry Bill... you've been so patient with me! What NY describes as an "SLISP" sounds an awful lot like eScholar which as you previously noted, has been in place since 2004:

"SHARED LEARNING INFRASTRUCTURE SERVICE PROVIDER" OR "SLISP" SHALL MEAN ANY ENTITY THAT COLLECTS, STORES, ORGANIZES, OR AGGREGATES STUDENT INFORMATION AND CONTRACTS WITH OR ENTERS INTO AN AGREEMENT WITH THE DEPARTMENT FOR THE PURPOSES OF PROVIDING STUDENT INFORMATION TO A DATA DASHBOARD OPERATOR FOR USE IN A DATA DASHBOARD. PROVIDED THAT THE TERM SLISP SHALL NOT INCLUDE BOARDS OF COOPERATIVE EDUCATIONAL SERVICES OR REGIONAL INFORMATION CENTERS OPERATED BY BOARDS OF COOPERATIVE EDUCATIONAL SERVICES OR OTHER PUBLIC ENTITIES."

What in this legislation differentiates eScholar from inBloom?

Paul Smith, Apr 07 2014 on funnymonkey.com