As technology transforms every facet of our lives, educators are implementing exciting new tools that will help our children learn the critical skills they need and prepare them for the 21st Century economy. California has taken the lead once again in ensuring these new innovations are incorporated into our classrooms in ways that maintain and protect student privacy.
The fight to protect our kids' privacy has become a multi-front war. With businesses ranging from app makers to educational software companies to tech giants like Google and Facebook all gathering reams of information about their users, it takes increased vigilance to maintain our fundamental right to protect our privacy.
The use of technology in the classroom and cloud storage of data such as performance records, health information, and contact information continues to change the privacy landscape. Thankfully lawmakers in California have been at the forefront of efforts to enhance privacy protections -- particularly for our children. Last week, Gov. Jerry Brown took the opportunity to cement the state's role as a leader in kids' privacy protection by signing the Student Online Personal Information Protection Act (SOPIPA).
The bill, SB 1177 authored by Sen. Darrell Steinberg (D-Sacramento), will strengthen privacy protections for the personal information of students, and will fundamentally alter and improve business practices across the education technology software industry, which has become a growing, $8 billion business nationally.
The measure will prohibit K-12 websites, online services and apps from using students' personal information for targeted advertising or creating a commercial profile of any student and prohibit the selling of a student's information. The legislation will also require K-12 websites, services and apps to maintain reasonable security procedures for students' personal information, and to delete the information upon the school's request.
These protections are long overdue. While technology has created exciting new tools for teachers, parents and students, we must be sure they are being used in ways that protect students' privacy. In this rapidly changing technological landscape, regulation has too often failed to keep pace, as school districts across the country race to incorporate technology into their classrooms and curricula.
Although other states recently enacted laws that regulate ed tech contracts or certain types of cloud-service vendors, California's new law is the only one that will cover a broad range of K-12 focused websites, services and apps, whether a contract exists or not.
SOPIPA will permit innovation without encroaching on student privacy because it will allow the use of de-identified K-12 student info internally to improve educational products and services and to demonstrate the effectiveness of the products. It will also allow sharing of aggregated de-identified student info for development and improvement of educational sites, services, and apps. The key is that the data can still be used to improve educational products and services without being linked to specific students. So in fact the passage of SOPIPA is a win for the technology industry as well as it will establish creditability in the minds of students, parents and educators. These consumers will have confidence that their data will be protected and thus allow the ed tech movement to flourish.
SOPIPA will cover not just the larger ed tech and cloud service providers that operate under contract with schools, but also the smaller K-12 ed tech websites, services and apps that may be used without a contract.
The SOPIPA legislation is part of a privacy trend in California. Last year, the state helped drive the national discourse on kids' privacy by enacting SB 568, also by Sen. Steinberg, which in effect gives minors an "eraser button" that allows them to delete information they posted on various websites, online services, and online or mobile apps. Most recently AB 1584, introduced by District 16 Assemblymember Joan Buchanan, was passed both chambers unanimously and also signed last week by Gov. Brown and will serve as a companion piece to SB 1177 by requiring specified privacy-related provisions in contracts between a K-12 education agency and a third-party provider. These legislative accomplishments highlight the vanguard role California is playing in establishing clear rules of the road for protecting our children's sensitive information from commercial exploitation and from falling into the wrong hands. It is fully my expectation that as the Golden State leads so others will follow.