Aug 272015
 August 27, 2015  U.S., Youth & Schools No Responses »

Benjamin Herold and Michelle R. Davis report:

School districts and the companies that work with them need to put a greater emphasis on ensuring that the massive amounts of student data collected every year are cleared of identifying information before records are shared or released to outside organizations.

While many districts and vendors are contemplating how to keep student information confidential, the “de-identification” of sensitive student data is not always technically simple to do, and a lack of resources means some districts are ill-equipped for the task, said Jules Polonetsky, the executive director of the Future of Privacy Forum.

Read more on Government Technology.

Aug 272015

Anya Kamenetz reports:

…. A three-year-old San Francisco-based startup called Clever is catching on in schools by offering a digital-age solution to all these digital-age problems.

The company announced this week that its application has been adopted by 44,000 schools across the country, or approximately one-third of the nation’s public and private schools. It’s nearly unique for its services offered; one partial competitor is the nonprofit EdFi Alliance.

“Clever does two things,” explains Tyler Bosmeny, co-founder and CEO. “It helps apps integrate with student information systems and gives students and teachers a single sign-on for all of them.”

The single sign-on brings convenience; the integration part addresses issues of security and privacy.

Read more on NEPR.

Aug 272015
 August 27, 2015  Non-U.S. No Responses »

From the Office of the Privacy Commissioner for Data Protection of Hong Kong:

The 2015 District Council Election will be held on 22 November. The Office of the Privacy Commissioner for Personal Data (“PCPD”) reminds candidates and their election agents to comply with the Personal Data (Privacy) Ordinance (the “Privacy Ordinance”) when collecting and using personal data in electioneering activities.

From the beginning of 2012 to August 2015, the PCPD has received 97 enquiries and 200 complaints relating to electioneering activities. In most of the cases, the complainants were dissatisfied that their personal data was used in electioneering activities without their consent. The PCPD has updated its Guidance Note on Electioneering Activities (the “Guidance Note”) to provide candidates and/or their election agents with practical guidance on compliance with the requirements under the Ordinance.

When engaging a third party in electioneering to process the personal data of voters, candidates and election agents must use contractual or other means to ensure that:
a) any personal data transferred to the data processor is not kept longer than is necessary;
b) the personal data is not used for a purpose other than the one for which the data was collected; and
c) reasonable and practicable steps are implemented to protect the personal data from unauthorised or accidental access, processing, erasure, loss or use.

Meanwhile, the PCPD reminds election candidates that they:
i) should collect adequate but not excessive personal data for electioneering purpose (e.g. Hong Kong Identity Card number should not be collected);
ii) should not collect personal data by deceptive means or by mis-representing the purpose of the collection (e.g. collecting personal data in the pretext of opinion poll or assisting citizens to apply for government welfare);
iii) should, before using personal data from sources other than the voter register for electioneering purpose, obtain express, voluntary and well-informed consent from the data subjects (e.g. the registered voters);
iv) should ensure security of personal data collected and guard against accidental or unauthorised access by unrelated parties; and
v) should destroy the personal data after completion of all the electioneering activities.

The updated Guidance Note will be sent to candidates of District Council Election. It can also be downloaded from the PCPD’s website (www.pcpd.org.hk/english/resources_centre/publications/files/electioneering_en.pdf); a copy of which could be obtained from the PCPD office (12/F, Sunlight Tower, 248 Queen’s Road East, Wan Chai, Hong Kong).

Aug 272015

David McCabe reports:

A major tech trade group expressed concerns Thursday with a House student privacy bill that it said would “create undue costs for our member companies” without sufficient benefit to any involved party.

The legislation in question is an update of the Family Education Rights and Privacy Act, the main federal law that protects student privacy. The House version of the Student Privacy Protections Act includes provisions that require parties under the law, such as companies that provide technological tools to schools, to notify parents of data breaches.

But The Internet Association said in a Thursday letter to leaders of the House Education and Workforce Committee and the bill’s sponsors that the requirements were too broad.

Read more on The Hill.