Privacy and Data Sharing
in Higher Education:
Open your Data, not Pandora’s Box
August 9, 2012
2012 SHEEO Higher
Education Policy
Conference
Kathleen M. Styles
Chief Privacy Officer
U.S. Department of Education
Presentation Overview
 Privacy Basics and History
 FERPA Review and Update
 Data-Sharing
 Hot Topics
 Resources and Additional Information
2
Privacy Basics
 Privacy versus Confidentiality
 Civil liberties
 Intimacy
 The right to be let alone
 Information privacy
3
Privacy: Where it Began
 Concept of Privacy arose with cities
 Emerging need to be able to identify individuals
 Technology is a game changer
 1890 Harvard Law Review
 Databases
4
National Data Bank Proposal
 Idea originated in 1965 with the
Bureau of the Budget
 Goal = Efficiency
 Proposal grew from 4 agencies into a massive
cradle-to-grave electronic database
 Public opposition and Congressional Hearings
→ 1968 dropping of proposal
 Some privacy advocates now conclude that
killing this proposal was a mistake
5
Databases – Great tools
 Efficiency
 Evidence-based answers to complex problems
 A strong history for protection of statistical
databases
 Secure identification could have benefits
6
Databases – Common Criticisms
 Historical abuses
 Why do they need to know that?
 What Congress grants, Congress
can take away
 Repurposing data
 Breaches
7
FIPs – Five Principles
 No record keeping systems whose very
existence is secret
 A way to find out what information is in the system
and how it is used
 A way to prevent information obtained for one
purpose being used for another without consent
 A way to correct a record about you
 Organizations with databases must assure
the reliability of the data, and prevent misuse
8
Breaches by Educational
Institutions
 No good data on breaches in education
 Sense that it is a growing problem
 Do you have to report breaches to ED?
9
Things to Remember
A partial list of things to remember:
 Correcting data
 Re-identification
 Governance
 Culture of confidentiality
 Transparency
10
FERPA Update & Review
11
Background on Student Privacy
 1974 Family Educational Rights and Privacy
Act (FERPA)
 Move to electronic records
 State longitudinal databases/accountability
 2009 Fordham University report
 New risks and vulnerabilities
12
Recent FERPA Amendments
 Final FERPA regulatory changes
– Effective January 3, 2012
– Legal challenge: EPIC v. U.S. Dept. Education
 Expanded requirements for written agreements
and enforcement mechanisms to help
– Ensure program effectiveness
– Promote effectiveness research
– Increase accountability
13
Our Favorite FERPA Quote
“You know how sometimes FERPA
can tie your brain in a knot trying to
think through
it all?”
Received in an email to PTAC
FERPA – Access & Consent
 Gives parents (and eligible students) the right to
access and seek to amend their children’s
education records
 Protects personally identifiable information (PII)
from education records from unauthorized
disclosure
 Requirement for written consent before sharing
PII – unless an exception applies
15
Education Records
 FERPA regulations define education records as
those records that are:
– Directly related to a student; and
– Maintained by an educational agency or
institution or by a party acting for the agency
or institution.
16
Exceptions
 Exceptions from the consent requirement for:
– “Directory Information”
– “Studies”
– “Audits and Evaluations”
– Health and Safety Emergencies
– And other purposes as specified in §99.31
17
18
Studies Exception
 “For or on behalf of” schools, school districts, or
postsecondary institutions
 Studies must be for the purpose of
– Developing, validating, or administering
predictive tests; or
– Administering student aid programs; or
– Improving Instruction
19
Audit/Evaluation
Data can only be shared in order to
– Audit or evaluate a Federal- or Statesupported education program; or
– Enforce or comply with Federal legal
requirements that relate to those education
programs
20
Working with the New FERPA
Regulations: Key Lessons
 Audit/Evaluation: Is the program being evaluated
an “education program?” (as opposed to a child
welfare program, e.g.)
 Audit/Evaluation: Are you proposing to use the
shared data only for evaluation purposes? (as
opposed to using the data for a program)
Remember! We’re from the Government.
We’re here to help!
21
Should You Share Data?
FERPA allows postsecondary institutions to share
data. It does not REQUIRE data sharing. You have
to decide whether data sharing is appropriate.
Why Share Data?
 Improving the delivery of education services
 Designing better programs, using available
information
 Coordinating across educational levels (High
School → Higher Ed → Workforce) to improve
student preparation and achievement
23
When Should You Share Data?
Okay, so you’ve determined that no law precludes
the data sharing. When should you do it?
 When there is a legitimate (and authorized)
educational purpose
 When non-confidential data are not available/not
sufficient
 When adequate mechanisms are in place to
ensure the protection of the data
24
How Should You Share Data?
 Develop a data governance process – don’t reinvent the wheel each time you get a request
 Share only the information necessary for the
project
 Use written agreements (see “Guidance on
Reasonable Methods and Written Agreements”)
 Pay attention to disclosure avoidance when
publishing results
 Be transparent – share results
25
Hot Topics





Analytics and “Big Data”
“Smart Disclosure”
Researcher Access
Publishing Data
Priorities for the coming year
26
Analytics and Big Data
 Big Data = shorthand reference to massive
amounts of digital information + increase in
computing power
 Allows users to track progress in large systems,
and potentially across institutions
 Available for more than reporting: pattern
recognition, learning prediction, business
intelligence, resource optimization, etc.
27
Whoa! Have you forgotten
whose data this is?
 Raises novel issues for privacy, legal compliance,
and ethics
 FERPA – Consider the school official exception
 FERPA – Remember re-identification risk
 Beyond FERPA -- Consider privacy best
practices. Are students aware of what you’re
doing with their information?
28
“Smart Disclosure”
 Also called “My Data” buttons
 FSA is exploring options
 Allows users to download their own data, and reupload it onto mobile aps
 Privacy issue: sometimes it’s not just your data
 Privacy issue: sometimes teenagers (and adults!)
don’t make smart decisions about re-disclosure
29
Researcher Access
 NCES has been licensing confidential data to
researchers for several decades
 Working to expand this to include ED
program data
 July 2012: “Forum Guide to Supporting Data
Access for Researchers”
30
Publishing Data: It’s all
about risk
“The release of any data usually entails
at least some element of risk.
A decision to eliminate all risk of
disclosure would curtail [data] releases
drastically, if not completely. Thus, for
any proposed release of [data] the
acceptability of the level of risk of
disclosure must be evaluated.”
Federal Committee on Statistical Methodology,
“Statistical Working Paper #2”
31
What’s next?




New Director in FPCO – Dale King
Guidance, guidance and more guidance
More training
Introducing efficiencies
32
Best Practices and Guidance
Resources
Already issued:
 Guidance on Reasonable Methods and Written
Agreements
 January 2012 Webinar on Data Sharing
 Data Governance and Stewardship
 FAQ: Cloud Computing
 Case Study 1: High School Feedback Report
 Identity Identification: Best Practices
33
Best Practices and Guidance
Resources
Coming Soon:
 Downloadable video training: “FERPA 101 for
Colleges and Universities”
 Case Study 5: Disclosure Avoidance and
De-identification (tentative title)
 Breach Response Checklist
We need your input. What else can we do to
help improve privacy and FERPA administration
at your schools?
34
Contact Information
35