As state legislative sessions have now wrapped up and we hurdle toward the November elections, DQC shares an update on privacy developments at the state and federal levels.

Federal Update

  • After a whirlwind few weeks, Sens. Daines, R-Mont., and Blumenthal’s, D-Conn., SAFE KIDS Act, designed to govern online education service providers, was not marked up by the Commerce Committee in September despite efforts to include the bill. As a reminder, the SAFE KIDS Act is similar to Reps. Polis, D-Colo., and Messer’s, R-Ind., Student Digital Privacy and Parental Rights Act and to California’s 2014 Student Online Personal Information Protection Act. Sens. Blumenthal and Daines had been pushing for a markup for months, but ultimately faced limited interest from their colleagues who are facing numerous other legislative priorities and a continuously developing landscape of state privacy legislation.
    • More movement on the bill is unlikely this year given other federal priorities, but stay tuned as we still expect to see more House and Senate attention to student data privacy legislation in 2017.
  • The Commission on Evidence-Based Policymaking has convened and begun holding public meetings. Over the next 18 months the commission is charged with studying how the federal government can best organize and analyze data to improve public policy and will issue recommendations on a number of issues including whether the federal government should establish a clearinghouse for program and survey data. The commission will also study how best to ensure confidentiality of data and protect individuals’ privacy.
    • DQC’s own Aimee Guidera testified at the commission’s September 9 meeting, which focused on data privacy and security. Aimee urged the Commission to consider the needs data stakeholders and ensure that their work provides real value and builds trust with the public. Aimee also made a series of recommendations based on DQC’s Four Policy Priorities to Make Data Work for Students. Materials from the meeting, including Aimee’s slides and recommendations, can be found on the commission’s website.
    • On Oct. 21, the cCommission kicks off a national tour of public meetings where they will hear from the public about their work. We urge you and your partners to attend any of these meetings and share your perspective on the value of data and what you would like to see come out of the commission’s work. DQC is happy to provide talking points and preparation assistance if you’re interested in talking.
    • The commission has also requested public comments on several questions related to its scope and process. DQC will submit comments and guidance on the commission’s work and welcomes sign-ons from other organizations. In addition we urge you to submit your own comments on any questions related to your work and expertise.
  • Stay tuned for DQC’s recommendations for the new administration; we expect to release by Nov. 1.

State Update

ADVERTISEMENT

Syrenis data privacy metrics ad
  • State legislative sessions are winding down and DQC has released its annual review of the student data privacy legislation states considered. For the third consecutive year, student data privacy was a priority issue for state legislatures across the country, though as expected, states passed fewer student data privacy bills into law than they did in 2014 and 2015. See below for some high level takeaways and the full report for details.
    • In 2016, 34 states considered 112 bills explicitly addressing student data privacy. Twenty of the 34 states considered numerous bills.
    • This year 18 student data privacy bills have been signed into law in 15 states.
    • This means that since 2014, states have considered more than 400 student data privacy bills.
  • While this year we saw more diversity and a broader scope of issues being considered, ultimately states were most focused on familiar themes: the role of service providers, establishing governance, and increasing transparency.
  • While many of the themes were familiar, the privacy conversation has evolved since 2014, and now states have the ability to borrow from each other: California’s 2014 Student Online Personal Information Protection Act, the first to legislate the permissible activities of online school service providers in the digital age, served as a model for many states this session. Most of the states that passed new laws in 2016 had already passed a student data privacy law, a sign that states are building on prior efforts.
  • A significant indicator of how the privacy conversation has evolved is the growing proportion of bills that seek to protect privacy by implementing data governance provisions. When privacy became a hot topic in state legislatures in 2014, less than 50 percent of the introduced bills sought to effectively govern data and when and how it can be collected, accessed or used. This year, more than 80 percent of state bills adopted a governance approach. This is an astonishing change and true testament to the work of so many of you to show the value of data and how safeguarding privacy is an integral part of effective data use, not a challenge to it.