Privacy and Data Sharing in Higher Education:

Open your Data, not Pandora’s Box

August 9, 20122012 SHEEO Higher Education Policy Conference

Kathleen M. StylesChief Privacy Officer

U.S. Department of Education

2

Presentation Overview

Privacy Basics and History

FERPA Review and Update

Data-Sharing

Hot Topics

Resources and Additional Information

3

Privacy Basics

Privacy versus Confidentiality

Civil liberties

Intimacy

The right to be let alone

Information privacy

4

Privacy: Where it Began

Concept of Privacy arose with cities

Emerging need to be able to identify individuals

Technology is a game changer 1890 Harvard Law Review Databases

5

National Data Bank Proposal

Idea originated in 1965 with the Bureau of the Budget

Goal = Efficiency Proposal grew from 4 agencies into a massive

cradle-to-grave electronic database Public opposition and Congressional Hearings

→ 1968 dropping of proposal Some privacy advocates now conclude that

killing this proposal was a mistake

6

Databases – Great tools

Efficiency Evidence-based answers to complex problems A strong history for protection of statistical

databases Secure identification could have benefits

7

Databases – Common Criticisms

Historical abuses

Why do they need to know that? What Congress grants, Congress

can take away

Repurposing data

Breaches

8

FIPs – Five Principles

No record keeping systems whose very existence is secret

A way to find out what information is in the system and how it is used

A way to prevent information obtained for one purpose being used for another without consent

A way to correct a record about you Organizations with databases must assure

the reliability of the data, and prevent misuse

9

Breaches by Educational Institutions

No good data on breaches in education

Sense that it is a growing problem

Do you have to report breaches to ED?

10

Things to Remember

A partial list of things to remember:

Correcting data

Re-identification

Governance

Culture of confidentiality

Transparency

11

FERPA Update & Review

12

Background on Student Privacy

1974 Family Educational Rights and Privacy Act (FERPA)

Move to electronic records

State longitudinal databases/accountability

2009 Fordham University report

New risks and vulnerabilities

13

Recent FERPA Amendments

Final FERPA regulatory changes – Effective January 3, 2012 – Legal challenge: EPIC v. U.S. Dept. Education

Expanded requirements for written agreements and enforcement mechanisms to help– Ensure program effectiveness – Promote effectiveness research – Increase accountability

Our Favorite FERPA Quote

“You know how sometimes FERPA can tie your brain in a knot trying to

think through it all?”

Received in an email to PTAC

15

FERPA – Access & Consent

Gives parents (and eligible students) the right to access and seek to amend their children’s education records

Protects personally identifiable information (PII) from education records from unauthorized disclosure

Requirement for written consent before sharing PII – unless an exception applies

16

Education Records

FERPA regulations define education records as those records that are: – Directly related to a student; and – Maintained by an educational agency or

institution or by a party acting for the agency or institution.

17

Exceptions

Exceptions from the consent requirement for:– “Directory Information”– “Studies”– “Audits and Evaluations”– Health and Safety Emergencies– And other purposes as specified in §99.31

18

“Research Exception”

19

Studies Exception

“For or on behalf of” schools, school districts, or postsecondary institutions

Studies must be for the purpose of– Developing, validating, or administering

predictive tests; or– Administering student aid programs; or– Improving Instruction

20

Audit/Evaluation

Data can only be shared in order to– Audit or evaluate a Federal- or State-

supported education program; or– Enforce or comply with Federal legal

requirements that relate to those education programs

21

Working with the New FERPA Regulations: Key Lessons Audit/Evaluation: Is the program being evaluated

an “education program?” (as opposed to a child welfare program, e.g.)

Audit/Evaluation: Are you proposing to use the shared data only for evaluation purposes? (as opposed to using the data for a program)

Remember! We’re from the Government. We’re here to help!

Should You Share Data?

FERPA allows postsecondary institutions to share data. It does not REQUIRE data sharing. You have

to decide whether data sharing is appropriate.

23

Why Share Data?

Improving the delivery of education services Designing better programs, using available

information Coordinating across educational levels (High

School → Higher Ed → Workforce) to improve student preparation and achievement

24

When Should You Share Data?

Okay, so you’ve determined that no law precludes the data sharing. When should you do it? When there is a legitimate (and authorized)

educational purpose When non-confidential data are not available/not

sufficient When adequate mechanisms are in place to

ensure the protection of the data

25

How Should You Share Data?

Develop a data governance process – don’t re-invent the wheel each time you get a request

Share only the information necessary for the project

Use written agreements (see “Guidance on Reasonable Methods and Written Agreements”)

Pay attention to disclosure avoidance when publishing results

Be transparent – share results

26

Hot Topics

Analytics and “Big Data” “Smart Disclosure” Researcher Access Publishing Data Priorities for the coming year

27

Analytics and Big Data

Big Data = shorthand reference to massive amounts of digital information + increase in computing power

Allows users to track progress in large systems, and potentially across institutions

Available for more than reporting: pattern recognition, learning prediction, business intelligence, resource optimization, etc.

28

Whoa! Have you forgotten whose data this is? Raises novel issues for privacy, legal compliance,

and ethics FERPA – Consider the school official exception FERPA – Remember re-identification risk Beyond FERPA -- Consider privacy best

practices. Are students aware of what you’re doing with their information?

29

“Smart Disclosure”

Also called “My Data” buttons FSA is exploring options Allows users to download their own data, and re-

upload it onto mobile aps Privacy issue: sometimes it’s not just your data Privacy issue: sometimes teenagers (and adults!)

don’t make smart decisions about re-disclosure

30

Researcher Access

NCES has been licensing confidential data to researchers for several decades

Working to expand this to include ED program data

July 2012: “Forum Guide to Supporting Data Access for Researchers”

Publishing Data: It’s all about risk“The release of any data usually entails at least some element of risk. A decision to eliminate all risk of disclosure would curtail [data] releases drastically, if not completely. Thus, for any proposed release of [data] the acceptability of the level of risk of disclosure must be evaluated.”

Federal Committee on Statistical Methodology, “Statistical Working Paper #2”

31

32

What’s next?

New Director in FPCO – Dale King Guidance, guidance and more guidance More training Introducing efficiencies

33

Best Practices and Guidance Resources

Already issued: Guidance on Reasonable Methods and Written

Agreements January 2012 Webinar on Data Sharing Data Governance and Stewardship FAQ: Cloud Computing Case Study 1: High School Feedback Report Identity Identification: Best Practices

34

Best Practices and Guidance ResourcesComing Soon: Downloadable video training: “FERPA 101 for

Colleges and Universities” Case Study 5: Disclosure Avoidance and

De-identification (tentative title) Breach Response Checklist

We need your input. What else can we do to help improve privacy and FERPA administration

at your schools?

35

Contact Information