Is Your School Directly Sharing Student Data with Third Parties? That’s Clever.
Have you asked your school officials about who your child’s data is being shared with what data is shared and for what reason? Do they get that glazed look and tell you they don’t really know? I’ve heard from parents that many times their administrators deflect the question and just say that they are doing whatever their state agency tells them to do. They have no idea what data is being collected, who it is going to and why.
That might not be true. Look at this from twitter:
The link for the tweeted article is here. Data is shared directly from school Student Information Systems (SIS) to Clever which, for a fee from third-party developers:
parses that information and wraps it all together in a neat way that’s easily accessible. Clever gives trusted third-party developers a way to access that data and build new applications that can help teachers access and analyze the data they have.
More from Business Insider:
BI: How do you capture that data?
TB: We interface with all the systems that schools run on today, they’re called student information systems. Those have information about students, attendance, grades, everything. We bring it out, clean it up and provide a modern way for developers to access it [an API, or application programming interface]. This is one of the most beautiful APIs that I’ve seen in education. This isn’t an industry where things are usually moved around with APIs.
Clever is a service that makes it easier for schools to use many popular education technology products. It works by providing a simple developer interface (API) for third party education technology software to access important data from Student Information Systems (SIS) used by schools. This data can then be used by third party products to deliver services with less hassle. For instance, a software gradebook could automatically populate itself with the student roster instead of having a teacher manually entering that data in.
Clever gives schools control over what student data is shared with software developers, so that only products approved by the school gain access to sensitive data. Similar to the example above, by using Clever school leaders do not have to make individual updates when students change classes. It can also enable schools to run realistic tests of education technology products to assess whether they will be effective for their students.
Clever makes its software freely available to schools. Instead it charges a fee when other software developers who use its software to connect to schools.
In January 2013, after approximately 8 months of offering their service, Clever said its technology was being used by 3,000 schools. According to a December 2013 New York times article, Clever reports that the number of schools using it’s products has increased to 15,000 schools.
According to businessinsider.com and edsurge.com, the school does share sensitive and personally identifiable data with Clever for these third parties’ product development and services. Did you give the school permission to share your child’s data? What happens if the sensitive data is taken from one of the third party vendors? From A Clever Way To Share Student Data:
“We’re putting schools in control of their data and making it easier to share it when they choose to,” says Tyler Bosmeny, Clever’s co-founder and chief executive.
Clever has dramatically speeded up the once onerous task of connecting to schools’ data systems. Liang-Vergara says that he’s seen software vendors’ eyes light up when he asks if they will use Clever’s API to connect to his school’s data. “They say, ‘That’s an easy step for us,’” and it works, he says.
Vendors have been asking him to verify that Clever is sending them accurate data–and so far, he says, it’s been checking out. And when partners use Clever’s software to connect with schools, they in turn, share a slice of the revenue they make with Clever.
“There’s no greater challenge that a young software company faces that selling into schools,” says Deborah Quazzo, chief executive of GSV Advisors. “Selling into the schools and districts via partners [with other software companies] is very smart,” she says.
….Even with growing concern about the privacy of student data, more and more school districts are turning to software developers to help their students meet the math and ELA standards of the Common Core.
Under NCLB and the Common Core, students are required to demonstrate proficiency with respect to specific Math and ELA standards at each grade level.
Many reformers continue to claim that excessive standardized testing and the efficacy of the Common Core Standards are two separate issues despite the fact that the chief architect of the standards has explained that the standards were written to be tested and teachers are expected to teach to the test.
The Common Core testing regime is designed to annually identify those students who have not successfully mastered grade level math and ELA standards and those teachers (via VAM) who are not performing up to those standards.
Yes, we have had learning standards before, but parents and teachers also understood that students are not standardized and they will learn and acquire new skills in their own way and at their own pace.
One year a student may lag behind in a subject area and the next year when they are cognitively and developmentally ready they may jump ahead of other learners. That is why grade-span testing is a more reliable means of measuring student learning but not as profitable for vendors selling customized and “personalized” software solutions.
Is Clever (or other such company) in your school? What schools are Clever synced to? If you are in Missouri and your school uses Tyler Technology or Infinite Campus, you may want to ask your superintendent and school board what information is being shared with third parties such as Clever, for what reason and does he/she have your permission for your child’s data to be shared. Also ask your superintendent and school board who is responsible for any data breaches that might occur:
If your superintendent and school board can’t give you the answer on the legal obligation for data breaches that may occur, give them a copy of the National School Board Association’s report embedded in the article below stating that districts should be hiring a Chief Privacy Officer and lawyer to handle any data breach:
Here’s what the NSBA press release says about the local school board responsibilities in having to guard private student data:
Posted: 28 Apr 2014 02:00 PM PDT
As school districts increasingly move to cloud computing instead of on-site data storage, the National School Boards Association (NSBA) and its Council of School Attorneys (COSA) have released a guide for school boards introducing the legal issues associated with protecting student data and suggesting best practices.
The guide, “Data in the Cloud,” seeks to raise awareness of student data privacy concerns, and to provide a framework for comprehensive student data privacy approaches in school districts.
The guide notes that cloud computing applications offer ease of use and accessibility, but come with the potential for loss of privacy and increased liability, as personal information is transferred to the application.
“School boards should consider starting a discussion with school district staff and their communities about building a comprehensive student privacy protection program,” said NSBA Executive Director Thomas J. Gentzel. “This guide is a helpful tool for school boards as they review and potentially rethink policies related to data and student privacy.”
The guide uses a question-and-answer format to explain the relevant terminology, recent academic research, the breadth of software offerings, important legal requirements, and additional resources available to school board members and school lawyers.
“The legal requirements that could potentially govern student data privacy are still evolving,” said Greg Guercio, COSA Chair. “The school law requirements section of this guide is a key asset for school districts and their attorneys. Current laws still leave plenty of room for interpretation on student privacy, making it is essential for district leaders to ask the right questions and understand potential problems.”
Recommendations for school boards include:
• Identify an individual district-wide Chief Privacy Officer (CPO), or a group of individuals with district-wide responsibility for privacy;
• Conduct a district-wide privacy assessment and online services audit;
• Establish a safety committee or data governance team that includes the school or district’s Chief Privacy Officer to work with the school community, recommend policies and best practices, and serves as the liaison between the school district and the community on privacy issues;
• Regularly review and update relevant district policies and incident response plans;
• Consistently, clearly, and regularly communicate with students, parents, and the community about privacy rights and district policies and practices with respect to student data privacy;
• Adopt consistent and clear contracting practices that appropriately address student data; and
• Train staff to ensure consistent implementation of school district’s policies and procedures.
Who is responsible for the data gathering and sharing of your child’s personal information? What is being shared, with whom and for what reason? Your school may have more answers than it is telling you. From businessinsider.com, your school has to authorize permission to Clever for it to move any data to a provider:
BI: What about security? Has there actually been a lot of interest?
TB: Before any data is moved, a school authorizes Clever to send data to a provider before Clever will do it. We launched in June. We were in basically no schools. We were in around four. Paul Graham gave us a goal of being in 40 schools by Demo Day. On Demo Day, we announced that we had hit 1,100 schools. There has been so much pent-up demand for this, it’s grown in ways that we could never imagine.
Published October 12, 2014