I wondered how much data Hillsborough County Public Schools (HCPS) shares. What I found was the below excerpt in an agreement that HCPS has with a third party. The document was obtained through a public records request.
“Recipient” is a third party software services company. The above paragraph seems to provide no limitations on what could be disclosed from personnel records.
What about student records? The agreement seems to contradict itself. It says: “No other personally identifiable student information [PII] will be disclosed to Recipient.” But it also says disclosure is “not limited to” the confidential student information it lists. “No other” of an unlimited list is still unlimited.
We can safely assume the vendor stores more student information than what is itemized in that list; for example: teacher name. The U.S. Department of Education’s Privacy Technical Assistance Center (PTAC) explains in a 2013 document that student PII can include:
“…sensitive and non-sensitive information that, alone or combined with other information that is linked or linkable to a specific individual, would allow identification.”
Given that, it seems likely that teacher name is also personally identifiable student information (and parent name, parent phone number, etc.)
The school district has not provided any way for parents to opt their children out of data collection and aggregation products or services, and has refused to allow parents to opt out children when requested.
Hillsborough County School District must reconsider its agreement that allows a 3rd party’s bi-directional tool from having direct access to the school district’s system of record, especially if independent security experts have not inspected and validated the security and activities of that bi-directional tool. This bi-directional tool seems to be described in a 2014 EdSurge article as a company secret.
If hackers or other malicious actors access a tool through potential vulnerabilities, they can continue probing for more software vulnerabilities and potentially gain access to even more data. Should a bi-directional tool from an out of country vendor have access to “take data” from and write data to a U.S. school district’s system of record? How secure is it?
Teachers, have you discussed this with your union?
Parents, ask the district exactly what specific data this bi-directional tool can access once in the district’s system(s) of record. If this tool contains security vulnerabilities, then how secure is student data in the various systems of record against bad actors? Is the privacy of your child’s sensitive information protected now, what about 15 years from now?