The Echo

From the New York Times, http://mobile.nytimes.com/2013/10/06/business/deciding-who-sees-students-data.html, surprising updates on InBloom, yep, that company that capitalist that claims its been unfairly maligned.  InBloom got a foot up when the feds rewrote the Family Educational Rights and Privacy Act to "permit schools to share student data, without notifying parents, with companies to which they have outsourced core functions like scheduling or data management." Only in Delaware, the intention was always really a bastardization of the new regs - DOE feeding our children's data to InBloom who in turn parcels it to the educational product market that converts it to even more data points for our schools to have to buy back.

Rachel Strickland says it well -  “It’s a new experiment in centralizing massive metadata on children to share with vendors,” she said, “and then the vendors will profit by marketing their learning products, their apps, their curriculum materials, their video games, back to our kids.” Of course, Rachel is just a mother, she doesn't even get notified to whom her child's data is shared thanks to those FERPA rewrites that have paved the way for the "innovations" that have led to this huge edu-funding consumptive metafile blob in the sky.

WHEN Cynthia Stevenson, the superintendent of Jefferson County, Colo., public schools, heard about a data repository called inBloom, she thought it sounded like a technological fix for one of her bigger headaches...

InBloom, a nonprofit corporation based in Atlanta, seemed to offer a solution: it could collect information from the district’s many databases and store it in the cloud, making access easier, and protect it with high-level encryption...

“We are joining the new generation of data management,” Dr. Stevenson said enthusiastically in the March issue of “Chalk Talk,” the school district’s newsletter for parents.
She did not imagine that five months later, she would be sitting in a special school board meeting in the district’s headquarters, listening as a series of parents, school board members and privacy lawyers assailed the plan to outsource student data storage to inBloom. What troubled the naysayers at that August session was that the district seemed to be rushing to increase data-sharing before weighing the risks of granting companies access to intimate details about children. They noted that administrators had no policies in place to govern who could see the information, how long it would be kept or whether it would be shared with the colleges to which students applied...

Jefferson County is not the only place where parents have challenged the adoption of inBloom. Parents in Louisiana raised a ruckus after discovering that their children’s Social Security numbers had been uploaded to inBloom. In April, Louisiana officials said they would remove all student data from the database. Of the nine states that originally signed up this year to participate, just three — Colorado, New York and Illinois — are actively pursuing the service....

Quick Link to the Press Release Naming the 9 Original including Delaware:   https://www.inbloom.org/inbloom-launch; leaves the question open - Has Delaware backed away or is our state waiting til the national fights has gone out of the parents?

As far as Dr. Stephenson's district,

concerns about privacy and liability have forced the district to slow down and really think about the use of inBloom. Jeffco’s current service agreement says the data repository doesn’t guarantee that its electronic files on students are not susceptible to intrusion or attack. Other districts in Colorado, and in other states, are closely watching Jeffco as they consider participating themselves. Dr. Stevenson, who was initially reluctant to allow parents to opt out of inBloom, fearing it would be too expensive and technologically cumbersome, recently notified them that they would have that option. On the advice of privacy advocates and parents, she has also revised her original plan to upload student disciplinary data to inBloom.

Dr. Stevenson acknowledges that the district must develop policies to specify which data elements to upload to inBloom and the conditions under which they could be shared with vendors. The district has set up a data management advisory council, which includes some parents who work in data security and compliance. To everyone’s frustration, there are no accepted national guidelines to follow because, until now, K-12 school districts have largely managed their own data storage.

 That means each inBloom client must develop its own policies.

And what all of this means, is that the CSD policy on student data that the CSD news noted last week, doesn't go nearly far enough to notify parents of the potential that their children's data will be shared without notification to them and that the recipients of that personal and identifiable data, though deemed acceptable educational entities by the feds and/or state,  may be private and completely unsecure. 

Would you like a cup'o'jack with that kids social security number?