Wednesday, July 24, 2013
FAQ on inBloom Inc.: what is the state and your school district doing?
A shorter version of this FAQ was published in Schoolbook yesterday; please go leave a comment. A pdf version of the below you can download is here. And please make your voices heard by sending a letter to your school board, your elected officials, and the Regents about this important issue.
Just as the federal government has been far from forthcoming about its surveillance and data-mining of ordinary Americans, education officials in New York and elsewhere have been remarkably secretive about their plans to share substantial amounts of students’ personal information with a corporation called inBloom Inc., and through inBloom, with for-profit vendors.
Though Class Size Matters and our attorneys urged the New York State Education Department to hold hearings about their participation in this data-sharing project in October 2012, then called the “Shared Learning Collaborative,” the state replied that this was unnecessary because they had “made significant efforts to inform the public …and to provide details about what the system would do and how it works.” At the time, however, few if any parents or elected officials knew about their plans, and even now, many parents are not aware of the state’s intention to share their children’s most sensitive data with third parties. Moreover, the state has refused to answer many of our questions, including which data in particular is being shared, or respond to the concerns of parents.
Indeed, to this day much confusion persists. An editor of a major New York daily recently wrote to a reader that they were unable to confirm that any personal student information was going to be shared with third parties, and that this was only a “rumor.” Chancellor Walcott has repeatedly claimed at town hall meetings that “student information will remain confidential” and that “We will never, ever pierce student privacy.” Yet over the course of the last six months, contrary information has slowly leaked out via public documents, the media and the efforts of parent activists throughout the nation who have demanded answers. The following FAQ is meant to clarify what we now know about inBloom Inc. and their plans in New York and elsewhere in the country.
What is inBloom Inc.? inBloom Inc. is a non-profit corporation, funded by the Gates and Carnegie Foundations to the tune of $100 million, created to collect personally identifiable student and teacher data from states and districts and share it with vendors. The data is being stored on a cloud run by Amazon.com, with an operating system created by Wireless/Amplify, a subsidiary of News Corporation, owned by Rupert Murdoch. inBloom is planning to commercialize this data, with the agreement of states and districts, by offering it up to for-profit companies. All this is being done without parental notification or consent.
What states and districts are participating? According to its website, at least nine states originally planned to disclose their personal student data with inBloom. After protests, four states have now officially withdrawn or claim they never intended to share data in the first place: Louisiana, Kentucky, Delaware, and Georgia. In Illinois, schools in Bloomington and Normal are participating in data-sharing, and state officials say they intend to expand the program to 35 districts in 2014, including Chicago. The district superintendent in Jefferson County, Colorado insists she will start sharing data with inBloom in the fall of 2014. Massachusetts and North Carolina education officials, who were originally planning to upload student data for students who attend public schools in the city of Everett and Guilford County, respectively, now say they are reconsidering. New York is currently the only inBloom client that is sharing student data from the entire state at this point, at least as far as we know.
What is the status of the program in New York? According to the NYC Dept. of Education, the state has already transmitted student data to inBloom. By the fall of 2013, according to NYSED, all districts are supposed to sign up for an “Education Data portal” (now euphemistically renamed EngageNY portal), which is a “data dashboard” accessible to teachers and school administrators that will pull data from the inBloom cloud. The three companies with state contracts to receive personal student data for these dashboards are ConnectEDU (subcontractor CaseNex/Datacation), eScholar and NCS Pearson/Schoolnet. The NYSED fact sheet reports that these dashboards will be available for the school year 2013-2014; a more recent update from NYC DOE says that these dashboards and additional software “tools” will be ready “over the next year or so.”
What data is being shared with inBloom? inBloom Inc. is planning to collect about 400 student and teacher data points, going back as far as 2006. Many of these data points are highly sensitive and controversial. (A full list is posted here; and an excerpt is posted here.) New York State officials have said they are sharing student names, test scores, home addresses, grades, disciplinary and attendance data, economic and racial status, and “program participation”, including “whether or not a student is entitled to special education, 504 indicator, English Language Learner educational services and accommodations.” inBloom is also collecting teacher data, including names, addresses, social security numbers, and detailed employment histories, all linked to student test scores; whether New York is sharing this teacher data with inBloom is currently unknown.
NYSED officials told DOE that they would post online a complete “data dictionary” in June 2013, or a list of all the data elements they are providing to inBloom. Yet July is almost over and they have still not done so. At the same time, the state is also encouraging districts to upload even more personal student data into the inBloom cloud, and to sign up with more vendors who will provide “interoperable” learning products and be able to access this information directly.
For which students is the New York sharing data with inBloom? The state has uploaded the data of all New York public and charter schools into inBloom cloud, according to DOE officials.
Who has opposed this? Parents, teachers, advocacy groups and privacy experts throughout the country have protested this unprecedented plan to commercialize children’s most sensitive information and share it with private corporations and for-profit vendors. The organizations opposing this data-mining include Class Size Matters, the Learning Disability Association of New York, Alliance for Quality Education, New York State Allies for Education, the Coalition for Educational Justice, the Massachusetts branch of the American Civil Liberties Union, the Center for Commercial Free Childhood, and Citizens for Public Schools. These groups have pointed out that a breach of this highly sensitive information, or its inappropriate use, could put children’s safety at risk, or mar their prospects for life.
In New York, the NYC Comptroller, the Public Advocate, Assembly Speaker Sheldon Silver, as well as Cathy Nolan, chair of the Assembly Education Committee and Robert Jackson, the chair of the City Council Education Committee, and many other elected officials are on record against the state and city disclosing this data without providing parental notification or consent. Many Assemblymembers and State Senators of both parties oppose this plan.
Is this being done with parental consent? And if not, doesn’t this violate legal privacy protections? Though originally Stacy Childress of the Gates foundation wrote on the SLC website that “…Under federal law, school districts must manage and honor parent requests to opt out of programs that require the use of student data”, inBloom and Gates later reversed their position and said it would be up to states and districts to decide what their parental notification and opt out policies will be. According to a spokesman for the NY State Education Department, parents have no right to opt out or consent, because "when parents register a child for school. They give up” the right to keep their children’s information private. The DOE now claims that according to state guidelines, “there is no formal provision for parents to opt their children out of inBloom.”
NYSED defends its position by saying that they are compliant with FERPA, or the Family Educational Rights and Privacy Act, the federal law that governs student privacy. Yet FERPA’s regulations were rewritten and considerably weakened in 2009 and again in 2012, to facilitate the sharing of confidential student data without parental consent. The Electronic Privacy Information Center (EPIC) has filed suit in court against the US Department of Education, on the grounds that the federal government has rewritten and weakened FERPA’s regulations in a way that violates the language and original intent of the law.
What is the purpose of inBloom? According to the DOE, inBloom, along with the software tools it will provide to vendors, “will allow educators and families to use data to understand student needs and target instruction.” Having access to this data will supposedly make it easier for vendors to create and market their “personalized learning tools”. However, whether this will actually benefit students is unproven; as of yet, no online system of instruction or data analysis has been shown to improve student outcomes. In any event, there are multiple ways in which student data could be formatted in a uniform manner to make it easier for schools to acquire and operate software programs, without providing personal data to inBloom or any third party vendor.
What does inBloom have to do with the federal grant program called “Race to the Top” (RTTT)? States received many points in their RTTT applications if they agreed to create “data systems to support instruction.” If they were awarded these funds, they were supposed to use them to build these systems. This appears to explain why NYSED is now requiring that any district that received RTTT funds sign onto one of the “data portals” of the vendors that will have data from the inBloom cloud.
Yet many states that won RTTT funds are not sharing data with inBloom (for example, FLA, OH, MD, RI and TN) – and others that are did not win RTTT funds have signed up (CO, IL). In addition, RTTT certainly did not require any state to outsource their entire student data system to a private company, as it appears New York has done. In any case, whether or not a NY district received RTTT funds, its student data is being uploaded by the state into inBloom anyway.
Why does the state need to share this data with inBloom and/or vendors? Don’t many schools have “data dashboards” already? Yes, many schools already have contracts with companies to produce data dashboards, separate from inBloom. Yet school officials we have spoken to in NYC and the rest of the state insist that the current contracts they have do NOT allow vendors unfettered access to any personalized student data. Instead, these companies provide them with the software and the schools populate the data themselves. They also say the only time a vendor now might gain access to the data is if there is a technical glitch or virus, and then the vendor would have to be given a temporary password to go in and fix the problem, under strict security conditions. Presumably, once the inBloom plan is fully implemented and new contracts with vendors are signed, access to the data will no longer be under the strict control of individual districts or schools.
Some schools view the list of three companies provided by the state as unnecessarily restrictive, limiting their autonomy and squeezing out other companies that might have a better product. Other districts do not currently use data dashboards and see no need for them. But none of the district or school officials that we have spoken to believe there is any need for the sort of unfettered data sharing that is occurring with inBloom, under such unrestricted conditions, and believe that this represents a serious threat to the privacy and security of their students.
Didn’t ARIS provide data dashboards to NYC schools? Yes, the DOE spent $100 million building the ARIS data system that was supposed to produce many of the same benefits to teachers and students that are now being claimed that inBloom will provide. In fact, Sharren Bates, the Chief Product Officer of inBloom, was formerly in charge of the ARIS project for NYC DOE. Yet ARIS is now widely considered a failure, and according to independent studies, is rarely used by teachers or parents. In any event, the fact that DOE has said it will allow ARIS to lapse as soon as the new data dashboards are operable, “alone says a lot about their mismanagement”, according to a NYC principal, who added: “Ideally, had ARIS been built properly we would not be paying any vendor fees and schools could use that money in other ways to support students.”
How much will inBloom cost? Starting in 2015, inBloom says it will charge states and districts two to five dollars per student per year for storing the data and making it accessible to vendors. These fees do not count the additional costs charged by vendors if districts sign up for other software or hardware receiving data from the inBloom cloud. As of now, it is uncertain whether New York state or individual districts will be obligated to pay these fees; or if a district will be able to pull out of inBloom if it chooses not to cover the costs.
Is the data being sold? Currently, New York State and New York City are providing this very valuable personalized data to inBloom for free, and they, as well as inBloom, insist that the data will never be “sold.” However, inBloom’s board members and funders have said that inBloom is “exploring cost recovery partnerships with select vendors for the services that it provides.” If not selling the data, this could be likened to renting it out.
What about the security of the inBloom cloud? Though inBloom and NYSED claim that the cloud storage used in this project “exceed the security measures in place currently in most states and school districts,” this is highly debatable. Most districts and states keep personal student data on site, either in paper files or on localized systems, and do not upload it onto offsite clouds where it can be more easily hacked into.
Recently, the personal information of 50 million customers of Living Social, a discount company, was breached, after a cyber-attack on the Amazon.com cloud on which it was stored. A survey of technology professionals found that 86% do not trust clouds to store their more sensitive information. inBloom Inc. has itself warned that it “cannot guarantee the security of the information stored...or that the information will not be intercepted when it is being transmitted.” The more personalized data that is aggregated on a cloud the more attractive it is to hackers; and the more it is transmitted to vendors the more likely it is that it will breach or be used in an unauthorized manner. Disability and health data is considered particularly sensitive, and cannot be shared with third parties without parental consent if this information is contained in a child’s medical records rather than their educational files.
The state and DOE claim that school districts share personal student information “all the time.” Is this true? Unclear, but if so, it should never have happened and cease immediately. DOE has cited two examples in which NYC currently provides personal student information with vendors without consent: First, busing companies “receive a limited subset of data for special education students who require to be picked up from their home….the student’s name, home address, and other information about the student that is needed to provide the required services (e.g., knowing that a non-ambulatory student would require a wheelchair) in a smooth manner.”
Yet busing information is on a student’s IEP, or individualized education plan, which requires a parent’s signature, so it’s not clear this is provided without implied consent. In any event, it would be relatively simple for parents of children with disabilities to sign a separate consent form, giving their permission for this information to be shared with busing companies for the purpose of allowing them to transport their children to school.
The other example that DOE has offered is their disclose an array of personal data to CTB McGraw Hill, including “student ID, student first name, student last name, school location code, school name and network, grade level, class, date of birth, demographic information, and indicators of Individualized Education Plan and English Language Learner status.” According to DOE, this is done “so that the company can upload it into the online tools teachers use to view and analyze students’ results on formative assessments.“
Unlike the busing example, there is no need for the company to be provided with this level of sensitive detail for any student, and it should cease. Teachers can view and analyze individual student test scores without this company receiving any personalized information about their students. In any case, the inBloom operation goes far beyond these two examples, and is unprecedented in scope, as it will aggregate a huge amount of highly sensitive data, store it on a vulnerable cloud, with the explicit purpose of commercializing the data and making it available to as many vendors as possible, while insulating itself from any liability for breaches.
What don’t we know? Many unanswered questions remain. NYSED officials have not yet revealed what exact student data is being shared with inBloom, and for many years back in time. We don’t know if the data of students in preK programs is also being shared, either those run by districts or in CBO’s, or if student information at state-funded, non-public special education schools is being disclosed. They have not told us whether they are also sharing teacher data, and/or who will have to pay for inBloom’s “services” starting in 2015. They haven’t explained who will be financially or legally responsible if the data breaches, though DOE has said the state and/or vendors would be liable. They haven’t said whether districts can choose to pull their student data out of inBloom in 2015 or at any other point. The Memorandum of Understanding signed by the Illinois State Education Commissioner allows its districts to pull their student data out whenever they choose, but New York’s contract contains no such provision.
What can parents do to stop this data-sharing? Two bills to protect student privacy passed the State Assembly in the last session. A.6059A would have blocked re-disclosures without parental consent, and A.7872A would have allowed parents the right to opt out of the state or district being able to share their child’s data with third parties. Though a similar bill was introduced in the Senate, and had strong bipartisan support, it did not pass. In any case, parents, advocates and concerned citizens should put pressure on their legislators, their school boards, Commissioner King and the Board of Regents to pull all student data out of inBloom as soon as possible.
We have drafted a sample letter you can send your school board, with a copy to your Superintendent, your Board of Regent member, and your legislators. The letter urges your school board to hold a public meeting about their data sharing plans, and asks them pertinent questions about their current practices concerning the disclosure of personal student information to third parties without parental consent.
Prepared by Leonie Haimson, Class Size Matters, 7/23/13
Selected reading list
(For more articles, check out our inBloom/privacy newsclips):
New York City Department of Education. “Supplemental Information Regarding Privacy and Security of Student Data in inBloom.” (2013) http://schools.nyc.gov/NR/rdonlyres/20C87CC4-0C95-4DBE-A5BE-12219A5015F8/0/supplementalinformationregardingprivacyandsecurityinbloom.pdf
New York City Department of Education. “Frequently Asked Questions about Privacy and Security of Student Data in Education Data Portal.” (2013) http://schools.nyc.gov/NR/rdonlyres/9720D65F-2287-451C-92DA-BD61B92829D1/0/PrivacyandSecurityofStudentDatainEDPFAQ_041262013.pdf
United States Department of Education. “Family Educational Rights and Privacy Act Regulations.” (January 2009) http://www2.ed.gov/policy/gen/guid/fpco/pdf/ferparegs.pdf
Gerry Grealish. “Living Social’s Data Breach – The Importance of Encrypting or Tokenizing Personally Identifiable Information.” (May 7, 2013) http://www.perspecsys.com/living-socials-data-breach-the-importance-of-encrypting-or-tokenizing-personally-identifiable-information/
Leonie Haimson. “Video and news from our explosive Town Hall meeting on student privacy.” NYC Public School Parent Blog (April 30, 2013)http://nycpublicschoolparents.blogspot.com/2013/04/video-and-news-from-our-explosive-town.html
Wendy Lecker. “Private data on children must stay that way.” Stamford Advocate. (May 31, 2013) http://www.stamfordadvocate.com/news/article/Wendy-Lecker-Private-data-on-children-must-stay-4566834.php
Jason Lewis, “Who is Stockpiling and Sharing Private Information About New York Students?” Village Voice. (March 22, 2http://blogs.villagevoice.com/runninscared/2013/03/data-sharing.php
Adina Lopatin. “Town Hall Meeting regarding Student Policy Data and inBloom.” (May 22, 2013) http://www.classsizematters.org/wp-content/uploads/2013/06/Adina-Lopatin-inBloom-Follow-Up-Q-A-055222013.doc
Stephanie Simon. “K-12 student database jazzes tech startups, spooks parents,” Reuters. (March 3, 2013). www.reuters.com/article/2013/03/03/us-education-database-idUSBRE92204W20130303
Stephanie Simon. “School database loses backers as parents balk over privacy,” Reuters, May 29, 2013. http://www.reuters.com/article/2013/05/29/us-usa-education-database-idUSBRE94S0YU20130529
Valerie Strauss. “An exchange on controversial $100 million student database.” (June 12, 2013) http://www.washingtonpost.com/blogs/answer-sheet/wp/2013/06/12/an-exchange-on-controversial-100-million-student-database/
Ken Wagner. “Memorandum on Education Data Portal and Common Core Implementation.” (March 2013) http://usny.nysed.gov/rttt/data/edp-memo.pdf
Audrey Watters. “More Details on InBloom’s Plans for Student Data.” (April 4, 2013) http://hackeducation.com/2013/04/04/inbloom-more-details/