Sunday, April 9, 2023

New $6M Gates grant to Amplify, DOE and NYU MetroCenter; time to ask what personal data Amplify holds for your child!

Last month, the Gates Foundation awarded a $6 million grant to the DOE’s Fund for Public Schools, Amplify, and the NYU MetroCenter “to develop R&D tools and related instructional strategies.”

I wonder why Amplify is involved; are they supposed help develop these R&D tools? And how much money are each of these organizations receiving? The grant notice does not say.

It is amazing how many different Amplify products are being used in NYC schools that collect and use personal student data – with little information made available at about which student personally identifiable information (PII) is being collected, how that data is being shared and how it will be protected.  

New York Ed Law 2-D and its authorizing regulations require rigorous transparency and disclosure to parents about the protection and use of their children’s personal data, through a Parent Bills of Rights for each vendor agreement; and each of these PBORs are mandated to be posted on the district’s website.

There is no mention of either Amplify or NYU MetroCenter on the page disclosing agreements with researchers that have access to personal data. On the vendor page, the requisite Amplify Parent Bill of Rights agreement says this about which types of personally identifiable information (PII) the company  is provided access to "Type of PII that the Entity will  receive/access: Student PII."   

Which says nothing.

As to which of Amplify’s products and programs access student PII, it says the following: Amplify Education Inc. (“Amplify”) provides core curriculum and supplemental programs and services in ELA, math, and science, and formative assessment products in early reading and math….”

The page goes on to list at least 15 different Amplify products in every subject but social studies.  

One of them is described this way: Amplify Math for grades 6–8 and Algebra 1 is a 100% blended core program based on Illustrative Mathematics IM K–12 Math. Chalkbeat recently reported that DOE intends to roll out a "standardized algebra curriculum from Illustrative Mathematics in at least 150 high schools" next year.

Instead of describing how the data will be secured, instead the webpage says the following

Describe the administrative technical and/or physical safeguards to ensure PII will be protected and how the Entity will mitigate data privacy and security risks.  [DOE comment: In its agreement, Amplify outlines in detail how it meets the COSO principles. Please contact if you would like a copy of this information.]

FYI, COSO stands for “Committee of Sponsoring Organizations” which is not fully congruent, as far as I understand it, with the process and procedures required by the law.

I urge parents to ask DOE exactly how Amplify is protecting your child's data, as well as what data elements they currently hold for your child, which is also your right under the law, as the webpage says:

“In accordance with N.Y. Education Law 2-d, parents, students, eligible students, teachers, or principals may seek copies of their PII, or seek to challenge the accuracy of PII in the custody or control of the Entity. Typically, they can do so by contacting the NYC DOE using the email address or mailing address below.”  []

We drafted a sample email you can send to DOE, which is below. According to Ed Law 2-D, parents have  the right to receive this information within a “reasonable period, but not more than 45 calendar days.”  So please keep track.

Once you receive the data from DOE and/or Amplify,  you also have the right to challenge it if you think its inaccurate. In any event, you should also ask that all the data that Amplify holds for your child be deleted at the end of the school year.  The posted Amplify Parent Bill of Rights says that the data will be deleted under the following conditions:

  • whenever requested by the DOE
  • whenever the entity no longer needs the PII to provide services to the DOE
  • whenever a DOE school or office ceases use of a product or service of the entity, for the PII that pertains to that school or office
  • no later than upon termination of this Agreement

The agreement, however, doesn’t say when it terminates, contrary to the law and the regs which require that  the contract’s expiration date” be disclosed. 

The Amplify PBOR adds the following:  to the extent practicable, it will not retain PII for more than one school year after the school year in which the data was received” without explaining what would make deletion practicable or not.

A little history regarding Gates Foundation’s decade-long involvement with Amplify, for those who may be interested:

Founded as Wireless Generation, Amplify was acquired by Rupert Murdoch for News Corporation for $360 million in cash in 2010.  At  the same time, he appointed former DOE Chancellor Joel Klein as  its CEO.  Murdoch invested $1 billion in the company, and in 2011, it was revealed that Wireless/Amplify was supposed to build the NY State student data system through a $27 million no-bid contract awarded by then- NYSED Commissioner John King. As part of its supposed qualifications to create this system,  NYSED wrote the NY State Comptroller that Wireless had created the $80 million NYC student data system called ARIS, which is rather funny because by that point, ARIS was widely acknowledged to have been an useless if expensive boondoggle.

When advocates like CSM, along with NYSUT and many others,  protested this agreement because of privacy concerns, amplified by reports of News Corp involvement in the UK phone hacking scandal, NYS Comptroller DiNapoli announced he was cancelling the contract on August 27, 2011.

A few weeks earlier,  Vicki Phillips, then director of education for the Gates Foundation, had announced on the Gates website the creation of an "amazing" new software program that resembled a "huge app store … with the Netflix and Facebook capabilities we love the most."  She revealed that Wireless Generation was the vendor chosen for this Gates project, which at the time was called the Shared Learning Collaborative.  She wrote that Wireless  would “build the open software that will allow states to access a shared, performance-driven marketplace of free and premium tools and content.

Shortly after this, I wrote the first blog post criticizing this venture, pointing out the controversy then raging concerning the proposed Wireless contract  to build NY student data system.

In the months that followed, the Gates Foundation invested $100 million in the massive data project, called the Shared Learning Collaborative (SLC), and boasted that nine states and districts had agreed to share their personal student data with them, including NY State and NYC, with more to come.  

 In February 2013, the SLC was spun off into a separate corporation called InBloom Inc., with Amplify as its prime contractor, which would collect, sort and systematize a massive amount of personally identifiable student data, so that inBloom could deliver it in an easily digestible form to companies, to help them build their tools  around the data and accelerate the expansion and development of the ed tech market.  

Yet within a year, nearly every state and district that had planned to share data with Gates and inBloom had pulled out, after parents rebelled against the whole notion of a private company holding so much of their children's personal data.  Their anger was especially provoked by the provision in the Gates-drafted agreements that neither the Gates Foundation nor inBloom would have any legal responsibility if the data was breached either in storage or transmission. 

 NY State was the last state to pull out of inBloom, and it took an act of the State Legislature to do so, which finally happened as part of the state budget agreement in March 2014.  At the same time,  the Legislature passed the comprehensive student privacy bill, Education Law 2-d.  As NY State was its last customer, inBloom shut its doors in April 2014. A more detailed timeline of these events is here.

As to Amplify, the company kept losing money. In 2013, I had an amusing interchange with Murdoch on Twitter when it was reported that the company had already lost $80 million.  I pointed this fact out to him and said it was certain to lose more, to which he responded, saying  “@amplify not losing money. Not even in business yet.”   

Yet in 2015, it was revealed that Amplify lost an additional $371M.  That year, Murdoch sold it at a huge loss to a “team of 11 Amplify executives” that included Joel Klein.  This group later sold the business to Laurene Powell Jobs at an undisclosed price, though “the company’s top management...picked up a minority position in the Brooklyn-based company as part of the deal.” So, it’s possible that Klein still owns a piece of the business.

How much Amplify was counting on inBloom to keep it solvent one can only guess, but it suffered other disasters over this period as well. With great fanfare, the company produced an educational tablet to be used in schools, preloaded with various curriculum and programs that were supposed to revolutionize education.  Instead, the tablets’ screens easily cracked and their chargers overheated and melted.

Here is a sample letter to you can send to DOE, asking what data Amplify holds for your child, and how it is being protected.  Please let me know if you do, and if you get a response by emailing me at thanks!  Leonie .



To whom it may concern,

My name is [name], and I am the parent of [name] who attends [x grade] in [what school], at this address [address].

As stated on the DOE webpage concerning the agreement with Amplify, and in accordance with Ed Law 2-D, I am requesting information on whichadministrative, technical and/or physical safeguards to ensure PII will be protected” are being employed by the company for each of its products, and how Amplify will “mitigate data privacy and security risks.”

I also demand that you provide me with copies of all of the personal information that Amplify holds for my child through the use of any of its products, as is also my right under Ed Law 2-D and its regulations. According to §121.12 (e),  “Educational agencies shall comply with a request for access to records within a reasonable period, but not more than 45 calendar days after receipt of a request.”

Thank you,

Your name, address, phone no., and email.

No comments: