The Student Online Privacy Protection Act, SB1796, does the opposite of what it is intended to: instead of protecting student data, it will write into law tech companies' existing misuse of students' personally identifiable information. For every small benefit children get with this bill, website and app operators get a huge gift. Call your state rep and tell them to vote NO.
This bill has passed in committee and will reach the floor of the House very shortly. You can look up your rep and their Springfield office number here.
The IL School Student Records Act is an existing strong law that tightly controls who has access to students' personally-identifiable information (PII). SB1796 would instead allow tech companies much broader access to student PII with no notification or consent from parents:
--It could be used in adaptive and personalized learning applications.
--It can be transferred or shared with third-party contractors or companies in a merger/acquisition.
--It constrains only some limited aspects of targeted advertising in educational apps and site.
--It allows extensive use of data that's been de-identified, a technique which has been shown to be of little use in keeping data anonymous and secure.
--The language on how PII is to be protected favors tech companies by simply saying security procedures and practices should be "reasonable."
SB1796 codifies companies' existing poor practices, instead of prohibiting them or tightly regulating them.
We would love to see robust legislation passed in Illinois that builds on the protections of our existing student privacy law to extend its reach in this new era of big data and ed tech. But SB1796, the Student Online Privacy Protection Act, is not that legislation.
Want more information about student data privacy? The national group Parent Coalition for Student Privacy has a great new toolkit for helping parents investigate and advocate on this issue.