Remarks on CPS SOPPA violations at Chicago Board of Ed meeting

IL Families for Public Schools' director Cassie Creswell spoke at the August meeting of the Chicago Board of Education about CPS' continued lack of compliance with the Student Online Personal Protection Act. 

Remarks as prepared:

Hi, I’m Cassie Creswell, CPS parent and director of IL Families for Public Schools. 

IL’s Student Online Personal Protection Act or SOPPA was amended in 2019 as an initiative of IL-FPS. The amendments added security protections and crucially guaranteed far greater transparency to parents about what data is being collected and shared about their children.

I urge you to read the letter detailing problems with CPS’ implementation of SOPPA sent to you in January of this year by IL-FPS and a number of teacher and student led groups. My group asked for a meeting with the board and were ignored.

I also urge you to read the in-depth reporting in the Chicago Tribune last week about how CPS is still far from compliant with the changes in the law even though it had two full years to prepare and it's now a year past the effective date. 

One critical issue that must be addressed from the article is the district’s claim that software that isn’t an “instructional resource”, is exempt from the requirements of SOPPA. This is false. the district student information system Aspen or the Battelle for Kids software involved in the breach announced is absolutely an operator under SOPPA.

The law is very clear. Districts must have a list on their website of all operators that the school has written agreements with and a copy of each agreement. Aspen provides an online service that is primarily used for K-12 school purposes. 

And they are clearly in possession of students’ covered information as defined in the law. 

I don’t know who in central office is making the decision to ignore the provisions of SOPPA for an entire class of software in use in CPS, but that decision is the wrong one. CPS needs help figuring this out and they could have, and still can join a statewide consortium that most school districts joined to help sort out the requirements of this law.

Parents are owed this information about their children’s data. CPS is not above the law. And IL-FPS will be following up on the Tribune’s reporting by filing a complaint about the district’s deliberate flouting of SOPPA with the Illinois Attorney General, whose responsibility it is to enforce this law and protect the privacy of Illinois students and families.