Data Privacy

Privacy laws, policies, and best practices. Information and resources for parents, teachers, local education agencies, policy makers and the general public.

Student Records & Privacy

Overview

Data can be a powerful tool for parents, educators, students, and policy makers. To meet statutory requirements and fulfill the California Department of Education’s (CDE’s) mission of providing a world-class education to all students, the CDE collects, maintains, and protects personally identifiable information (PII) about California’s students.

Privacy & Data Collection
Privacy & Data Use
Privacy & Data Management
Privacy Resources for Families
Privacy Resources for Educators
Privacy Resources for Counties & District Administrators
Privacy Laws

Privacy & Data Collection

Summary of data collected and protected by the CDE.

What the CDE Collects & Protects

Data collected and protected by the CDE includes:

Student’s name, identification number, address, race/ethnicity, gender, date of birth, place of birth, name and address of parent or guardian
Attendance data
Data regarding student progress, including grade level completed, school attended, course enrollment, academic work completed, and date of graduation
Standardized test scores
Disciplinary actions
Data regarding eligibility for, or participation in, school lunch programs
Data regarding eligibility for special education and special education services provided to the student
Data regarding eligibility for other compensatory programs and special program services provided to the student

Privacy & Data Use

Summary of data used by the CDE to fulfill mandates and provide services.

How the CDE Uses Data

Data gathered by the CDE are used for many important purposes including:

Calculating the California School Dashboard's Indicators of School Success (PDF)
Generating DataQuest reports about California schools and districts
Generating the CDE’s Downloadable Data Files
Providing fiscal, demographic, and performance data on California’s K-12 Schools for Ed Data
Calculating state and federal categorical funding disbursements via the Consolidated Application
Calculating Local Control Funding Formula apportionments
Administering Nutrition Services Programs

Privacy & Data Management

Summary of initiatives, policies, and procedures established as part of the CDE’s Educational Data Governance (EDGO) Program to ensure protection of privacy.

Annual In-Person Data Privacy Training

To ensure ongoing, up-to-date understanding of privacy laws and best practices, the CDE develops, maintains, updates, and delivers in-person Data Privacy Training to all staff with access to student data annually.

Annual Online Data Privacy Training

In addition to in-person training for staff with access to student data, the CDE requires all employees, regardless of access to take an online privacy and security course each year.

Privacy Awareness & Communications

To maintain privacy awareness throughout the year, the CDE’s EDGO Program hosts periodic presentations by cybersecurity and privacy experts from partner agencies such as the FBI and the US Department of Education’s Privacy Technical Assistance Center. CDE staff also attend and present at education conferences and symposia to network/learn from privacy professionals and share privacy resources with schools and districts. Privacy tips, best practices, and news are monitored and shared on an ongoing basis via the @cdeprivacy

Twitter account.

Privacy Resources for Families

Privacy resources and tips, curated for parents and families.

Video Resources

Student Privacy 101: FERPA for Parents and Students (Video; 4:03)
This 4:03 minute video provides an overview of FERPA.
Common Sense Media Tips & Picks for Families YouTube Channel Includes movie and video game reviews for parents, device and media balance advice for families, videos explaining apps kids are using, and more.
KQED’s Above the Noise YouTube Channel Includes videos on digital citizenship and media literacy, including several videos on privacy.
Family Online Safety Institute Videos series providing tips for talking about online safety and digital citizenship as a family.

Curated Web Resources for Parents

FERPA Sherpa Parent Resources Curated student privacy information for parents.
Protect Kids Online Resource developed by the Federal Trade Commission to help parents/guardians understand and manage the risks associated with their child(ren)’s online presence.
Common Sense Media’s Privacy and Internet Security Page Privacy FAQ’s arranged by age, privacy articles, and more!
NPR Life Kit: Parenting: Screen Time and Your Family Podcast episodes on parenting in a digital world
Common Sense Latino Techology Tips/Privacidad y sguridad en internet Technology tips for families in Spanish/Consejos sobre medios y tecnología
Sniffers and Snoopers and Hackers, Oh My! Protecting Yourself from the Risks of Public Wi-Fi FERPA Sherpa’s tips for minimizing risks associated with using public Wi-Fi.
Parents: Raise Your Hand and Ask Schools How They Protect Student Data FERPA Sherpa’s guide to help parents learn about student privacy policies and practices in their kids’ school/district.

Privacy Resources for Educators

Privacy resources and tips, curated for educators.

Video Resources

Common Sense Education YouTube Channel Includes videos on teaching and learning in digital spaces, including several videos on privacy.
KQED’s Above the Noise YouTube Channel Includes videos on digital citizenship and media literacy, including several videos on privacy.
Utah State Board of Education (USBE) Student Data Privacy YouTube Channel Videos on FERPA, COPPA, and student privacy best practices.
Student Privacy Resource Center YouTube Channel Videos on various topics related to student data privacy
Privacy Technical Assistance Center Guidance Videos US Department of Education’s videos on various student privacy topics

Infographics, Tip Sheets & Lesson Plan Ideas

Common Sense Education Protect Your Students’ Data and Privacy Curated multi-media resources for promoting privacy in the classroom and beyond.
Stop. Think. Connect. Tip sheets and infographics on various privacy topics from the National Cyber Security Alliance.
USBE’s Teacher Resources Curated multi-media resources for teachers.
On Guard Online This Web site, managed by the Federal Trade Commission (FTC) in partnership with other federal agencies, provides tips to help citizens be safe, secure, and responsible online. A variety of tools for parents/guardians, educators, and the general public are provided.
Easy Tips for Keeping Student Data Safe When Taking Your Work Home FERPA Sherpa’s tips for protecting student privacy when using cloud services to access information outside the classroom.
Voice Assistants in the Classroom: Useful Tool or Privacy Problem? FERPA Sherpa’s privacy and security considerations for voice assistants and connected devices in K-12 classrooms.
3 Easy Ways for Educators to Keep Online Accounts Secure FERPA Sherpa’s tips for protecting digital accounts.
Want to Use Social Media in Your Classroom? Follow These 7 Rules Education Week Teacher article with tips for protecting student privacy when using social media in the classroom.
5 Privacy Considerations Before Trying New EdTech in the Classroom EdScoop article with tips for protecting student privacy when selecting/using apps in the classroom.

Privacy Resources for Counties & District Administrators

Tools and tips for leading to create a culture of privacy

Video Resources

Common Sense Education YouTube Channel Includes videos on teaching and learning in digital spaces, including several videos on privacy.
Utah State Board of Education (USBE) Student Data Privacy YouTube Channel Videos on FERPA, COPPA, and student privacy best practices.
Student Privacy Tips YouTube Playlist Future of Privacy Forum videos providing tips and best practices for successfully prioritizing student data privacy
Privacy Technical Assistance Center Guidance Videos US Department of Education’s videos on various student privacy topics
International Society for Technology in Education (ISTE) YouTube Channel Best practice videos on using tech in the classroom.
Forum Guide to Education Data Privacy (PDF) Downloadable PDF developed by the National Center for Education Statistics (NCES) Data Privacy Forum as a resource for state and local educational agencies developing privacy programs and supporting educators/staff in protecting student privacy.
Policymaker’s Guide to Student Privacy Future of Privacy Forum guide with tips for policymakers drafting data privacy legislation, guidance, and policies.

Best Practice Resources

11 Steps to Privacy: The Right to Inspect and Review under FERPA FERPA Sherpa’s best practice tips for thinking through and developing student data access policies and practices.
9 Steps to Privacy: The Right to Seek and Amend under FERPA FERPA Sherpa’s tips for ensuring compliance when amending student records under FERPA.
School Safety & Privacy: An Animated Introduction Tips and resources for balancing student privacy/safety concerns with equity and dignity in educational environments.
Guide to Disclosing Information During School Emergencies Future of Privacy Forum’s tips for ensuring student safety during emergencies while complying with privacy laws and best practices.

Data Privacy Training Resources

Technical Assistance & Professional Development (TAPD) Free cybersecurity education available to California schools and districts.
Future of Privacy Forum Webinars Video playlist on various student privacy topics including facial recognition, privacy laws, data de-identification, and more.
Future of Privacy Forum Student Privacy Bootcamp for EdTech Video playlist of sessions on data privacy laws, security/privacy best practices for EdTech, and more.
Future of Privacy Forum’s Student Privacy Bootcamp for Districts and Educators Video playlist of sessions on laws, school safety and privacy, dealing with apps, and creating culture of privacy.

Data Privacy Advocacy & Communities of Practice

California Student Privacy Alliance Collaborative of California schools, districts, policy makers, privacy advocates, and professional organizations provides California’s educational stakeholders with a central location for seeing and sharing what educational technologies are being used and under what terms/conditions. Templates and sample language for contracts are provided to assist LEAs in developing state and federally-compliant educational technology contracts.
Common Sense Kids Action Common Sense Media team focused on collaborating with tech companies and policy makers to promote digital equity, transparency/democracy, digital privacy, and kids’ well-being in a digital age.
Data Quality Campaign (DQC) Advocacy group that focuses on effective student data practices, including student data privacy issues.

Student Data Privacy Laws

Summary of state and federal laws that have implications for privacy in schools, public agencies, and beyond.

Privacy Law Resources

Data Privacy Guidebook (PDF) Includes legal summaries and tips and guidance for complying with state and federal student data privacy laws.
FERPA Sherpa’s Guide to State Student Privacy Laws Summary of pending and enacted student privacy legislation by state.
Utah State Board of Education Student Data Privacy YouTube Channel Videos on FERPA, COPPA, and student privacy best practices.
The Verge Explains the European Union’s General Data Protection Regulation (GDPR) This 2:49 minute video provides an overview of the GDPR and how its implementation in May of 2017 has impacted privacy laws around the world.
Comparing Laws: GDPR vs. CCPA (PDF) Future of Privacy Forum compares and contrasts the California Consumer Privacy Act (CCPA), which becomes effective in January of 2020 and the General Data Protection Regulation (GDPR) which became effective in the EU in May of 2018 and influenced the CCPA.

California State Laws

California Consumer Privacy Act of 2018 California law increasing data privacy protections for California citizens with special provisions for children under 16. Takes effect 01/01/20.
AB 272 (Student Smart Phone Use)—EC § 48901.7 California law authorizing school boards to regulate possession and use of smart phones on school campuses
Student Online Personal Information Protection Act — California Business & Professions Code § 22584 California law including provisions preventing marketing to students and their parents, requirements that student data only be used for specified educational purposes.
AB 1584 (Third Party Contracts) — EC § 49073.1 California law outlining provisions required for contracts involving student data.
AB 1442 (Social Media) — EC § 49073.6 California law requiring schools and districts to hold a public hearing prior to monitoring the social media accounts of students.
California Code of Regulations(CCR), Title 5, §§ 430-438 (Student Record Retention) California law outlining requirements for maintaining pupil records.
EC§ 60607 (Assessment Results) California law outlining requirements for student assessment records.
The Richard B. Russell National School Lunch Act, as amended (42U.S.C.§ 2, 1751) (PDF) Federal law outlining National School Lunch Program provisions, including provisions related to student lunch records.

Federal Laws

Family Educational Rights and Privacy Act (FERPA) – 20U.S.C.§ 1232g Federal law outlining rights and requirements related to accessing, sharing, and amending student records.
Protection of Pupil Rights Amendment (PPRA) – 20U.S.C.§ 1232h Federal law outlining requirements for Directory Information (i.e. student information schools and districts designate for release without prior written consent).
Children’s Internet Protection Act (CIPA) Federal law requiring schools and districts receiving federal E-rate internet connectivity funds to have an internet safety policy and specified technology protection measures in place.
Children’s Online Privacy Protection Act (COPPA) – 15U.S.C.§§ 6501-6506 Federal law outlining requirements for operators of websites or online services directed at or knowingly collecting personal information from children under 13.