Data privacy is frequently discussed at the intersection of internet companies, websites, app-builders, and the consumer. Visiting a website or using an application produces data. Data gives us insights into how the world works. But not all consumers are comfortable with companies, institutions, or other individuals collecting and using that data.
Even with all the noise and controversy about online privacy versus data, we are far from any kind of consensus, let alone an informed one. The field is just too new and evolving too rapidly.
The consumer/business interaction is not the only place where tons of data can be collected, however. As technology brings more and more of the operation of school districts and classroom activities online, volumes of data are generated. The value of this data could be high. Researchers can gain greater insights into behavior, and technology implementers can determine what works, what doesn’t, and how to make it better.
Legislators and school districts are attempting to get a handle on the implications of gathering and using data on this scale. The guiding legislation, at present, is the Family Educational Rights and Privacy Act, or FERPA. The Department of Education has issued a set of guidelines, based on FERPA, which can be found here.
The central thrust of these recommendation is to eliminate Personally Identifying Information (PII) to the extent possible. Exceptions are for obvious reasons such as logins and providing specific data to people who are authorized to receive it. Some legislators don’t believe this is enough and also want to restrict districts and vendors from using data gathered for commercial purposes.
Though these lines seem pretty clear, in practice they can be difficult. Many researchers do pure research but work for companies with clear commercial interests. Also, published research can be used by anyone. Pew Internet research is not collected for marketing purposes, but many marketers use Pew data.
There is also an issue with removing personally identifying information. It has an effect on the quality of the research itself. This study shows that the more care you take to ensure PII cannot be recovered from the dataset, the less scientifically valid the dataset itself becomes.
The future may change our practices and attitudes about data and privacy. At present, the best approach is to stay within the guidelines provided by the department of education. In addition, the Software & Information Industry Association has issued a set of best practices about data privacy in general. These include:
Signup below to receive updates about what we are up to.