Judge's order could expose 10M California schoolkids' personal inf…A federal judge’s order earlier this month that California public schools turn a trove of personal information on millions of children over to two nonpr…
Judge's order could expose 10M California schoolkids' personal info, say critics
Now Playing Data breach exposes 191 million voter rolls online
The nonprofits, who advocate for special needs kids, say they need the info to gauge compliance with federal law, but critics don’t believe Social Security numbers, home addresses and other sensitive records should be included. The ruling applies to all students enrolled in Golden State public schools at any time since 2008, a number estimated at 10 million.
“People are confused, worried and angry.”“People are confused, worried and angry,” said Bill Ainsworth, a spokesman for the California Department of Education.
- Bill Ainsworth, spokesman for the California Department of Education
The order from Sacramento District Judge Kimberly Mueller stems from a 2012 lawsuit filed by two special needs advocacy groups, the Morgan Hill Concerned Parents Association and the Concerned Parents Association, alleging local educational agencies have failed to accommodate children with disabilities in compliance with federal law.
Critics say the ruling could also potentially expose statewide assessment results, progress reports, behavior and disciplinary information, special education evaluations and records pertaining to health, mental health and medical information.
“We characterize the data release as risky, unnecessary and unprecedented,” said Pam Dixon, executive director of the World Privacy Forum. Eva Velasquez, CEO of the Identity Theft Resource Center, warned that one lapse could have “devastating consequences for California’s students.”
The Family Educational Rights and Privacy Act and the Individuals with Disabilities Education Act are federal laws in place to protect the privacy of students. The federal government ensures compliance with a vast database, which the plaintiffs could have access to under the ruling.
State education officials have been inundated with thousands of calls from parents, educators and school districts over the past week, according to Ainsworth. State Superintendent of Public Instruction Tom Torlakson is a “strong supporter of privacy rights,” Ainsworth said, but now must follow the order.
"The California Department of Education has been fighting vigorously to defend the privacy rights of students throughout California, but we are required to comply with the court order in this case," Ainsworth said.
The department alleges that last year it provided the organizations with all the information from a California Special Education Management Information System database, which includes records of special education students and those being tested, but with personal data extracted. However, the plaintiffs “continued to seek students information” in a database containing personal details, according to education officials.
Angry parents lashed out at California Concerned Parents, prompting the organization to deactivate its Facebook page citing the “significant number of comments that included profanity, threatening language or veered off topic.”
The organization claims the information previously offered is insufficient, but insists it doesn’t want sensitive data such as Social Security numbers. Officials said no information has been turned over yet, but that it will be handled with discretion when it is.
“The information has not yet been released to them and they have yet to be told the day of the release,” Christine English, vice president of the California Concerned Parents, told FoxNews.com. “The information will never be released to the association, only to their attorneys and consultants – less than 10 people. Every possible precaution is already under way to safeguard the data.”
The non-profit insists that it requires data about every student in California -- not just those with disabilities -- so that it can make such determinations as whether a disproportionate number of certain ethnicities receive certain services and to test CDE’s contention that its educational programs are compliant with state and federal law.
Mueller’s order addressed security concerns by barring distribution of the data outside the parties involved and ordering that the group “return or destroy” as soon as it completed its analysis. Mueller also appointed a magistrate and a special master to ensure compliance with all aspects of her order.
Still, there is no way to ensure against a data breach once the information is turned over, according to attorneys who followed the case.
“I’m shocked that the court would allow this type of disclosure that would be a treasure trove for identity thieves,” Beverly Hills-based attorney Troy Slaten said. “Identity thieves already preyed on minors because they tend to have clean histories.”
Fellow attorney Rosa Noyola agreed, noting that even large corporations with sophisticated security measures have been susceptible to hacking and leaks.
“If Target and BlueCross can fall victims to security breaches, how is a non-profit, with presumably limited resources, able to ensure that personal information is kept secure?” Noyola said.
Parents, guardians and former students now over the age of 18 have until April 1 to opt out of the disclosure by submitting a request to the court either in a letter to the court or by printing out and mailing a special form.
Still, critics say the opt-out process has not been made clear, and Ainsworth was dubious that information on those who opt out could be removed from the database.
No comments:
Post a Comment