August 3, 2005
The Grades That Vanished, and Some Other Threats to Students' Data
By TIM GNATEK, NY TIMES

LINK

LAST school year, thousands of student records in the Natomas Unified School District in Sacramento disappeared.

Two students at Natomas High School, using a stolen password, had gained illegal access to the school's computer network. They raised their grades to A's, then, in an attempt to cover their tracks, unwittingly deleted more than 18,000 records.

Quick action by the school reversed the damage, and an investigation by the Sacramento Valley Hi-Tech Crimes Task Force led to community service and eventual probation for the culprits. But questions remained about the security of students' personal information in a digital age.

"Twenty-five years ago, someone might have distracted the teacher and gotten the grade book," said Lt. Bob Lozito of the sheriff's task force. "But in the system today, they have multiuse networks with grades and, depending on size of district, all the personal information for students and faculty. The potential for misuse is there."

The incident was hardly isolated. During the last school year in Sacramento, administrators took action in four separate cases in which students illegally got into school networks, compromising the personal information of students and employees, including grades, Social Security numbers and contact information.

The proliferation of various devices and technologies on campus has put student privacy at greater risk today than ever before. Grade changing and network snooping aren't the only threats; new types of cameras, classroom Web logs and the government-mandated release of student records to military recruiters have all brought increased pressure to clarify and toughen policies on student privacy, shore up network security and move for new laws to provide for children's security.

In Sacramento's Elk Grove Unified School District, where in the last school year three separate cases of hacking and password theft allowed unauthorized access to thousands of students' and employees' records, administrators are taking action. Before classes begin this year, the district will hold a technology security conference intended to help stem future network attacks. It will include presentations by security specialists from Microsoft and California's Fiscal Crisis Management Assistance Team, a social engineering expert and the Hi-Tech Crimes Task Force.

"It is a big deal, and people need to be aware of what's going on," said Greg Lind- ner, the school district's director of information technology. "There are dos and don'ts, like don't leave your password on a sticky note," Mr. Lindner said. "And how to build a communication plan, so that network security becomes part of the culture."

Risks to personal privacy are not confined to network attacks: electronic gadgets have also prompted concerns among administrators. Cameras, for one, with their ever-shrinking size and growing number of features, have become tools for schoolyard Peeping Toms.

The popularity of such equipment has led some school officials to consider banning cellphones altogether, as in Santa Fe, N.M., where a student used a camera phone to take a photo under another student's skirt. The Magnolia Independent School District in Magnolia, Tex., banned camera phones in part because of concerns about student privacy, as did the Fayette County Board of Education in Fayetteville, W.Va.

And after a man in Astoria, Ore., was convicted of filming a high school girls' swim team with a night-vision camera that allowed him to make their bathing suits appear translucent, State Senator Betsy Johnson, a Democrat, introduced legislation to make it easier for such victims to sue. The "video voyeur" bill, which was passed unanimously by the House and Senate, and is expected to be signed by Gov. Theodore R. Kulongoski, would protect against photographs taken anywhere that plaintiffs have a "reasonable expectation of personal privacy," like changing areas.

Legislators combined Ms. Johnson's bill with another by State Senator Kate Brown, another Democrat, to cover compromising pictures taken with cellphone cameras.

Public scrutiny of such incidents contributed to support for a federal measure, the Video Voyeurism Prevention Act, which became a law in December 2004. The act prohibits knowingly photographing, videotaping or electronically recording images of certain body parts (in the nude or in undergarments) without a person's consent.

At times, even school administrators find themselves on the defensive for policy actions perceived to threaten student privacy, as when schools have issued radio-frequency identification tags to curb truancy and automate attendance tracking, to the concern of some parents and civil liberties groups.

Although the Department of Education has not set rules governing how schools handle such privacy issues, it encourages school districts to set their own acceptable-use policies when incorporating computers and other technologies into classrooms.

"It's an issue to balance the tools with keeping kids' privacy safe," said Will Richardson, who supervises technology for Hunterdon Central Regional High School in Flemington, N.J.

Many acceptable-use policies, like that at Hunterdon, require parents to sign permission slips allowing their children to use school computers to go online, have their pictures posted on school Web sites or be listed on honor rolls. Beyond that, it is left to each teacher to set rules.

Mr. Richardson, who also runs Weblogg

-ed.com, a Web log promoting technology in the classroom, encourages teachers to adopt blogs, wikis and other publishing tools as part of their curriculum, while acknowledging the risks inherent in posting information on the Internet. "We tell kids to use their first names only, or use a pseudonym, and obviously in the blogs, they can't divulge personal information," he said.

Even with acceptable-use policies, voyeur laws and secured networks, some personal student information continues to leak from schools through legal loopholes. Allowances in student privacy laws have enabled military recruiters, state agencies and commercial marketers to gain access to student data, including names, phone numbers, grade point averages and courses of study.

In particular, student information became more accessible after the No Child Left Behind Act was passed in 2001. The act required all schools that receive federal financing to release student records to groups like the military, book clubs and student recognition services unless parents signed waivers prohibiting the record sharing. Schools that fail to comply with such groups' requests for information can lose federal education financing.

Though the act requires schools to notify parents that their children's information may be shared, many parents, teachers and privacy advocates have complained that the notification policies are insufficient and favor information sharing over privacy.

Awareness programs that aim to alert parents about their ability to opt out of inclusion on shared data lists have recently been started by advocacy groups, and proposed federal legislation may provide additional security for student information. The Student Privacy Protection Act, introduced in the House in February by Representative Michael M. Honda, Democrat of California, would prohibit military recruiters from contacting students except in response to specific requests for information.

"The bill is not about being antirecruitment," said Mr. Honda, a former teacher and principal. "It's about making sure that minors who are in high school have their personal information kept private."

Mr. Honda said the bill, which was sent to a House subcommittee in April, was a response to parents' tales about their experiences with military marketing in his home district, which includes much of Silicon Valley. "They were upset that they were being called at home, they were being pursued aggressively by recruiters," he said.

Though the bill would reverse the No Child Left Behind recruitment clause, it would not prohibit recruiters from gathering student information through the Defense Department's Joint Advertising Market Research and Studies program, which culls data on minors from sources like state driver's license records and commercial marketers' lists.

Mr. Honda said that such "data mining" may be prevented one day. "We may not need a law for the Department of Defense database, because there is an argument that that list violates privacy laws," he said. "We shouldn't need to create another law when we can enforce existing ones."