1. Privacy in the 21st Century: �Issues for Schools &� Libraries Helen Adams
hadams@coredcs.com
Rosholt School District
WEMA Program Summary: Historically, patron privacy and confidentiality of library records have been core values of librarianship. However, contemporary phenomena such as the Internet, emerging technologies, and the events of Sept. 11, 2001 have changed personal and institutional privacy forever. How will the converging forces affect privacy in schools and libraries? With hot button privacy issues mounting daily, learn the facts behind the headlines to protect your privacy and that of your students. WEMA Program Summary: Historically, patron privacy and confidentiality of library records have been core values of librarianship. However, contemporary phenomena such as the Internet, emerging technologies, and the events of Sept. 11, 2001 have changed personal and institutional privacy forever. How will the converging forces affect privacy in schools and libraries? With hot button privacy issues mounting daily, learn the facts behind the headlines to protect your privacy and that of your students.
2. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
2 Topics to Cover An overview of privacy issues
Federal and state protections and actions
Tips on online privacy
Privacy issues in schools
Privacy resources
3. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
3 Privacy Concerns and PII�(Personally Identifiable Information) Privacy concerns are high on consumer polls. �Key concerns include
Identity theft and fraud
.Coms selling your PII
Government misuse of your PII
Security of your medical and financial data
Privacy concerns increase as
More people are online
Residential broadband access increases (now 20%+)
Use of wireless communication increases
More people shop and conduct business online
4. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
4 Personally Identifiable Information (PII) Typical PII includes
Name
Address (work, residence)
Email address
Telephone number
Other ID (SSN, etc.)
Non-PII includes
Demographic
Age, gender, race/ethnicity
Education level, job, income
Preferences, interests, hobbies
5. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
5 Federal Protections and Action 4th and 5th amendments
Federal Trade Commission (FTC) is lead privacy agency
Many federal laws have privacy provisions, including:
Gramm-Leach-Bliley Act (GLB, 1999)
Health Insurance Portability and Accountability Act (HIPAA, 1996)
Rules (93 pages) effective, April 14
USA Patriot Act (2001)
Children’s Online Privacy Protection Act (COPPA, 1998)
Family Educational Rights and Privacy Act (FERPA, 1974)
34 privacy-related bills are pending in Congress
6. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
6 FTC’s Fair Information Practice Principles (FIPPs)
7. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
7 USA Patriot Act �(PL107–56, Sections 214–216) Quickly passed following Sept 11, 2001
342 pages that revises more than 15 other laws
Expands Foreign Intelligence Surveillance Act (FISA)
Provisions extend beyond terrorism
Increases counterfeiting penalties
Russ Feingold was only senator to �vote “no”
Patriot II act has been drafted
Total Information Awareness (TIA) system, research continues USA Patriot Act, signed into law on Oct. 26, 2001—weakens privacy online
Law had 4 different names & 5 different versions before signed by Pres.
Completed in 5 weeks, normal committee & hearing processes suspended
Amended 15 federal laws Privacy advocates have concerns
Major concerns re: surveillance w/less checks and balances
*FBI/CIA may place a wiretap on any person nationwide (not just local jurisdiction whether person is named in the court order.
*Law increases info gov’t may obtain about users from ISPs
expands records gov’t may seek with subpoena,(no court review required) for online times, durations, IP addresses, payments of accounts, email to/from
Provisions extend beyond terrorism through whole judicial system
appear less related to terrorism & more to nonviolent computer crim
Including:
*spying on computer trespassers without court order
*increased penalties for suspects violating Computer Fraud & Abuse Act (penalties for 1st offense 10 years prison, 20 yrs. 2nd offense)
>>>>>>>>>>>>>>>>>>
A May 17 opinion by the court that oversees the Foreign Intelligence Surveillance Act (FISA) alleges that Justice Department and FBI officials supplied erroneous information to the court in more than 75 applications for search warrants and wiretaps, including one signed by then-FBI Director Louis J. Freeh.
The FISA court agreed with other proposed rule changes. But Ashcroft filed an appeal yesterday over the rejected procedures that would constitute the first formal challenge to the FISA court in its 23-year history, officials said.
“We believe the court’s action unnecessarily narrowed the Patriot Act and limited our ability to fully utilize the authority Congress gave us,” the Justice Department said in a statement.
The documents released yesterday also provide a rare glimpse into the workings of the almost entirely secret FISA court, composed of a rotating panel of federal judges from around the United States and, until yesterday, had never jointly approved the release of one of its opinions. Ironically, the Justice Department itself had opposed the release.
Stewart Baker, former general counsel of the National Security Agency, called the opinion a “a public rebuke.”
“The message is you need better quality control,” Baker said. “The judges want to ensure they have information they can rely on implicitly.”
A senior Justice Department official said that the FISA court has not curtailed any investigations that involved misrepresented or erroneous information, nor has any court suppressed evidence in any related criminal case. He said that many of the misrepresentations were simply repetitions of earlier errors, because wiretap warrants must be renewed every 90 days. The FISA court approves about 1,000 warrants a year.
WI’s Sen. Feingold only senator to vote against the bill.
USA Patriot Act, signed into law on Oct. 26, 2001—weakens privacy online
Law had 4 different names & 5 different versions before signed by Pres.
Completed in 5 weeks, normal committee & hearing processes suspended
Amended 15 federal laws Privacy advocates have concerns
Major concerns re: surveillance w/less checks and balances
*FBI/CIA may place a wiretap on any person nationwide (not just local jurisdiction whether person is named in the court order.
*Law increases info gov’t may obtain about users from ISPs
expands records gov’t may seek with subpoena,(no court review required) for online times, durations, IP addresses, payments of accounts, email to/from
Provisions extend beyond terrorism through whole judicial system
appear less related to terrorism & more to nonviolent computer crim
Including:
*spying on computer trespassers without court order
*increased penalties for suspects violating Computer Fraud & Abuse Act (penalties for 1st offense 10 years prison, 20 yrs. 2nd offense)
>>>>>>>>>>>>>>>>>>
A May 17 opinion by the court that oversees the Foreign Intelligence Surveillance Act (FISA) alleges that Justice Department and FBI officials supplied erroneous information to the court in more than 75 applications for search warrants and wiretaps, including one signed by then-FBI Director Louis J. Freeh.
The FISA court agreed with other proposed rule changes. But Ashcroft filed an appeal yesterday over the rejected procedures that would constitute the first formal challenge to the FISA court in its 23-year history, officials said.
“We believe the court’s action unnecessarily narrowed the Patriot Act and limited our ability to fully utilize the authority Congress gave us,” the Justice Department said in a statement.
The documents released yesterday also provide a rare glimpse into the workings of the almost entirely secret FISA court, composed of a rotating panel of federal judges from around the United States and, until yesterday, had never jointly approved the release of one of its opinions. Ironically, the Justice Department itself had opposed the release.
Stewart Baker, former general counsel of the National Security Agency, called the opinion a “a public rebuke.”
“The message is you need better quality control,” Baker said. “The judges want to ensure they have information they can rely on implicitly.”
A senior Justice Department official said that the FISA court has not curtailed any investigations that involved misrepresented or erroneous information, nor has any court suppressed evidence in any related criminal case. He said that many of the misrepresentations were simply repetitions of earlier errors, because wiretap warrants must be renewed every 90 days. The FISA court approves about 1,000 warrants a year.
WI’s Sen. Feingold only senator to vote against the bill.
8. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
8 USA Patriot Act: Some Privacy Issues Expands monitoring laws (beyond phone taps) to include Internet traffic
Email addresses, IP addresses/routing, Web search terms
Monitoring at various levels, from PC to the ISP
Allows nationwide monitoring
Expands surveillance with less judicial review
Former “probable cause” was higher legal bar than new “relevant to an ongoing investigation”
ALA advises librarians to “avoid creating unnecessary records”
Is this a new “Library Awareness Program”?
9. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
9 State Protections and Action Student privacy protections are in state statutes
WI library privacy law
DPI approves school district� technology plans
Plans often include privacy provisions� in relation to NCIPA
10. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
10 WI Library Privacy Law
11. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
11 Tips on Personal Privacy Read closely any Website’s privacy policy
Keep a “clean” email address
Home cable and DSL users are especially vulnerable
Never enter sensitive PII without a secure connection
Enter only minimal data, look for opt-out check boxes
Look for compliance with groups like� BBBOnline, TRUSTe and HON
Be aware of your surroundings
Security cameras in Times Square
12. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
12 Schools and Privacy: �12 Issues & Answers
13. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
13 Privacy in Schools: Issue #1�Confidentiality of Student Records (federal law) Family Educational Rights and Privacy Act (FERPA, 1974)
Applies to schools accepting DOE funds
Requires districts to establish written policies and procedures protecting student PII
Defines educational records and who has access
Parental permission required to disclose student PII
14. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
14 Privacy in Schools: Issue #1�Confidentiality of Student Records (state law) Chapter 118.125 WI State Statutes
All student records in public schools are confidential, including:
Behavioral, directory data, progress records, physical health
Access to records granted
To parents
To staff with “legitimate educational interest”
For legal reasons
For an audit of state or federal program
15. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
15 Privacy in Schools: Issue #2�Privacy Language in the AUP Addressing privacy in the AUP
N-CIPA requires schools receiving E-rate discounts to adopt an Internet Safety Policy
Must address “unauthorized disclosure, use, and dissemination of PII regarding minors.”
Minor defined as someone less than 17 years old
Requires public hearing and formal Board adoption
Many privacy issues related to schools and school libraries
Will describe 6 issues
1) Addressing privacy in the AUP
Dec. 2000, Congress passed CIPA (Children’s Internet protection Act) +
NCIPA (Neighborhood Children’s Internet Protection Act)
*requires schools & libraries receiving Universal Service discounts to:
adopt and implement an Internet Safety Policy that addresses 15 areas:
Iv) unauthorized disclosure, use, and dissemination of personally indentifiable information regarding minors.
*Under CIPA and N-CIPA, a minor is anyone less than 17 years of age.
Many privacy issues related to schools and school libraries
Will describe 6 issues
1) Addressing privacy in the AUP
Dec. 2000, Congress passed CIPA (Children’s Internet protection Act) +
NCIPA (Neighborhood Children’s Internet Protection Act)
*requires schools & libraries receiving Universal Service discounts to:
adopt and implement an Internet Safety Policy that addresses 15 areas:
Iv) unauthorized disclosure, use, and dissemination of personally indentifiable information regarding minors.
*Under CIPA and N-CIPA, a minor is anyone less than 17 years of age.
16. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
16 Privacy in Schools: Issue #3�Privacy Policy on a District’s Website All school sites should post a privacy policy
Present on every major page of site
Examples
Anchorage (Alaska) School District
www.asd.k12.org/privacy.asp
School District of Greenville County (SC)
www.greenville.k12.sc.us/district/web/policy/privacy.htm
Valley Elementary School (Utah)
www.weber.k12.ut.us/LegalNotice/privacy.html Issue 2: Privacy Policies or Statements on District Web Sites
*along w/commercial & other web sites, district web sites should post a privacy policy or statement
Policy explains a district’s collection & use of personal information from web site visitors & and security of the data collected.
May also relate how a district treats student PII on its web site.
Should be Statements as a link on EVERY major page of the site AND
Contact info should be given for those having questions.
3 Examples:
Anchorage (Alaska) S.D.: addresses itself to site visitors & includes this info:
How info is collected & used, what PII is collected, how email is treated, security, cookies, contact info for district
School District of Greenville County (SC):Similar to anchorage policy Also BUT includes a paragraph on collection of data from children
“No one under age 13 is allowed to provide any PII or use the public discussion area. Minors under the age of 18 are prohibited from reg. On our sites.”
Valley Elem. School (Utah): emphasis on the privacy of their students
Addresses use of st. phots, st. names, & take steps to protect info about sts.
Issue 2: Privacy Policies or Statements on District Web Sites
*along w/commercial & other web sites, district web sites should post a privacy policy or statement
Policy explains a district’s collection & use of personal information from web site visitors & and security of the data collected.
May also relate how a district treats student PII on its web site.
Should be Statements as a link on EVERY major page of the site AND
Contact info should be given for those having questions.
3 Examples:
Anchorage (Alaska) S.D.: addresses itself to site visitors & includes this info:
How info is collected & used, what PII is collected, how email is treated, security, cookies, contact info for district
School District of Greenville County (SC):Similar to anchorage policy Also BUT includes a paragraph on collection of data from children
“No one under age 13 is allowed to provide any PII or use the public discussion area. Minors under the age of 18 are prohibited from reg. On our sites.”
Valley Elem. School (Utah): emphasis on the privacy of their students
Addresses use of st. phots, st. names, & take steps to protect info about sts.
17. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
17 Privacy in Schools: Issue #4�Identifying Students on the District’s Website FBI recommends districts not publish student photos
Increased arrests of pedophiles
Study: 12% of kids meet unknown person
Districts approach the issue in different ways
Pictures and names
Pictures with no names
Pictures and names separated
No photos or names
Mankato (MN) S.D. #77
www.isd77.k12.mn.us/webguide.php Issue 3: Should st. photos/names appear on district web sites?
FBI rec. not because found cases involving pedophiles seeking young children in chat rms increasing: 700= 1998, 1500=1999, 2001=4,000
Study found 12% of kids go through with an offline rendezvous.
Undercover FBI agents spoke to nearby parents group , went online, within 5 min-posing as young person in chat room, propositioned for sex 3x’s.
WI Districts approach use of student photos/names in different ways
1) photos and first names 2) pictures w/ no names, 3) pictures & names separate, 4) no photos or names
Districts which do publish student photos generally have policies
Mankato MN SD #77 has “Student Safeguards” Guidelines posted at address
Guidelines include: Wed pages may contain only first name of student
May NOT include student’s home phone #, address, names of family members or friends, or email addresses
Decisions on publishing st. pictures & audio clips based on judgement of supervising teachers & signed permission of student & parent/guardianIssue 3: Should st. photos/names appear on district web sites?
FBI rec. not because found cases involving pedophiles seeking young children in chat rms increasing: 700= 1998, 1500=1999, 2001=4,000
Study found 12% of kids go through with an offline rendezvous.
Undercover FBI agents spoke to nearby parents group , went online, within 5 min-posing as young person in chat room, propositioned for sex 3x’s.
WI Districts approach use of student photos/names in different ways
1) photos and first names 2) pictures w/ no names, 3) pictures & names separate, 4) no photos or names
Districts which do publish student photos generally have policies
Mankato MN SD #77 has “Student Safeguards” Guidelines posted at address
Guidelines include: Wed pages may contain only first name of student
May NOT include student’s home phone #, address, names of family members or friends, or email addresses
Decisions on publishing st. pictures & audio clips based on judgement of supervising teachers & signed permission of student & parent/guardian
18. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
18 Privacy in Schools: Issue #5�Protecting the Confidentiality of Library Records Records kept for library management
No federal law protects confidentiality
Legislation in 48 states and DC varies
Wisconsin Library Privacy Law covers
Patron information, circulation records
Records associated with use of the Internet
Use of in-house databases
Can release only by court order NO federal law protecting privacy of library records YET-
Libraries have a long history of protecting privacy of patrons.
For example: purpose of circ records is to manage library’s collection
not track what patrons are reading, viewing, listening to
48 states & District of Col. Have laws governing release of patron use records
laws are not uniform & vary from state to state [KY & Hawaii have no law]
14 specify school libs, 8 + DC public library only, 8 those libs wholly or in part supported by public funds, 18 refer only to a lib. or any library
WI Library Privacy Law covers:
1)Patron information,
2)circulation records,
3)Use of Internet including: email, searching sites, Internet logs, history files, sign-up sheets
Can only be released by COURT ORDER
Ex. Law officer asks what student reading/viewing, cannot tell w/out court order WI law: may not even inform parentNO federal law protecting privacy of library records YET-
Libraries have a long history of protecting privacy of patrons.
For example: purpose of circ records is to manage library’s collection
not track what patrons are reading, viewing, listening to
48 states & District of Col. Have laws governing release of patron use records
laws are not uniform & vary from state to state [KY & Hawaii have no law]
14 specify school libs, 8 + DC public library only, 8 those libs wholly or in part supported by public funds, 18 refer only to a lib. or any library
WI Library Privacy Law covers:
1)Patron information,
2)circulation records,
3)Use of Internet including: email, searching sites, Internet logs, history files, sign-up sheets
Can only be released by COURT ORDER
Ex. Law officer asks what student reading/viewing, cannot tell w/out court order WI law: may not even inform parent
19. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
19 Privacy in Schools: Issue #6�Privacy and Security of Electronic Student Records Student management systems allow access to records via LAN and WAN
Include directory, attendance, grade, disciplinary, and other records
Levels of security for data
Confidentiality and privacy policies
LAN/WAN network security procedures
Teacher access
Parents access child’s records via Web
Grades, attendance, discipline, and health records Many districts implementing Student management systems with records accessible via LAN, WAN
Milwaukee SD implementing new system management system which
includes directory, attendance, grade, disciplinary, & other records
State & federal laws for privacy & confidentiality must be observed need Therefore, need levels of security for data
Requires Confidentiality policies similar to students records in paper format
Usual LAN/WAN network security
Teachers access system by login/password IF have student in class
In Mankato MN
Parents can access child’s records via Web
Grades, attendance, discipline, & health records
Security includes:
parents required to come to school to pick up username & password
Have firewall in place to protect server.
Milwaukee also gives parents Web access to grades, attendance, discipline & health records
Many districts implementing Student management systems with records accessible via LAN, WAN
Milwaukee SD implementing new system management system which
includes directory, attendance, grade, disciplinary, & other records
State & federal laws for privacy & confidentiality must be observed need Therefore, need levels of security for data
Requires Confidentiality policies similar to students records in paper format
Usual LAN/WAN network security
Teachers access system by login/password IF have student in class
In Mankato MN
Parents can access child’s records via Web
Grades, attendance, discipline, & health records
Security includes:
parents required to come to school to pick up username & password
Have firewall in place to protect server.
Milwaukee also gives parents Web access to grades, attendance, discipline & health records
20. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
20 Privacy in Schools: Issue #7�Conducting Market Research on Students Companies have offered districts incentives for info on student use of the Internet
Equipment, email accounts, host Website
Student Privacy Protection Act (Dec. 2001)
Requires schools to develop and adopt policies
Collection, disclosure, or use of personal information collected from students for the purpose of marketing or selling
#Issue 6: co’s doing market research on st use of Internet for commercial reasons w/out parental permission
Prior to Dec. 2001, No law forbid the gathering of info from sts in schools without parental approval
As an inducement to school districts, companies offered free email accounts, would host web sites, offer content to teachers
Co’s very loose privacy policies - & shared info w/ third parties
IN 2001, Student Privacy Protection Act , signed into law .
Requires schools to develop & adopt policies covering:
* collection, disclosure, or use of personal information collected from students for the purpose of marketing or selling.
*give parents an opportunity to opt out of having children surveyed
*must provide notice annually
*must provide dates when such activities are scheduled.
#Issue 6: co’s doing market research on st use of Internet for commercial reasons w/out parental permission
Prior to Dec. 2001, No law forbid the gathering of info from sts in schools without parental approval
As an inducement to school districts, companies offered free email accounts, would host web sites, offer content to teachers
Co’s very loose privacy policies - & shared info w/ third parties
IN 2001, Student Privacy Protection Act , signed into law .
Requires schools to develop & adopt policies covering:
* collection, disclosure, or use of personal information collected from students for the purpose of marketing or selling.
*give parents an opportunity to opt out of having children surveyed
*must provide notice annually
*must provide dates when such activities are scheduled.
21. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
21 Privacy in Schools: Issue #8�Students Providing PII About Themselves Students have little concept of privacy
Annenberg “The Internet and the Family 2000” study
Teenagers more likely to give information
Teach “Stranger danger” online and off
Wisconsin Rapids (WI) School District AUP
No PII transmitted from district computers Issue 8: students providing personal info about themselves.
Anyone who watches teenagers on the Internet,
knows they are not conscious of giving personal info
COPPA protects children under 13, but there is no protection for teenagers.
Annenberg “Internet & the Family 2000” study found
Teenagers more likely to give info about themselves, families, & schools
than younger children.
Example: Megan Schultz & health site
We need teach kids about “stranger danger” AND privacy
Easier to teach younger children
Tough w/teenagers- feel invulnerable
Ex. Sara, senior corresponding w/student from Waupaca HS
*WI Rapids S.D.:. related to privacy: Sts may not provide PII while on district computer.
Issue 8: students providing personal info about themselves.
Anyone who watches teenagers on the Internet,
knows they are not conscious of giving personal info
COPPA protects children under 13, but there is no protection for teenagers.
Annenberg “Internet & the Family 2000” study found
Teenagers more likely to give info about themselves, families, & schools
than younger children.
Example: Megan Schultz & health site
We need teach kids about “stranger danger” AND privacy
Easier to teach younger children
Tough w/teenagers- feel invulnerable
Ex. Sara, senior corresponding w/student from Waupaca HS
*WI Rapids S.D.:. related to privacy: Sts may not provide PII while on district computer.
22. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
22 Privacy in Schools: Issue #9�Access to Student Information by Military Recruiters NCLB Act 2001 requirement
H.S.’s must supply military recruiters with students’ names, addresses, and phone numbers (including unlisted #’s)
District policies keep student information confidential under Family Educational Rights and Privacy Act (1974)
Oct. 2002 letter sent to districts by federal officials
Parents can “opt out” Issue 9: NCLB legislation passed in 2001 includes requirement for HS’s to provide names, addresses, and phone numbers [including unlisted numbers] of students to military recruiters.
District policies generally held this information confidential since Family Education Rights and Privacy Act {FERPA] passed 1974.
NCLB legislation modified the Family Education Rights & Privacy Act.
Oct.9, 2002, letter sent to districts by Education Secretary Rod Paige & Defense Secretary Donald Rumsfeld reminding them of this law.
Failure to comply could mean loss of all federal funding to district.
Schools must “notify parents annually of the option to make a request [to opt out], and honor such requests if they are made.”Issue 9: NCLB legislation passed in 2001 includes requirement for HS’s to provide names, addresses, and phone numbers [including unlisted numbers] of students to military recruiters.
District policies generally held this information confidential since Family Education Rights and Privacy Act {FERPA] passed 1974.
NCLB legislation modified the Family Education Rights & Privacy Act.
Oct.9, 2002, letter sent to districts by Education Secretary Rod Paige & Defense Secretary Donald Rumsfeld reminding them of this law.
Failure to comply could mean loss of all federal funding to district.
Schools must “notify parents annually of the option to make a request [to opt out], and honor such requests if they are made.”
23. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
23 Privacy in Schools: Issue #10�Internet Use Logs as Public Record 2 legal battles over whether Internet logs are public records and available
1998: Utah Supreme Court granted right to review logs of Utah Educational Network
2000: New Hampshire judge ruled Internet history logs of 2 school districts are public records and may be reviewed
Student PII must be removed first
Person requesting logs bears the cost for removal
WiscNet’s policy 2 legal battles since 1998 over whether Internet logs are public records &
therefore, available for review.
1) 1998, Utah Supreme Court granted Michael Sims,
co-founder of Censorship Project,
right to review the cache of the Utah Educational Network, statewide school computer network of 40 school districts & several public lib. systems.
Sims wanted to view the log to determine
the types of Web sites blocked by the network’s blocking software.
UEN could not produce logs from 87-98 school year
because UEN overwrites its caches after 31 days.
2) Parent in Exeter, NH requested schools’ Internet logs to learn whether students were accessing objectionable sites or porn despite faculty supervision.
Instead of filtering, districts had opted for supervision by staff.
Judge ruled that Internet history logs are public records & can be requested for viewing.
Districts arguied the privacy of students must be protected against disclosure or pii.
Judge ruled all pii must be removed & person requesting logs bears the cost.
Wiscnet’s policy-Logs Can be requested by district, others need court order.
2 legal battles since 1998 over whether Internet logs are public records &
therefore, available for review.
1) 1998, Utah Supreme Court granted Michael Sims,
co-founder of Censorship Project,
right to review the cache of the Utah Educational Network, statewide school computer network of 40 school districts & several public lib. systems.
Sims wanted to view the log to determine
the types of Web sites blocked by the network’s blocking software.
UEN could not produce logs from 87-98 school year
because UEN overwrites its caches after 31 days.
2) Parent in Exeter, NH requested schools’ Internet logs to learn whether students were accessing objectionable sites or porn despite faculty supervision.
Instead of filtering, districts had opted for supervision by staff.
Judge ruled that Internet history logs are public records & can be requested for viewing.
Districts arguied the privacy of students must be protected against disclosure or pii.
Judge ruled all pii must be removed & person requesting logs bears the cost.
Wiscnet’s policy-Logs Can be requested by district, others need court order.
24. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
24 Privacy in Schools: Issue #11�Use of Email to Conduct School Business Monitoring of employees
63% monitor email and Internet use
Personal email and recreational surfing cost money
Employers have the right to monitor without informing employees
Court cases
“No legal or factual basis for extending right of privacy to cover business-related communications.”
Employers should establish use policy
Reasonable use vs. abuse Employees are concerned about employers monitoring their email & I. use
According to study by Am. Management Assoc
63% employers review employee email& monitor Internet use.
Labor Dept. estimates personal email & recreational web surfing cost co’s est. $3 million per year in lost productivity per 1,000 employees.
Employees have the right to monitor email & Internet use without informing employees
In Court decisions re: privacy of email in the workplace
Courts have ruled in favor of employers [READ OFF SCREEN]
Inappropriate use may result in Job loss
10% know someone fired,
NY Times fired 23 employees for emailing distasteful jokes.
Employers need written policies on purpose of email & guidelines for use
RSD: Staff use: to conduct district bus. & communication w/colleagues. Guidelines are provided in policy materials for use.
Comes down to: Reasonable use vs. abuse (staff writing to child in college)Employees are concerned about employers monitoring their email & I. use
According to study by Am. Management Assoc
63% employers review employee email& monitor Internet use.
Labor Dept. estimates personal email & recreational web surfing cost co’s est. $3 million per year in lost productivity per 1,000 employees.
Employees have the right to monitor email & Internet use without informing employees
In Court decisions re: privacy of email in the workplace
Courts have ruled in favor of employers [READ OFF SCREEN]
Inappropriate use may result in Job loss
10% know someone fired,
NY Times fired 23 employees for emailing distasteful jokes.
Employers need written policies on purpose of email & guidelines for use
RSD: Staff use: to conduct district bus. & communication w/colleagues. Guidelines are provided in policy materials for use.
Comes down to: Reasonable use vs. abuse (staff writing to child in college)
25. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
25 Privacy in Schools: Issue #11�Use of Email to Conduct School Business Email communication by administration and school boards
email issues discussion may violate open �records and open meetings laws
Archiving district email
Content, not format, determines if documents�require archiving and length of time
Madison (WI) School District case 2001
Oshkosh (WI) School District case 2002 ISSUE 11: Email communication Bd. & district admin.
Warning by Nat. School Bds Assoc warning: email communication among public officials can become public under open records laws
There is a danger of violating open records & open meetings laws by debating issues via email instead of open public meeting
Several incidents led to discussion of archiving email
CONTENT NOT FORMAT determines what docs must be kept & for how long
Madison WI case
district eliminated thousands emails relating public opposition to Bd. Voting to not say pledge of allegiance in schools- part of new state law
district cited by Attorney Gen.- determined no malice involved
11-02 Oshkosh S.D. Board bd. Deleted personal email messages from constituents on district consolidation plans,
Attorney Gen. ruled deletions violated open-records laws, system now in place to store messages re: district affairs
Remember, it is the content, not the format which determines archiving.
ISSUE 11: Email communication Bd. & district admin.
Warning by Nat. School Bds Assoc warning: email communication among public officials can become public under open records laws
There is a danger of violating open records & open meetings laws by debating issues via email instead of open public meeting
Several incidents led to discussion of archiving email
CONTENT NOT FORMAT determines what docs must be kept & for how long
Madison WI case
district eliminated thousands emails relating public opposition to Bd. Voting to not say pledge of allegiance in schools- part of new state law
district cited by Attorney Gen.- determined no malice involved
11-02 Oshkosh S.D. Board bd. Deleted personal email messages from constituents on district consolidation plans,
Attorney Gen. ruled deletions violated open-records laws, system now in place to store messages re: district affairs
Remember, it is the content, not the format which determines archiving.
26. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
26 Privacy in Schools: Issue #12�Use of Surveillance Cameras Dept. of Justice “Safe Schools Manual”
Allows use of “surveillance technology to protect health, welfare, and safety of students and staff”
Generally in places students and staff lack reasonable expectation of privacy
Hallways, cafeteria, stairways, parking lot, entrances
School libraries and computer labs
Installed to prevent vandalism, enforce school rules, provide security
Notification of public
Signs on doors, notice in district newsletter, letters to parents, highlighted in orientation meetings
27. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
27 Actions Schools Can Take Add privacy language to Internet AUP
Add privacy statement to district Website
Review how Internet logs are archived
Maintain minimal library records
Provide staff training on privacy issues
Teach students about privacy issues
Students should know their rights
They should learn to protect their own privacy
Inform parents of district policies related to privacy There are 5 steps schools can take to protect student & staff privacy online:
1) Add privacy language to Internet use policy regardless of N-CIPA:
*Montello S.D. Internet Guidelines:
When communicating with others, keep in mind: *cannot see them, cannot tell how old they are, or even what sex
They can tell you anything & you cannot be sure it is the truth
Privacy is not guaranteed in a network environment
Think carefully about what you say and how you say it.
Exercise caution: do not give out home phone number of personal info.
Do not make arrangements to meet others only know through the Internet.
2) Address privacy on district’s website by adding privacy statement
3) Inservice All staff on protecting PERSONAL & STUDENT privacy
Everyone needs to have a basic understanding of privacy concerns
Address need for some email archiving with staff
4) Teach students about privacy issues
Sts. Should know their rights &
Begin young to make privacy a habit.
5) Inform parents of policies related to privacy
There are 5 steps schools can take to protect student & staff privacy online:
1) Add privacy language to Internet use policy regardless of N-CIPA:
*Montello S.D. Internet Guidelines:
When communicating with others, keep in mind: *cannot see them, cannot tell how old they are, or even what sex
They can tell you anything & you cannot be sure it is the truth
Privacy is not guaranteed in a network environment
Think carefully about what you say and how you say it.
Exercise caution: do not give out home phone number of personal info.
Do not make arrangements to meet others only know through the Internet.
2) Address privacy on district’s website by adding privacy statement
3) Inservice All staff on protecting PERSONAL & STUDENT privacy
Everyone needs to have a basic understanding of privacy concerns
Address need for some email archiving with staff
4) Teach students about privacy issues
Sts. Should know their rights &
Begin young to make privacy a habit.
5) Inform parents of policies related to privacy
28. Privacy in the 21st Century: �Issues for Schools &� Libraries Helen Adams
hadams@coredcs.com
Rosholt School District
WEMA Program Summary: Historically, patron privacy and confidentiality of library records have been core values of librarianship. However, contemporary phenomena such as the Internet, emerging technologies, and the events of Sept. 11, 2001 have changed personal and institutional privacy forever. How will the converging forces affect privacy in schools and libraries? With hot button privacy issues mounting daily, learn the facts behind the headlines to protect your privacy and that of your students. Mardi GrasWEMA Program Summary: Historically, patron privacy and confidentiality of library records have been core values of librarianship. However, contemporary phenomena such as the Internet, emerging technologies, and the events of Sept. 11, 2001 have changed personal and institutional privacy forever. How will the converging forces affect privacy in schools and libraries? With hot button privacy issues mounting daily, learn the facts behind the headlines to protect your privacy and that of your students. Mardi Gras
29. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
29
30. �Privacy — 2003 WEMA Conf.
(Adams, Bocher)
30
