We must work not only toward providing better security around student data but also toward educating students about the need to critically evaluate how their data is used and how to participate in shaping data privacy practices and policies. These policies and practices will affect them for the rest of their lives, as individuals with personal data and also as leaders with power over the personal data of others. Regulation is necessary, but education is the foundation that enables society to recognize when its members’ changing needs require a corresponding evolution in its regulations. And for those of us in academia, unlike those in industry, education is our work.
We don’t want to understate the important changes that have occurred in regulations and policies. In the last two years, US higher education institutions have increasingly begun hiring chief privacy officers, a relatively new role.4 Google updated its student privacy policies after the Electronic Frontier Foundation filed an FTC complaint about its practices in December 2015 And there is broad recognition that new laws must be passed to account for the changing landscape, with 41 states passing more than 126 laws related to K-12 and higher education student privacy in the last six years. Given these signs of progress, some might think we can just hold our breath until law and common sense sort out our data privacy woes in their own due time. These are promising moves toward creating regulation and policy that may better protect student data at a structural level. Nonetheless, we believe that they are insufficient on their own and that education is needed in addition to these efforts.
“Education Before Regulation: Empowering Students to Question Their Data Privacy”
Filed by October 15, 2019on