As technology becomes more central to student educational experience, the issue of protecting student personal data becomes more challenging. Over the last ten years, California has passed numerous laws protecting personal data, earning California a reputation for being one of, if not the, most prominent states guarding its citizens’ data privacy.
California’s Student Online Personal Information Protection Act (SOPIPA) in particular makes significant changes to the way personal information of students in grades K-12 can be collected, stored, and used. It attempts to balance the benefits of increased technology in education with concerns over abuse and misuse of personal information, say Michael O’Donnell and Matthew Siegel in a blog for the law firm Cozen O’Connor.
Websites, apps, and online services play a significant role in the modern classroom but many of these educational services require, or allow, for student grades, disciplinary history, and other personal information to be stored and analyzed by service providers.
SOPIPA protects student information in instances where providers seek to create new services and products that can be offered to K-12 students.
First, operators providing K-12 services may not compile, share, or disclose student information for any reason other than those related to K-12 purposes. Second operators may not use student information for targeted advertising or marketing to K-12 students, their parents, or their families.
Notably, the law does carve out an exception for service providers to store anonymous student data to be used solely for the development and maintenance of its own educational products.