萝卜AV视频

Today鈥檚 guest blog post comes from Amelia Vance, founder and president of Public Interest Privacy Consulting, LLC. In that role she also staffs the 萝卜AV视频Student & Child Privacy Center.

The 2025 school year has brought with it a dynamic and increasingly complex environment for student data privacy. From the intricacies of new and updated legislation to the ever-present threats of cybersecurity incidents, district leaders face significant responsibilities in safeguarding the sensitive information of their students. Recognizing these growing challenges, AASA鈥檚 Student and Child Privacy Center (SCPC), in partnership with the Public Interest Privacy Center (PIPC), has been working diligently to provide superintendents and school administrators with the timely resources, expert analysis, and practical guidance needed to navigate this critical terrain.

Our commitment at SCPC is not merely to report on developments, but to actively analyze their implications for your districts and offer actionable insights to ensure compliance and foster a culture of privacy protection. Over the past few months, our work has focused on dissecting key legislative updates, contextualizing federal enforcement actions, and convening thought leaders to address the multifaceted challenges of student privacy in the digital age.

One significant area of our recent work involves the re-introduction of the Kids Online Safety Act (KOSA). As detailed in our May 6 blog, 鈥�KOSA is Back 鈥� With an Education Provision!鈥�, we have closely followed the progress of this crucial legislation. This updated version of KOSA, reintroduced by Senators Blackburn and Blumenthal, now explicitly includes an education provision 鈥� a direct result of advocacy efforts to ensure that schools operating under privacy-protective contracts with edtech vendors can continue to effectively utilize technology with appropriate safeguards and parental tools managed at the school level. This provision addresses previous concerns about potential parental overrides of school-negotiated privacy settings or the deletion of essential student accounts. Our analysis, provided in the linked blog post, offers superintendents a clear understanding of how this legislation may impact edtech implementation and underscores the importance of incorporating education-specific language into broader child privacy and online safety bills.

Beyond legislative analysis, SCPC, with the support of PIPC, has been actively monitoring and contextualizing federal enforcement activities related to the Family Educational Rights and Privacy Act (FERPA). In the May 7 blog post, 鈥溾��, we provided high-level takeaways from recent communications by Secretary McMahon and the Student Privacy Policy Office. This included insights gleaned from their letters emphasizing legal obligations under FERPA and the Protection of Pupil Rights Amendment (PPRA), as well as from the Department鈥檚 updated Annual Notices to Local Educational Agencies (LEAs) and State Educational Agencies (SEAs). This resource helps district leaders understand the Department鈥檚 current focus on parental rights and FERPA enforcement. You can find further updates on FERPA in our recent blog post 鈥�FERPA Update鈥�.

Our April 17 blog, 鈥溾��, provided detailed information about the statewide FERPA investigations initiated in California and Maine. Importantly, this resource also offered a valuable overview of the FERPA enforcement process, including a newly developed infographic to illustrate the investigation lifecycle. This equips superintendents with essential knowledge to understand the scope and process of these investigations.

The beginning of 2025 also saw significant developments regarding the Children's Online Privacy Protection Act (COPPA). Our blog post, 鈥� New COPPA Update: A Setback for Schools and Student Privacy?鈥� (released January 17th), offered a critical analysis of the Federal Trade Commission's (FTC) updated COPPA Rule. This analysis highlighted the education community's disappointment with the removal of crucial sections that would have clarified how schools can consent to technology use on behalf of parents. Despite this setback, the blog also clarified the continued authority schools maintain under existing guidance and outlined the new transparency and security requirements for technology providers. To further unpack these complex changes, SCPC co-hosted a webinar on January 21st, 鈥�" This expert-led session provided practical guidance for companies on complying with the updated rule and addressed key questions for school leaders. The recording of this valuable webinar is available for you to review.

In addition to legislative and regulatory analysis, SCPC recognizes the need to address fundamental gaps in existing privacy law. Our January 28th resource, 鈥溾��, tackles the challenge posed by the increasing reliance on technologies that collect a wide range of student digital activity, often revealing incredibly sensitive information. This resource advocates for a modernization of FERPA, urging for the elimination of the outdated concept of "education records" in favor of a broader definition encompassing all student Personally Identifiable Information (PII) readily accessible to schools, regardless of its origin. This crucial update would ensure that data collected by edtech platforms is clearly protected under FERPA.

Furthermore, SCPC actively engages in convening experts and fostering dialogue on critical student privacy issues. On February 6-7th, in partnership with visiting scholar Rihoko Kawai from Toyo University and GW Law School, we proudly co-sponsored the impactful conference 鈥溾�� and a pre-conference workshop, 鈥�,鈥� at George Washington University in Washington, DC. This significant event brought together leading experts, including AASA鈥檚 Noelle Ellerson Ng, to discuss emerging global frameworks for safeguarding child and student privacy and safety online. Attendees gained practical strategies for implementing parental consent, learned about innovative legal frameworks from around the world, and connected with leading professionals in the field.

Finally, recognizing the immediate challenges posed by cybersecurity threats, SCPC responded swiftly to the significant PowerSchool data breach by joining a webinar on January 15th, 鈥溾�� This crucial session brought together cybersecurity and data privacy experts, including representation from SCPC, to discuss the incident's impact and provide actionable steps for schools to enhance their cybersecurity posture and protect sensitive student and staff information. The recording of this vital webinar is available through the provided link.

These highlights represent the dedicated work that AASA鈥檚 Student and Child Privacy Center, in partnership with PIPC, has undertaken in recent months to empower superintendents and district leaders with the knowledge and resources necessary to navigate the complex and evolving landscape of student privacy. We remain committed to providing timely analysis, practical guidance, and fostering critical conversations to ensure the safety and privacy of our students.

For access to our comprehensive library of resources, including materials from previous years, please visit 萝卜AV视频Student and Child Privacy Center page. If you have specific questions about student privacy in your district, please do not hesitate to contact Noelle Ellerson Ng (nellerson@aasa.org) and Amelia Vance (amelia@pipc.tech).