LM Feb.2021_lo

LegalCorner

Changes to Student Online Personal Protection Act

Chad Watkins IASA Associate Director/General Counsel

To help school leaders navigate these uncertain times, IASA has partnered with leading law firms throughout Illinois to provide districts with critical guidance during the 2020–21 school year. In every issue of Leadership Matters, the IASA Legal Corner will showcase an article, sometimes several articles, written by attorneys who specialize in legal matters related to education. We have also begun a monthly legal issues podcast to discuss some of your most vital concerns.

It is our hope you find the content insightful, timely and helpful in addressing the critical matters you face. This month, Hauser, Izzo, Petrarca, Gleason & Stillman, LLC writes about the Student Online Personal Protection Act amendments. The author is attorney Courtney Stillman. As a reminder, the articles are provided for informational purposes only, and you are advised to contact your district counsel for legal advice. Click on the link below to access the article.

Student Online Personal Protection Act Amendments Security and Transparency Requirements Effective July 1, 2021

• created by or provided to an Operator by the school for school purposes (e.g., student behavior data in classroom app; student IEP); or • gathered by an Operator through operation of its site, service, or app, that personally identifies a student (e.g. student username/password; test results; grades; health records, etc.). An “Operator” is a provider of an internet website, online service, online application, or mobile application which has actual knowledge that the service or app is used primarily for K-12 school purposes and which has designed and marketed the service or app for these purposes. A “Breach” is the unauthorized acquisition of computerized data that compromises the security, confidentiality... continue reading

Effective July 1, 2021, amendments to the Student Online Personal Protection Act (“SOPPA”) require public school districts to enter agreements with online operators, make certain disclosures, and adopt policies and procedures to secure student data. The amendments also give parents rights to request copies, correction, and deletion of student information. The purpose of the Act is to protect student data collected by educational technology companies. Basic Terminology “Covered information” is personally identifiable information, or material or information linked thereto, in any media or format that is not publicly available, including information: • created by or provided to an Operator by a student or the student’s parent for school purposes (e.g., schoolwork uploaded on app by student);

25 LM February 2021