Since the issue of student data privacy is both important and complex, these organizations/initiatives have emerged within the industry to help other companies ensure users are protected. These organizations are:
- Future Privacy Forum
- The Software & Information Industry Association
- Access 4 Learning
- COPPA Safe Harbor Programs
- iKeepSafe
- Common Sense Media
These organizations help certify companies and products are following laws (e.g. FERPA, COPPA, SOPIPA, etc.). They also help to assure schools and parents that the software the students are using is compliant and safe.
Future Privacy Forum and The Software & Information Industry Association’s Student Privacy Pledge
The Student Privacy Pledge (the Pledge) is an initiative from the Future of Privacy Forum and The Software & Information Industry Association to promote the protection of personal student data. The Pledge is a document that outlines what its signatories can and cannot do. On its own, the Pledge is not a privacy policy and is not inclusive of all requirements that are needed to comply with federal and state laws. However, the Pledge does act as a legal document, as signatories who do not comply with the provisions of the Pledge could be sued by the Federal Trade Commission for making false and deceptive public claims about their products.
Access 4 Learning’s Student Data Privacy Consortium
The Student Data Privacy Consortium (SPDC) is an initiative of Access 4 Learning (A4L). The SPDC membership consists of school districts, non-profit organizations, and edtech companies from across the country. The goal of the consortium is to cultivate a community of stakeholders who work together to implement real-world solutions to enhance student privacy.
The SPDC has state alliances that draft student data privacy agreements that can be used by vendors and districts located in that state. These agreements are located in a public registry that can be used by vendors and districts alike to showcase their commitments and strategies to protect student privacy.
The consortium also works on the following ongoing projects:
- The Privacy Contract Framework - A process to streamline the development of privacy contracts through automated tools and the SDPC registry;
- Digital Tools Governance - A set of tools to help schools develop a framework for aligning their data privacy needs and goals; and
- The Global Education Privacy Standard (GEPS) - A standard to streamline how vendors and schools can make secure connections.
COPPA Safe Harbor Programs
The Children’s Online Privacy Protection Act (COPPA) prevents companies from collecting data from children under the age of 13 without verifiable parental consent. The law includes a provision that enables industry groups to submit self-regulatory rules that implement the protections listed under COPPA. Companies that join Safe Harbor Programs are directly regulated by those organizations rather than the FTC. The organizations are responsible for auditing, monitoring, and, when necessary, disciplining their members. The current COPPA Safe Harbor Programs include:
- Aristotle International Inc.
- Children’s Advertising Review Unit (CARU)
- Entertainment Software Rating Board (ESRB)
- iKeepSafe
- kidSAFE
- Privacy Vaults Online, Inc. (d/b/a PRIVO)
- TRUSTe
iKeepSafe
The Internet Keep Safe Coalition (iKeepSafe) is a non-profit organization that assesses and certifies if edtech products comply with federal and state child and student privacy laws. Vendors must contact iKeepSafe, to certify products that comply with a specific law, and performs an independent assessment of the product. If a product passes the assessment, then iKeepSafe grants the product a badge – proving that it complies with the law in question. iKeepSafe provides badges for four certifications:
- FERPA Certified - Certifies that the product can be used by schools to comply with FERPA;
- COPPA Safe Harbor - Ensures that the product meets the requirements of COPPA;
- California Student Privacy Certification (CPSC) - Certifies that the product is compliant with all federal and state laws in California, including SOPIPA; and
- ATLIS Privacy Certification for Independent Schools - A certification created through a partnership with the ATLIS (Association of Technology Leaders in Independent Schools) that builds upon FERPA regulations and assesses the data privacy compliance standards of ATLIS schools.
Common Sense Media’s Common Sense Privacy Program
The Common Sense Privacy Program is a program of Common Sense Media, a nonprofit organization that reviews different types of media for families, schools, and other advocates. The Common Sense Privacy Program evaluates the privacy policies of edtech vendors and the context in which they collect data. Vendors are free to use the evaluation checklist of the Common Sense Privacy Program to audit their privacy policies and to better communicate the data collected and why.
Read more about Edlink's Security and Privacy Practices
If you’re interested to learn more about Edlink’s Unified API, here’re other articles we’ve written.
- Edlink’s Security Center - Our Collection of Security Articles
- Edlink’s Privacy Center - Our Collection of Privacy Articles
- How does Edlink Handle Data Privacy and Security?
- How Edlink Handles School Data
- Does Edlink store PII?
Want to Learn More about Edlink?
If you're looking for a partner who can help guide you through developing LMS integrations (like these), then let’s introduce ourselves. We’re Edlink!
