Student Privacy at the U.S. Department of Education
The U.S. Department of Education is committed to protecting student privacy. We administer and enforce student privacy laws such as the Family Educational Rights and Privacy Act (FERPA) and the Protection of Pupil Rights Amendment (PPRA). In addition, we provide technical assistance to help schools and school districts safeguard information about students.
Family Educational Rights and Privacy Act (FERPA)
FERPA is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds from the U.S. Department of Education. FERPA gives parents certain rights with respect to their children’s education records. These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level.
A Parent's Guide to FERPA | DOWNLOAD HERE
FERPA General Guidance for Students | DOWNLOAD HERE
Children’s Online Privacy Protection Act (COPPA)
The primary goal of COPPA is to place parents in control over what information is collected from their young children online. COPPA was designed to protect children under age 13 while accounting for the dynamic nature of the Internet. The Rule applies to operators of commercial websites and online services (including mobile apps) directed to children under 13 that collect, use, or disclose personal information from children, and operators of general audience websites or online services with actual knowledge that they are collecting, using, or disclosing personal information from children under 13. The Rule also applies to websites or online services that have actual knowledge that they are collecting personal information directly from users of another website or online service directed to children.
Connecticut Public Act No. 16-189
Public Act 16-189 “Sits on top of” (in addition to) FERPA law and is comprehensive in nature and incorporates several provisions to protect the privacy of student information, including:
- Restricting how student information may be used by entities that contract to provide educational software and electronic storage of student records and by operators of websites, online services, or mobile applications (i.e., apps).
- Clarifying that student data collected for school purposes is not owned by any of these third-party contractors.
- Requiring local boards of education to notify parents when they execute a new contract with a software, data storage, or internet service provider.
- Stipulating data security and privacy provisions that must figure in all contracts between local school districts and software, data storage, and internet service providers.
- Requiring school districts to withhold the release of student directory information if the local or regional board of education determines that a request for such information is not related to school purposes.