Legislation called “The Student Right to Know Before You Go Act” has been introduced in both houses of Congress. Nice name, no? Don’t you think you should have “the right to know before you go” to a college or university?
What it really means is that the federal government will:
authorize the creation of a federal database of all college students, complete with their personally identifiable information, tracking them through college and into the workforce, including their earnings, Social Security numbers, and more. The ostensible purpose of the bill? To provide better consumer information to parents and students so they can make “smart higher education investments.”
Big Data, the answer to all problems. All you need do is surrender your privacy and become someone’s data point, perhaps the point of sales.
Barmak Nassirian, writing on the blog of Studentprivacymatters, warns about the dangers this legislation poses. He wrote originally in response to an article endorsing the legislation by researchers at the conservative American Enterprise Institute, who viewed the invasion of personal privacy as less significant than the need for consumer information about one’s choice of a college or university:
First, let’s be clear that the data in question would be personally identifiable information of every student (regardless of whether they seek or obtain any benefits from the government), that these data would be collected without the individual’s consent or knowledge, that each individual’s educational data would be linked to income data collected for unrelated purposes, and that the highly personal information residing for the first time in the same data-system would be tracked and updated over time.
Second, the open-ended justification for the collection and maintenance of the data (“better consumer information”) strongly suggests that the data systems in question would have very long, if not permanent, record-retention policies. They, in other words, would effectively become life-long dossiers on individuals.
Third, the amorphous rationale for matching collegiate and employment data would predictably spread and justify the concatenation of other “related” data into individuals’ longitudinal records. The giant sucking sound we would hear could be the sound of personally identifiable data from individuals’ K12, juvenile justice, military service, incarceration, and health records being pulled into their national dossiers.
Fourth, the lack of explicit intentionality as to the compelling governmental interest that would justify such a surveillance system is an open invitation for mission creep. The availability of a dataset as rich as even the most basic version of the system in question would quickly turn it into the go-to data mart for other federal and state agencies, and result in currently unthinkable uses that would never have been authorized if proposed as allowable disclosures in the first place.
This is a bill that conservatives and liberals should be fighting against. Imagine if such a data-set existed; how long would it be before the data were hacked, for fun and profit, exposing personally identifiable information about students who had never given their consent? Didn’t the government recently become aware of a massive hack of its personnel records?
According to the New York Times:
For more than five years, American intelligence agencies followed several groups of Chinese hackers who were systematically draining information from defense contractors, energy firms and electronics makers, their targets shifting to fit Beijing’s latest economic priorities.
But last summer, officials lost the trail as some of the hackers changed focus again, burrowing deep into United States government computer systems that contain vast troves of personnel data, according to American officials briefed on a federal investigation into the attack and private security experts.
Undetected for nearly a year, the Chinese intruders executed a sophisticated attack that gave them “administrator privileges” into the computer networks at the Office of Personnel Management, mimicking the credentials of people who run the agency’s systems, two senior administration officials said. The hackers began siphoning out a rush of data after constructing what amounted to an electronic pipeline that led back to China, investigators told Congress last week in classified briefings.
How long will a treasure trove of personally identifiable student data remain confidential?
If this bill passes, farewell to privacy.