“Should a student be able to password-protect access to their device? Should the school be able to demand the access password on those devices? Tricky issues,” Willard wrote in a subsequent eMail message.
The Delaware law was “definitely” necessary, because collecting students’ personal social media information is a “particularly invasive” violation of privacy, said Khaliah Barnes, open government counsel for the Electronic Privacy Information Center (EPIC).
Barnes also noted a larger, hidden potential consequence: If students were to release private social networking information to schools, that information could spread quickly to the hands of many.
Under the Family Educational Rights and Privacy Act (FERPA), information gathered by schools receiving federal funding becomes an educational record. That record, in turn, may be released without the student’s consent to a wide net of eligible entities.
EPIC recently sued the federal Education Department for issuing new changes to FERPA that allow student records to be disclosed to a “really expansive list” of entities not directly represented by the education secretary, attorney general, or controller general.
DeStefano agreed that establishing appropriate guidelines for K-12 education, distinct from those of higher education, would require more research. For this bill, he said, there simply wasn’t time to make the necessary changes, because it was “getting late in the [legislative] session.”
Rep. Scott did not introduce the bill as a result of any specific events; “there is no indication that any schools were doing this,” DeStefano said.
Rather, he said, the bill was intended as a preemptive form of legal protection. With the rise of personal social media, many institutions have become interested in looking at the online presences of their members.
DeStefano said the bill was inspired in part by similar moves to put legal limits on employers looking to screen applicants or check on workers via social networking sites.
Delaware legislators considered but did not pass a companion bill, HB 308, which addressed online privacy at the workplace.
Data compiled by the National Conference of State Legislatures show that in May, Maryland enacted legislation that prohibits employers from requesting or requiring an employee or applicant to disclose personal social media login information, and in June, Illinois followed suit.
In the past year, 14 states have considered similar legislation that would restrict employers from requesting social networking account information from applicants, students, or employees.
At the national level, U.S. Reps. Eliot Engel, D-N.Y., and Jan Schakowsky, D-Ill., in late April introduced the Social Networking Online Protection Act (SNOPA).
- Defining high-quality microcredentials for higher ed - May 20, 2022
- Modern lab equipment is key to revolutionizing STEM learning - May 17, 2022
- Is unbundling the future of higher education? - May 16, 2022