CIPA

Childrens Internet Protection Act

Danielle Freitas-Carlin

What is it?

CIPA addresses concerns of children accessing obscene or

harmful content online.
Compliancy is required for schools to receive E-Rate
funding.
This video, Common Sense on E-rate and CIPA: Toolkit for S
District Administrators, provides an excellent overview.

CIPA was amended in 2008, with the intention of

protecting children in the 21st century.

CIPA

Why is it in place?

To ensure that Internet

access for minors, in
schools and libraries,
is filtered for their
safety.

The FCC designed CIPA as

a requirement for
schools to receive ERate funding.

C IPA - How can an organization be compliant?

To become or remain compliant, schools must:

Have an internet policy in place

Filter online content to prevent minors from accessing:

obscene content
content which could be harmful to minors
child, or any, pornography

Notify stakeholders through notice or public address

Monitor online activity of minors
Educate minors regarding:

Online behavior and its consequences

including social networking websites and chat rooms
cyberbullying

An example of compliancy
In order to be compliant with CIPA, receive E-Rate funding, and
uphold our schools pillar of Do No Harm, HSHMC has developed:

Staff and Student Education:

Digital Citizenship

Internet Privacy

Internet
Computer
Email

Network
Web Services

Protective measures, including:

Cyberbullying

We incorporate materials from Common Sense Media into our

curriculum, such as this video, Digital Footprint

A Technology Policy to address the use of:

Content filter
Firewall and networking rules
Desktop security policies

Need more information on CIPA?

Childrens Internet Protection Act, information

from the Federal Communications Commission (FCC)

Protecting Children in the 21st Century Act

Amendment, Small Entity Compliance Guide, from
the Federal Communications Commission (FCC)

FERPA

Family Education Rights and Privacy Act

Amanda Wallace

FERPA: What is it?

FERPA is a federal law, passed by Congress in 1974, that
requires educational institutions (schools that receive
funds under an applicable program of the U.S. Department of
Education)to:
Provide students access to their educational records
Allow students to correct inaccurate or misleading
information in these records
Limit the release of information to third parties

Why is FERPA in Place

Allows parents and students to

control disclosure, review,
challenge and request the
amending of misleading or
inaccurate information found in
a students education record.
An education record include:
Grades, Class lists,Student
class schedules, Disciplinary
records, Student financial
records, notes regarding a
student.

how can an organization stay compliant

Maintain clear policy regarding release
of records: Education records may be
disclosed only with the parent or student
(if over 18 and/or no longer a dependent)
prior written consent. The written consent
must:

Specify the records to be released

State the purpose of the disclosure

Identify
the
party(ies)
to
whom
disclosure may be made

Must be signed and dated by the

parent or non dependent student.
It is important to note schools may
disclose directory information without
written consent.
This may include:
student name in yearbook,honor roll, and
military recruiters. Parents must require
written notice to the school district to
request directory information to remain
private.

how can this process be improved

Though there are informational links

found on our district website and an
annual notification made to parents,
the specifics may be unclear to all
parents
and
students.A
clear
pictograph included in a student
enrollment packet, as well as student
trainings
connected
to
college
enrollment (when the students may
become the guardians of their own
records)
would
reinforce
the
importance of ensuring records are up
to date and secure.
Continually train all levels of staff
to ensure student records are secure
and disclosed only to those with a
legitimate educational reason or whom
the parent/student has given written
consent.
Review all third party agreements to
ensure
FERPA
is
addressed
and
followed.

Here!
US Department of
Education FERPA
Information

Or here!
National
Association of
Colleges and
Employers FERPA

How can I find more

ferpa facts?

This one is
great!
Department of
Education Office
of Educational
Technology

This is a great
example of an easy
to follow
pictograph!
Data Quality
Campaign

References:
Family Educational Rights and Privacy Act (FERPA). (n.d.). Retrieved February 25, 2016, from http://www2.ed.
gov/policy/gen/guid/fpco/ferpa/index.html
FERPA Primer: The Basics and Beyond. (n.d.). Retrieved February 26, 2016, from http://www.naceweb.org/public/ferpa0808.htm
FERPA Frequently Asked Questions (FAQ). (n.d.). Retrieved February 27, 2016, from https://www.registrar.psu.edu/confidentiality/FERPA_faq.
cfm#2
Making FERPA as Easy as Green, Yellow, or Red - Data Quality Campaign. (2014). Retrieved February 27, 2016, from http://dataqualitycampaign.
org/blog/2014/06/making-ferpa-as-easy-as-green-yellow-or-red/
Privacy | Office of Educational Technology. (n.d.). Retrieved February 27, 2016, from http://tech.ed.gov/privacy/
San diego County Office of education. Accessed February 27, 2016.http://www.sdcoe.net/jccs/Pages/Acceptable-Use-Policy.aspx.

COPPA

Childrens Online Privacy Protection Act

Kay Pham

COPPA - What is it?

Information found on the Federal Trade Commission

website: www.ftc.gov
Established 1998, US Code 6501-6505
Most recently updated 2013
Violation will result in legal & civil penalties
It is a rule that:imposes certain requirements on
operators of websites or online services directed to
children under 13 years of age, and on operators of other
websites or online services that have actual knowledge
that they are collecting personal information online from
a child under 13 years of age.

COPPA Why is it in place?

It allows parents to protect

their children under 13 from
having their personal
information collected
without consent
This includes: name,
address, username, online
contact, phone number,
photo, audio, video,
geolocation.

1. Determine if Your
Company is a Website
or Online Service
that Collects
Personal Information
from Kids Under 13.

2. Post a
Privacy
Policy that
Complies with
COPPA.

3. Notify Parents
Directly Before
Collecting Personal
Information from
Their Kids.

COPPA How can an

organization
become/stay
compliant?
The 6-Step Compliant Plan

4. Get Parents
Verifiable Consent
Before Collecting
Information from
Their Kids.

5. Honor Parents
Ongoing Rights
with Respect to
Information
Collected from
Their Kids.

6. Implement
Reasonable
Procedures to
Protect the
Security of
Kids Personal
Information.

Examples Of
Compliance:
SDUSD
San Diego
Unified School District

SDUSDs Administrative Procedures in Student Use of District

and School Data Communications Networks and the Internet
Safety Policy, shows how a school agency is compliant to COPPA:
1.

SDUSD has online networks used by students under the age of

13.

2.

Privacy Policy is mentioned in Student Internet Acceptable Use:

Network Rules and Etiquette
a.
b.

c.

...E- mail and web-based programs are not private and

are subject to review by district staff. People who
operate the system have access to all mail...
Maintain privacy. Do not reveal the personal address,
phone numbers, personal websites or images of yourself
or other persons. Before publishing a students
picture, first name, or work on the Internet, the
school must have on file a parent release authorizing
publication.
Cyberbullying is the use of any electronic
communication device to convey a message in any form
(text, image, audio, or video) that intimidates,
harasses, or is otherwise intended to harm, insult, or
humiliate another in a deliberate, repeated, or hostile
and unwanted manner. Staff and students will refrain
from using personal communication devices or district
property to cyber-bully one another.

Examples Of
Compliance:
SDUSD
San Diego
Unified School District

3.

Students and parents/guardians are given guidelines regarding

acceptable use of the internet and district networks called,
Network Use Guidelines

4.

SDUSD requires the school to have on file a parent/guardian

release form authorizing publication of a students picture, name,
or work on the internet.

5.

SDUSD considers any computer system a high priority and has a

Educational Technology Department, and a Information
Technology Department who manages the security & problems of
the districts network on a continuous basis

6.

...steps shall be taken to promote the safety and security of users

of the districts online computer network when using electronic
mail, chat rooms, instant messaging, and other forms of direct
electronic communications [including the prevention of]
Unauthorized disclosure, use and dissemination of personal
identification information regarding minors.

*Many of these regulations are compliant to CIPA, but have ultimately

fulfilled requirements for COPPA. There have been no evidence of legal
or civil actions against this school district in this regard thus far.

RESOURCES:
COPPA
https://www.youtube.com/watch?v=0kbqirhmKaA

Protecting Childrens Privacy

Under COPPA
https://www.youtube.com/watch?v=cODKB9fApXk

COPPA Defined
https://www.youtube.com/watch?v=E4u1aEDHmGQ

SOPIPA

Student online personal information protection act

Polly Macuga

What is SOPIPA?
CA Senate Bill 1177
It protects private and personally identifiable information
of minors by prohibiting its use for non-educational
purposes, as well as, the sale of data provided by minors to
third parties

Who does SOPIPA

apply to?
SOPIPA applies to any online
operators of educational
services who collect data
from K-12 students

What information is protected by SOPIPA?

SOPIPA protects any personally identifiable information or
materials in any media format that:

has been provided by a student or parent for school

purposes

has been provided by an agent school, district or county

office of education

has been gathered by your service and identifies a

student or is descriptive of a student

What does SOPIPA Prohibit?

Using the information in advertising

Targeted advertising elsewhere using information collected or

created;

Creating a profile using the student data that is not used for
educational purposes

Selling the information

Disclosing any collected or created information about a

student unless it is used to improve the students education

How can the Data be used?

Acceptable uses of student data
under SOPIPA are:

maintaining, developing, supporting, improving, and

diagnosing your services

legitimate research purposes

creating and then using de-identified data within your

services

sharing de-identified and aggregated student information for

the development and improvement of educational sites,
services, or applications;

adaptive learning or customized student learning purposes

marketing educational products directly to parents

References:
https://docs.google.com/document/d/1M0qmFTDBJhp_s0lZFghsbPgf-cA3xlpnIvsOrR1dp_8/edit
https://www.cooleygo.com/how-student-privacy-and-californias-sopipa-may-affect-you/
https://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=201320140SB1177