Browsing articles in "Data Collection and Data Privacy"
Nov 13, 2017

The Foundations for Evidence-Based Policymaking Act Will Lead to a National Database



HR 4174/S 2046,[1] the Foundations for Evidence-Based Policymaking Act (FEPA), introduced by House Speaker Paul Ryan and Senator Patty Murray, is another federal bill that will increase 1) the non-consensual surveillance of free-born American citizens, and 2) the probability of a comprehensive national database on every American. This legislation responds to the report[2] by the Commission on Evidence-Based Policymaking (CEP),[3] an entity created by FEPA’s authors. The justification is to monitor the effectiveness of federal programs, but deep problems with the bill outweigh any possible benefits:

FEPA mandates that every federal agency create an “evidence building” (data-mining) plan that must include “a list of . . . questions for which the agency intends to develop evidence to support policymaking” and “a list of data the agency intends to collect, use, or acquire to facilitate the use of evidence in policymaking.” This would allow any bureaucrats to propose to collect any data on any citizen on any topic they want, to answer their desired policy questions. 

Each agency is also directed to create “…a list of any challenges” to this goal, including “any statutory or other restrictions to accessing relevant data.” This responds to CEP’s recommendation that “Congress and the President should consider repealing current bans and limiting future bans on the collection and use of data for evidence building.”  This recommendation presumably covers the student unit-record prohibition[4] and the prohibition[5] on creating a national K-12 student database.[6]

The Director of the Office of Management and Budget must then use all these evidence-building (data-mining) plans to develop “a unified evidence-building plan” for the entire federal government. Although the public must be “consulted,” and lip service is paid to issues of privacy and confidentiality of data, these are only items to be considered. There are no actual prohibitions or even limitations on proceeding with data collection, regardless of the sensitivity of the data.

The federal government is demonstrably incompetent at data security; moreover, the government routinely ignores the overwhelming data it already has that shows the ineffectiveness of many (most) federal programs.[7] There is no reason to believe an even more enormous trove of data can be secured, or that it will actually change government behavior in any meaningful way.

Most importantly, collecting and holding massive amounts of data about an individual has an intimidating effect on the individual—even if the data is never used. This fundamentally changes the relationship between the individual and government. Citizen direction of government cannot happen when government sits in a position of intimidation of the individual.[8]

A bill like FEPA would be expected from a totalitarian government.[9] Congress should solve the “program effectiveness” problem by returning to the Founders’ vision and drastically reducing government’s bloated size and scope. This solution would obviate the need for the Orwellian surveillance scheme initiated by FEPA.










Nov 13, 2017

The College Transparency Act Must Be Rejected



“Transparency” is the new excuse for creating Orwellian tracking and surveillance systems. The federal government first takes over a function for which it has no constitutional authority – such as student loans – and then claims it must gather almost unlimited data on the citizens affected by that program to see how it’s working. The College Transparency Act (CTA) operates in this mold and must be rejected.

CTA would overturn the Higher Education Act’s ban on a student unit-record system, establishing a federal data system containing personally identifiable information (PII) about behavior in postsecondary education (enrollment patterns, progression, completion), post-collegiate outcomes (employment and earnings), and financial aid. This means that simply by enrolling in higher education, a student would be submitting – without notice or consent – to lifetime government tracking of his or her college, career, and financial trajectory.

CTA would require sharing of private student data among multiple federal agencies, including the U.S. Department of Education’s Office of Federal Student Aid; the Departments of Treasury, Defense, and Veterans Affairs; the Social Security Administration; and the Census Bureau. (More may be added.) So an individual’s PII can be linked to his tax information, his military information, his Social Security records, and everything the Census knows about him. There are no limits on the purposes for which this data-matching can be used. The Administrative State will be able to compile a massive dossier on every American who enrolls in college.

Although collection of some sensitive data is currently prohibited, the Commissioner of Education Statistics is required to periodically review data elements and empowered to add more. Also, there is no specific prohibition against the collection of social emotional data.

This federal treasure trove of PII would be housed in a centralized database and routinely updated, throughout each subject’s life.

CTA violates many of the widely accepted Fair Information Practice Principles[1]: It takes data without subjects’ knowledge and consent; it contains no right to opt out, or to inspect or correct the data; it includes no mandate for data-minimization; and it has no limits on data-retention.

Although CTA requires that data given to researchers be de-identified, re-identification is far too simple when there are so many data points in the system.[2]

CTA mentions data security but requires no security audits, encryption, or protocols for detection and notification of breaches. And federal agencies have been notorious for data breaches.

CTA is unnecessary. Information about postsecondary outcomes can be compiled from student and alumni surveys,[3] and any legitimate institution of higher education is happy to share its statistics with the public.

[1] See

[2] See

[3] See

Nov 13, 2017

The Student Privacy Protection Act That Doesn’t Protect Student Privacy


The Student Privacy Protection Act (H.R. 3157 in the 114th Congress) (SPPA) is an attempt to update the 1974 Family Educational Rights and Privacy Act (FERPA) and to repair at least some of the damage caused by the 2012 regulatory changes[1] that gutted many of FERPA’s protections for personally identifiable information (PII), in flagrant disregard of congressional intent.[2] While SPPA contains some positive changes, such as removing the language allowing data for “predictive testing” and improving data-security requirements, many gaps and other issues remain:

SPPA does nothing to stop the invasive expansion of the scope of data collected on children, especially including social emotional learning (SEL) assessments and surveys that were greatly expanded under the Every Student Succeeds Act (ESSA). This is because SPPA allows nonconsensual data use for audits and evaluations of any federal, state or local education program, including those in ESSA.

Releasing PII without consent is an egregious violation of human research ethics.[3]

The list of exceptions to parental-consent requirements for researchers and government entities remains disturbingly large, with no good definition of “legitimate educational interest.” This allows anyone, including corporations and “volunteers” using those magic words, to gain access to the mother lode of student data without the inconvenience of obtaining parental consent.

SPPA grants no private right of action for students and families harmed by misconduct of researchers or corporations that misuse student data or are responsible for data breaches. Penalties for misconduct go to the federal government for “technical assistance” instead of to the aggrieved students and families whose privacy or lives can be and have been seriously harmed by this data free-for-all.[4]

Under the American system of limited government, student privacy and parental consent should always be considered pre-eminent over the research desires of the government or private sector, especially in the realm of psychological profiling.

The federal government should not be using any data — and especially SEL data — to “improve learning,” because the federal government has no constitutional authority whatsoever to be involved in education.

There is no need for continued data collection and invasion of privacy, because the research is already conclusive that federal education programs “protected” by FERPA are utterly ineffective. This is true of ESEA, Race to the Top/Common Core, Investing in Innovation, Head Start, and home visiting, to name just a few.[5] Federal involvement in education has been a disaster, and no amount of data will overcome institutional incompetence.



[3] – See page 4


[5] References for these claims are compiled at:

The National Pulse: DANGER! House GOP Leaders Prepare to Ram Through Privacy-Killing Bill

A Stern Warning from Dr. Karen Effrem:  We must ACT NOW!

Unless the public rises up, FEPA is about to be rammed through a House floor vote with little debate and no recorded vote this Wednesday — all orchestrated by Speaker Paul Ryan, the primary author of the House bill. Ryan’s maneuver is similar to his tactics with the 1,000-plus page conference report of the Every Student Succeeds Act, which was released to members only two days before the final vote.

DANGER: House GOP Leaders Prepare to Ram Through Privacy-Killing Bill