Stanford’s privacy infrastructure well-adapted to U.S. Department of Education’s digital concerns

March 12, 2014, 8:25 a.m.

On Feb. 25, the U.S. Department of Education released a document providing guidance to educators at the K-12 and collegiate level about how to best protect student online privacy given the increase in the use of online educational services.

In a public letter, U.S. Secretary of Education Arne Duncan said that “as an education community, we have to do a far better job of helping teachers and administrators understand technology and data issues so that they appropriately protect privacy while ensuring teachers and students have access to effective and safe tools.”

The guidance highlighted parts of the Family Educational Rights and Privacy Act (FERPA) and the Protection of Pupil Rights Amendment (PPRA) related to online education. Both of these laws apply to K-12 schools as well as institutions of higher education, like Stanford.

While numerous suggestions were made to promote administrative compliance with privacy concerns, few of these changes will affect Stanford, which already has such structures in place, said David Behinfar, the University’s director of privacy.


Stanford’s response

The guidance is largely in response to a letter by Senator Edward Markey from October 2013 in which Markey expressed concern about how information is protected when using online resources.

Secretary Duncan agreed with Senator Markey’s concerns, highlighting the need to emphasize what constitutes privacy violations—particularly in K-12 institutions.

“As you note, the efficient collection, analysis, and storage of student information can help educators find better ways to educate students,” Duncan wrote in his letter to Senator Markey. “When outsourcing school functions, however, schools must ensure that vendors and service providers are properly protecting student information.”

The timing of this new concern, Behinfar believes, is related to the rapid increase in online education that is occurring today.

“Whereas many years ago, you would use a fax and phone machine, today it’s email and video conferencing,” he said. “I think education is following that same pattern because the youth of today is so used to having computers and texting and emailing that the options for online content, learning…[is] expected almost.”

The biggest challenge to privacy concerns in the digital age, Behinfar noted, is that often violations can go unnoticed by those who aren’t trained to see them. However, he believes Stanford has committed to addressing privacy concerns and foresees little institutional change for most elite universities, particularly ones that are financially stable at the moment.

“I understand it in respect to the K-12 aspect but for higher education, I think that this is something that has been in place by having these administrative resources so that that level of review isn’t being skipped or overlooked,” Behinfar said of the guidelines.

Due to a lack of resources that provide training for teachers about these laws or to handle legal complaints, K-12 schools or public universities with financial difficulties may not be able to keep up with the changing online landscape, Behinfar noted, unlike institutions like Stanford which handle privacy issues through multiple offices.

“We have a whole legal department, we have IT security department, we have a privacy office, we have a number of academic offices that have administrative responsibilities and a procurement office, which really all contribute to protecting privacy in important ways,” Behinfar said.


Registrar privacy concerns

Stanford, with CourseWork and the use of online transcripts, has led the way in terms of using online resources securely, but it also treats internal information with the same scrutiny.

Stephen Shirreffs, associate University registrar, explained that his department works closely with IT and legal departments to keep internal records on students protected.

“There’s four kinds of data: prohibited, restricted, confidential and public,” Shirreffs said. “So student records come under confidential and there’s a certain set of rules that apply to confidential data—we just follow them, strictly.”

“For our systems, we are first adopters of any security directives from the information security office,” Shirreffs added.

Beyond technical security, there is also a clear list of who can gain access to which types of files. Through this process, simple tasks by administrators like checking units for graduation can be done without additional review.

Shirreffs noted that he personally never has access to student records because his office is in charge of protecting and then sharing information with those with a “legitimate” need—most often administrators, though occasionally legal entities.

“There are authority structures in place for using the student information system which specify who can look at what records, and typically we are looking at administrators who are looking at data entries or making determinations about your academic progress, or your advisor,” Shirreffs explained. “So your advisor has a special authority to look into your information.”

Beyond holding academic information and enrollment data, the Registrar also actively collects—and then protects—information from students during the academic year. One such example is the annual student check-in, which must be completed during winter quarter in order to lift the class enrollment hold for spring quarter.

“Student check-in is an attempt by us to collect various information that we have an interest in having or that is federally mandated,” Shirreffs said. “All of that information is strictly private unless it is covered by directory information. For example, we collect ethnicity there for federal reporting purposes, but you’re also allowed to decline to state.”

Some information on students, however, is automatically public. This is called directory information and includes the student’s name, email address and information on the student’s academic association with Stanford, including degrees earned, field of study and student theses.

All information except for name can be removed from the website through a student’s request. To remove one’s name, one must undergo a total FERPA block, which is rare.

“A total FERPA block means we couldn’t even admit that you attended this University,” Shirreffs explained, noting that there have been cases, but that they are rare and require an application and a discussion with the Registrar’s office.

While the Registrar focuses mostly on student data and secuirty, Behinfar noted that Stanford’s dedication to privacy extends beyond protecting students.

“It’s not just student data,” Behinfar said. “There’s several classes of information that have this heightened level of scrutiny and need for protections.”


Contact Alex Zivkovic at aleksa ‘at’ stanford ‘dot’ edu.

Alex Zivkovic is a Desk Editor for the news section who likes to cover stories on academics and student activism on campus. Alex is a sophomore studying Comparative Studies in Race and Ethnicity with an interest in representation of gender in literature and visual art. He is from Irvine, California. To contact Alex, email him at aleksa ‘at’

Login or create an account