Skip to Main Content
Security & Privacy

Breaking down the ACLU’s new 16-state privacy legislation blitz

February 8, 2016 Kevin Acocella

With the federal government stepping back in education, the ACLU is asking states to step up with new student data privacy bills. Read on for our state-by-state analysis.


As the ink dries on the newly ratified Every Student Succeeds Act (the 15-years-in-the-making update to No Child Left Behind) the 50 states are working through just how to tackle the educational responsibilities they’ve inherited since the Act lifted them from the hands of federal government.

In fact, the bill is the first to narrow the federal government’s role in elementary and secondary education since the 1980s, shifting federal accountability provisions to states. 

And now, the ACLU worked with 16 of those states (and DC) to be sure that states have solid protections in place for student data privacy in their schools. On January 20, the ACLU teamed with state congresses to introduce legislation that address issues such as requiring permission before student data is shared for non-educational purposes as well as employee data privacy, location tracking, and electronic communications.

Seven of those 16 states, as well as the District of Columbia, introduced bills specific to student data privacy. The bills fall into four main categories, and you can read more about them here at via the links below.

Here’s a rundown of where the seven states and D.C. stand:

  • Connecticut and Hawaii are all-in. These are the only two states to introduce to the floor the full slate of student data privacy bills in what is called the Omnibus bill. In Hawaii, it is Representative Matthew LoPresti who is carrying the torch. LoPresti explained: “Today, I stand with fellow legislators across the country to affirm our states’ and nation’s commitment to protecting Americans’ privacy. I am introducing common-sense measures to protect the privacy of students and employees in Hawai`i. Governments and businesses should work to protect individuals’ privacy, not violate it.”
  • Alaska, Missouri and North Carolina are keeping it social. These three have focused their efforts entirely on protecting the privacy of their  students’ personal online presence by prohibiting school officials and educators from demanding kids hand over their Facebook passwords, as well as those to other social media websites and apps.  In Alaska, it was Representative Andy Josephson to introduce the bill. “I think here in Alaska the idea that we should be able to control what we want to share and with whom we want to share it — and that it shouldn’t be open to all of our bosses and teachers and principals — resonates with the state,” he said to the Associated Press.
  • Washington DC got in on the social networking privacy party as well, but went further to introduce protections for the data that students are assigned for individual use by schools.
  • Alabama and Minnesota focus in on the SIS. Both of these states locked in on the heart of the student data infrastructure: the Student Information Systems that schools use to store their student roster information and other personally identifiable information. Minnesota is taking its protections a step further than Alabama, also introducing a bill to protect the privacy of students’ personal technology devices and the data within them. Washington DC introduced a similar personal tech bill as well.

Of course these are just the opening moves in each state’s legislative process. Interested readers can track the bills’ progress directly from ACLU’s TakeCTRL project page. We’ll keep an eye on it too.

More to read

Implementing school security tools with a team of one

January 22, 2024

Implementing school security tools with a team of one

Clever IDM revolutionizes school security by simplifying password management, reducing IT support tickets, and streamlining operations. This partnership empowers a K-12 leader in Wisconsin to efficiently implement changes, boost security, and confidently embrace broader technology initiatives.

K-12 Administrator guide to evaluating edtech vendor security

January 12, 2024

K-12 Administrator guide to evaluating edtech vendor security

Discover key steps to select edtech vendors with a cybersecurity focus, bolstering your school's protection of student data. 

Layered security and LMS interoperability advancements announced at Clever CIO event

November 29, 2023

Layered security and LMS interoperability advancements announced at Clever CIO event

Product updates to Clever to support K-12 education technology leaders in planning, budgeting, and making decisions about educational technology.

Subscribe to receive news and updates from Clever.

This field is for validation purposes and should be left unchanged.