Privacy Advocates Take Heed!

Recently I (as well as a dozen or so student and parent activists) testified at the June 18th Louisiana BESE meeting about our concerns related to the inBloom data sharing and selling project Superintendent John White secretly entered into on behalf of all Louisiana citizens. Our spot came up 4 hours late, and without an outcry from one of our tireless privacy advocates named Debbie Sachs would have been pushed back another 3 hours or postponed to another day (when most of us would not be able to be there.)

I believe Debbie and her group arrived at 8:30 and stayed until 5 or later for their chance to speak their 2 minutes and because they knew I had to leave to pick up my children they arranged so I could speak first so we all owe Debbie and her folks a debt of gratitude.

For a quick synopsis of this meeting you can review this article courtesy of the Associated Press. Although it really fails to convey the passion and concerns of the other children and parents who testified. While they did capture some of my points from the meeting. . .

Jason France is a former Department of Education employee who worked on data collection for the agency and a parent of public school children. He said the state’s contractual arrangement with inBloom runs through 2014 unless the department sends a certified letter ending it, and he said the deal contained no opt-out clause for parents.

“The contract is still in force and that data can be sent back at any time,” he told BESE members.

White said he’ll send the certified letter to inBloom, but he said he’s sent several letters already notifying the organization that Louisiana’s data-sharing had ended.

. . .due to time constraints and the meeting format I was not able to pose questions nor respond to all the answers given.  I could probably go on for days about why this is a foolish and dangerous enterprise, but I will stick to some of what I felt were more important points.  By all means I encourage you delve into the agreements appended to the end and make your own observations.  (My classes in contract law were several decades ago, but I did my best and I don’t charge as much as lawyers 🙂 )

In an earlier post I expressed the desire to finally see the MOU, or Memorandum of Understanding between the Louisiana Department of Education and inBloom which also apparently does business under a number of other names and with a number of different partners, including Ed-Fi, Wireless Generation, SLI (Shared Learning Infrastructure), and the Shared Learning Collaborative, LLC. It’s not clear why these folks have to use so many subcontractors and go by so many different names except to make data available to all these parties and to perhaps confuse anyone trying to investigate these folks. . . In the event of a massive release of protected information, how would anyone even begin to figure out who was responsible? Speaking of responsibility, this SLI/SLC/InBloom entity accepts none, nor do they back up Superintendent White assertions that inBloom is compliant with FERPA, the federal law defining student privacy rights.

11.2 Privacy and Security Limitations. Service Provider does not warrant or represent that by using the SLI Service, Customer will be in compliance with Data Privacy and Security Laws, FERPA or any other federal or state law or regulation. Service Provider does not warrant that its electronic files containing Customer Data are not susceptible to intrusion, attack, or computer virus infection,

Of course in the event of gross negligence, contract assertions that a service provider is not responsible are sometimes found to be unenforceable. In those cases plaintiffs can seek damages from insurance or assets of the company. InBloom is seeking not only student data from Louisiana, which numbers around 7 hundred thousand students, but students across the United States and perhaps the world. The current level of insurance they have promised to retain seems woefully inadequate:

13. Insurance. Service Provider, at Service Provider’s expense, will procure and maintain during the Initial Term, a minimum $2,500,000 per occurrence/$5,000,000 aggregate limit of Professional Liability, covering technology errors and omissions, privacy liability, network security and liability, and network extortion.

Recently another Service Provider named Living Social using the same cloud technology and same cloud vendor that inBloom is using (Amazon) was hacked and fifty million users accounts were stolen, or about 1/6th of the entire population of the United States or around 17 Louisiana’s.

 (At the BESE meeting I mistakenly quoted 500,000, which was off by a factor of 100. Oops. One of the benefits of blogging is the ability to research and revise your work.)

With a similar breach inBloom or SLC would only be able to compensate each student 10 cents before exhausting the insurance they have promised to carry. This would not exactly buy a lot of credit monitoring, let alone begin to compensate anyone except maybe a lawyer or two – obviously the 5 mill is the max before any legal fees were paid to bring such a class action suit. Boy, this makes me feel safer.  How ’bout you?

If this is such a safe technology why is this all the insurance they can afford? The amount of money insurance companies charge to insure an activity is often a pretty good indication of how risky “professionals” have determined that activity to be. Sheesh, I have almost that much insurance on myself and I’m not the healthiest or youngest person on the planet. Clearly we can take this as evidence that the “industry” sees this is a very risky endeavor that is very likely to result in claims being filed.

Where will you spend you 2/3 of 10 cents (after legal fees)?

I found this next section to be interesting as well. Apparently InBloom/SLC/SLI, whatever it calls itself today, can hand off this agreement to any other non-profit entity it wants to, without input from the State.

Isn’t it nice that our children and their data are simply a tradable, transferable commodity?

Non-profits can still be quite “profitable” for those who running them. They can simply pay themselves whatever salary they feel is appropriate.

14.1 Assignment, Successors. Service Provider may freely assign this Agreement, in whole, to a not-for-profit entity that expressly assumes the Service Provider’s rights and obligations hereunder arising after the date of assignment

We are allowed to peek behind the curtain, every 6 months, so long as we foot the entire bill. Since John White has laid off most of DOE’s IT staff I wonder who he will subcontract that work out to, or if he will even bother? It’s not like he’s worried too much about such things in the past I suppose since previous audits of his lack of audits by legislative auditor Daryl Pupera clearly indicate as much.

14.2 Audit.

(a) Customer shall have the right, at Customer’s expense, to conduct independent code and network security reviews following each major release (i.e., Alpha Release, Release 1.0, etc.), and no more than once every six (6) months thereafter, upon reasonable notice to Service Provider and at reasonable times. Notwithstanding the foregoing, if Customer has reasonable cause to believe Service Provider is not in compliance with this Agreement, Customer may perform an independent code and network security review up to once every three (3) months.

Did you think your data was only going to be available to the half dozen initial vendors plus all the third party vendors inBloom expects “Customers” to subcontract with? Guess what, they can subcontract with anyone they choose for anything they choose, as much as they choose.

At the State we limited who had access to student data to direct staff, and only those that had a need. How will these guys keep track of all the folks that will have access to student data through all the complex vendor relationships they plan to engage? When recording studios can’t keep bootleg copies of music CDs hitting the internet before official release dates, and can’t track down pre-releasers, how can we really expect to keep our data safe once so many vendors and eyes have access to it?

14.3 Subcontracting. Service Provider may freely subcontract its duties and obligations under this Agreement. In the event that Service Provider subcontracts any of its duties and obligations, Service Provider agrees that: (i) the third party contractor shall execute an agreement regarding confidentiality consistent with the terms of this Agreement to the extent that such third party contractor has access to Confidential information of Customer and an agreement relating to any other obligations of such contractor as required to comply with Data Privacy and Security Laws, the Data Privacy and Security Policy and FERPA, and (ii) any such permitted subcontracting shall not release Service Provider from any of its obligations under this Agreement.

So just how long is this agreement and how binding?

8. Term and Termination.

8.1 Term. This Agreement will be effective for a term ending on December 31, 2014 (“Initial Term”). The parties may mutually agree to extend the term of this Agreement with such amendments to this Agreement as are appropriate and mutually agreed to for making available the SLI Service after the Initial Term.

This contract is in place until at least 12/31/14, but unless inBloom violated some of the contractual provisions it takes 90 days to cancel this contract, but only with written notice.

8.2 Termination.

(a) Each party will have the right to terminate this Agreement upon thirty (30) days’ prior written notice if the other party is in material breach of this Agreement and the breaching party fails to remedy such breach within thirty (30) days after notice from the other party; provided, however: (i) if the failure stated in the notice cannot be corrected within the applicable period, the non-defaulting party will not unreasonably withhold its consent to an extension of such time if corrective action is instituted by the defaulting party within the applicable period and diligently pursued until the default is corrected; and (ii) such extension shall not exceed ninety (90) days after the initial notice.

(b) Each party will have the right to terminate this Agreement for any reason upon ninety (90) days’ prior written notice.

And not just any notice. All written notices must be as follows. John White asserted he sent numerous letters to inBloom, but did not turn any over in response to multiple FOIA requests expressly asking for this letter or any other official communique.

14.6 Notice. All notices required or permitted under this Agreement will be in writing and sent by certified mail, return receipt requested, or by reputable overnight courier, or by hand delivery. The notice address for Service Provider is Iwan Streichenberger, Manager, 3451 Flabersham Road NW, Atlanta, GA 30305; and the notice address for Customer is John C. White, State Superintendent, Louisiana Department of Education, P.O. Box 94064, Baton Rouge, LA 70802. Any notice sent in the manner set forth above shall be deemed sufficiently given for all purposes hereunder (i) in the case of certified mail, on the third business day after deposited in the U.S. mail, and (ii) in the case of overnight courier or hand delivery, upon delivery. Either party may change its notice address by giving written notice to the other party by the means specified in this Section.

I don’t think I mentioned this before, but this is all information from a separate Service Contract.  The actual MOU is merely an attachment, not unlike your appendix, and about as useful.

Attachments

This Agreement includes: Attachment A (Terms & Conditions)

Attachment B (SLI Service)

Attachment C (Support Services)

Attachment D Reserved

Attachment E (Additional Terms applicable to SEAs)

Attachment F (MOU)

Attachment G (Super Administrator(s))

There was an MOU that was defined and signed by DOE, but it was sent as an attachment to this Service Contract. Within this service contract is a section that converts the MOU, such that it is, into nothing more than a poor toilet paper substitute.

14.8 Entire Agreement; Amendments; Memorandum of Understanding.

(a) This Agreement, together with the attachments hereto, constitutes the entire agreement between Service Provider and Customer with respect to the subject matter hereof. There are no restrictions, promises, warranties, covenants, or undertakings other than those expressly set forth herein and therein. Except as provided in Section 14.8(b), this Agreement supersedes all prior negotiations, agreements, and undertakings between the parties with respect to such matter. This Agreement, including the exhibits hereto, may be amended only by an instrument in writing executed by the parties or their permitted assignees. (b) If Customer is a School District, the MOU is attached for reference purposes only. If Customer is the State Educational Agency that is party to the MOU, Customer and Service Provider agree that: (i) notwithstanding Section B.6 of the MOU to the contrary, the term of the MOU shall survive execution of this Agreement and expire on December 31, 2014; and (ii) the terms of this Agreement, together with its other attachments, shall prevail over any conflicting terms contained in the MOU, including but not limited to MOU Paragraphs B.2.c (Privacy and Security), B.3.d (Test Data), B.3.e (Notice), B.3.f (SLI Implementation), B.6 (Term), and B.7 (Confidentiality and Publicity), and MOU Exhibit C (Data Privacy and Security Plan).

I have provided a copy of this agreement in full, as well as the toilet paper substitute, at the bottom of this post. There is more here you need to be aware of that alarmed me when I saw it and feel I would be remiss if I did not point this out in this post. However before I get there, let’s examine some more of John White’s claims. When John White made the claim he had requested that inBloom “destroy” our data, he merely exercised the following section of the agreement. He did not terminate the agreement as he has tried to imply, and any assertion to the contrary is completely disingenuous, and actually contractually impossible – such is the agreement he signed us onto.

10.4 No License; Destruction of Customer’s Confidential Information.

(a) Nothing in this Section shall be construed as a grant or assignment of any right or license in the Disclosing Party’s Confidential Information. The Disclosing Party’s Confidential Information shall at all times remain the property of the Disclosing Party. (b) At any time Customer reasonably requests, and in any event when Customer determines that the Confidential Information of Customer is no longer needed to obtain SLI Service, or upon the termination or expiration of this Agreement, Service Provider shall promptly destroy the Customer’s Confidential Information in Service Provider’s possession; provided that (i) if Customer is a School District, Customer may request or approve that Confidential Information of Customer not be destroyed and be made available to Customer’s State Educational Agency for its use in performing their functions for evaluating and overseeing compliance in federal and state-supported educational programs in accordance with Section 444(b)(3)&(5) of FERPA and State Data Privacy and Security Laws, and (ii) at Customer’s request, Customer shall be provided up to thirty (30) business days, according to Customer’s request, to export Confidential Information of Customer prior to its destruction.

(c) Notwithstanding anything contained in this Section 10.4 to the contrary, during Alpha Release, Service Provider may delete Customer Data without notice.

At April’s BESE meeting, John White attempted to characterize his relationship with inBloom and other similar providers was a partnership, a collaboration, and not subject to the needs of an MOU. This was notwithstanding the fact that he had already signed an MOU as well as actual Contractual Service Agreement with his partner. It took him almost 6 months to finally produce this document and the Service Contract and based on even the most cursory review of the contract you can easily see why he was trying so hard to conceal this relationship. However I found this next passage particularly funny. (By funny, I mean in that infuriating way when you find your children sitting in the middle of a pile of a broken “something” playing with the broken pieces, all the while claiming someone else broke it or they simply “found” it that way.)

14.7 Independent Contractor. Service Provider is acting as an independent contractor in its capacity under this Agreement. Nothing contained in this Agreement or in the relationship of the Customer and Service Provider shall be deemed to constitute a partnership, joint venture, or any other relationship between the Customer and Service Provider except as is limited by the terms of this Agreement.

Keep in mind John White was claiming this was merely a partnership, months after he signed this contract and after dozens and dozens of e-mails and other internal correspondence – up to and including the submission of all of our student data to inBloom. So either White is ridiculously forgetful, (We’re talking “50 First Dates” with Drew Barrymore and Adam Sandler forgetful) and should not be signing contracts and instead living in an assisted living facility, or he is shamelessly lying in the most egregious ways possible, on camera and in print, to BESE, his theoretical bosses, and all of us.

But now that that is out of the way, take a look at this.

ATTACHMENT E

Additional Terms Applicable to SEAs

A State Educational Agency that participates by accessing the SLI Service in accordance with this Agreement and discloses Personally Identifiable Information derived from student records to the SLI to assist it in performing evaluation and compliance activities related to federal- and state-supported education programs is subject to the following additional terms:

1. The State Educational Agency hereby designates the Service Provider (and its contractors that perform services to carry out this purpose) as its authorized representative to assist it in carrying out evaluation and compliance activities related to federal- and state-supported education programs.

2. The State Educational Agency will disclose Personally Identifiable Information to the SLI Service from source systems maintained by the Louisiana Department of Education and its authorized representatives including (i) student demographic, enrollment, program service, and assessment data; and (ii) educator assignment, certification, performance, and other related data. The State Educational Agency will only disclose SEA Data: (i) when the SEA is the authoritative source of data needed for applications that Schools, Districts, or Parents have elected to utilize; (ii) when utilization of SEA Data will avoid or limit redundant data entry or verification on behalf of School District Customers; or (iii) when necessary to support an evaluation or compliance activity by an authorized representative of the State Educational Agency related to federal- and state-supported education programs.

3. The State Educational Agency intends for the SLI Service to serve as a technology platform to support its overall evaluation and compliance activities. SEA Data maintained within the SLI Service may be utilized to support state evaluation or compliance activities to the fullest extent permitted by state and federal law.

Despite John White’s contentions to the contrary that only basic student demographic data was to be stored, this contract makes it quite clear we were sending enrollment, program, assessment info, teacher info including certifications and “other related data” which disturbed me when I located what some of this other data was. The other interesting section here is that John White appears to be relying on inBloom to start submitting all federally required data, and to produce all necessary state reports. This was intended to be the final privatization piece of the LDE IT puzzle, but we have no idea what the cost for all that would be. I have no doubt one way to defray some of those costs would have been to allow this student and teacher data to be used for marketing purposes. This “cost recapture” strategy has actually been mentioned by inBloom as a way to reduce costs for services. However once we have signed on with inBloom for all our state and federal reporting, any guesses as to which direction those costs will go?

Hold onto your checkbooks folks, it’s gonna’ be an expensive ride, White’s signed us up for.  And by the looks of this next section, it looks like we’ll be riding naked.

3.0 Data Domains. The Company intends the following with respect to data domains and is working with its vendors to incorporate these features and functions into the SLI consistent with the terms of the vendor agreements:

a. The SLI Model defines a total of 250 types or entities. The domain types contain over 400 granular data elements and the flexibility to add more as needs evolve. However, these are captured in 39 high-level “Domain Types:”


The MOU did reveal something more “informational” as the Service Contract described it. This company also intends to capture information on parents and teachers. We’ve already seen how teachers were treated when high-stakes testing was introduced. If their students did not improve, they were held accountable and subject to sanctions and termination. Some states like Tennessee have already started punishing parents by taking them off foodstamp rolls, and many states, including Louisiana, fine or jail parents when their children are truant. While I am not suggesting truancy is a good thing, or something to be encouraged, I can easily see a scenario after the Reformers realize making teacher scapegoats for all the ills of our society has failed, their next logical target to focus their ire and blame on will be parents. This database, and databases like it, will be how that new lynch movement starts. Because many of these folks refuse to factor in the effects of poverty and disabilities, any guesses who these punishments will disproportionately fall upon?

Tell BESE and John White to shut this down. John White promised to send me copies of the letters he theoretically sent to inBloom cancelling this agreement Tuesday the 18th, as well as confirmation as to whether or not he honored my opt-out request for my children. It is now the 22nd and I still have not received a response. Perhaps some of you could remind him for me?

Service Contract with inBloom/SLC/SLI: SLI SaaS

MOU: SLI MOU (2)  I wonder what happened to MOU 1?  I wonder what that one looked like. . .

 

Update:

BESE Contact and video info courtesy of Geauxteacher:

James.garvey@la.gov, Kira.orange-jones@la.gov, Lottie.beebe@la.gov, Walter.lee@la.gov, jay.guillot@la.gov, chas.roemer@la.gov, holly.boffy@la.gov, Carolyn.hill2@la.gov, Connie.bradford@la.gov, Judith.miranti@la.gov, Stephen.waguespack@la.gov

Go for it. You can find more info on BESE and meetings and view the video archives of meetings at the Louisiana Dept of Ed website.  Little difficult to negotiate after the TFA child wonders redesigned it.  http://bese.louisiana.gov/

Advertisements

inBloom, Ed-Fi, Cloud Computing, China, Nazi-Germany and the new Eugenicists

inBloom, Ed-Fi, Cloud Computing, China, Nazi-Germany and the new Eugenicists

Believe it or not, these concepts and words are all related. inBloom and Ed-Fi are two vendors that use cloud computer to store massive quantities of student data (the Louisiana is currently doing business with.) The information these vendors plan on storing will be used to classify, sort and allocate children by their skills and early proficiencies, much as they do in Communist China. It’s no coincidence that many education reformers point to China as an example of education success and something to emulated, not shunned despite what many Chinese themselves thinkEugenicists advocated the conscious elimination of “inferior” human being from the gene pool and promotion of the superior specimens. Eugenics is generally considered a discredited and bankrupt philosophy and social movement, pioneered by a cousin of Charles Darwin – seeking to apply his relative’s research in what he considered a productive manner, but which most of us would consider abhorrent and unconscionable, except when dressed up in a pretty package or advocated as a social need such as is occurring in China. Perhaps one of the most infamous eugenics campaigns was undertaken by Adolph Hitler. Hitler undertook perhaps the largest eugenics campaign in the history of mankind. Hitler had plans and delusions of creating master Aryan “super-race”

Those humans were targeted who were identified as “life unworthy of life” (German: Lebensunwertes Leben), including but not limited to the criminal, degenerate, dissident, feeble-minded, homosexual, idle, insane, and the weak, for elimination from the chain of heredity. More than 400,000 people were sterilized against their will, while 70,000 were killed under Action T4, a “euthanasia” program.

Hitler also actively engaged in genocides, tracking down and exterminating millions of Jews, Gypsies, Russians, Poles and Ukrainians or anyone else who disagreed with him. However eugenics campaigns were not limited to countries like Nazi Germany.  The inspiration for Germany’s heinous program actually started here and was sponsored by a philanthropic organization, just as the Education Reform movement is sponsored today.

After the eugenics movement was well established in the United States, it was spread to Germany. California eugenicists began producing literature promoting eugenics and sterilization and sending it overseas to German scientists and medical professionals. By 1933, California had subjected more people to forceful sterilization than all other U.S. states combined. The forced sterilization program engineered by the Nazis was partly inspired by California’s.

The Rockefeller Foundation helped develop and fund various German eugenics programs, including the one that Josef Mengele [perhaps the closest thing to Satan in human form ever to walk the earth] worked in before he went to Auschwitz.

Upon returning from Germany in 1934, where more than 5,000 people per month were being forcibly sterilized, the California eugenics leader C. M. Goethe bragged to a colleague:

“You will be interested to know that your work has played a powerful part in shaping the opinions of the group of intellectuals who are behind Hitler in this epoch-making program. Everywhere I sensed that their opinions have been tremendously stimulated by American thought . . . I want you, my dear friend, to carry this thought with you for the rest of your life, that you have really jolted into action a great government of 60 million people.”

Eugenics researcher Harry H. Laughlin often bragged that his Model Eugenic Sterilization laws had been implemented in the 1935 Nuremberg racial hygiene laws. In 1936, Laughlin was invited to an award ceremony at Heidelberg University in Germany (scheduled on the anniversary of Hitler’s 1934 purge of Jews from the Heidelberg faculty), to receive an honorary doctorate for his work on the “science of racial cleansing”. Due to financial limitations, Laughlin was unable to attend the ceremony and had to pick it up from the Rockefeller Institute. Afterwards, he proudly shared the award with his colleagues, remarking that he felt that it symbolized the “common understanding of German and American scientists of the nature of eugenics.”

Even today, China is one of the few countries with both an explicit and implicit eugenics policy. The explicit “One Child” policy has exceptions that can be purchased or granted based on political connections or, individuals can ignore the policy if they have the wherewithal to pay the fines. The implicit policy involves testing children for sex (male children are more desirable leading to numerous female baby abortions) or aborting children for deficiencies and in many cases forced abortions.  Is it any coincidence China is often cited as prime example of what our education policies and programs should look like?  China classifies students as either college bound or menial labor bound from an early age using assessment data that determines which path is most suitable for a child.  This path ultimately determine how far in society a child will be able to progress, how often they will be allowed to procreate, how much education they will be allowed to receive.  This is the “Reformer” vision of the future of US education.

Current US law has outlawed the use of genetic testing for placement of employees, pricing of insurance, or admissions to primary schools or colleges. However test scores, and background checks have long been used and upheld as a way to discriminate against employees and enrollees. High test scores and grades can even be used to give discounts on auto-insurance and prior to the implementation of the Patient Protection and Affordable Care Act of 2009 (more commonly known as Obamacare), insurers could discriminate and price products based on pre-existing conditions, age, gender, etc. Life insurance products are currently priced based on general health, blood pressure, medical history, whether a person is or has ever been a smoker, gender, age, etc.  For the time being, instead of using children’s actual DNA, which would be costly to store, evaluate and classify, the government is seeking to collect student’s educational DNA.  This ed-DNA will be used to start classifying students based on what computers and researchers believe are children’s potential.  It will be linked to income tax returns to see how much money children make, criminal databases to see how often they tangle with the law, doctor’s records to examine how often they avail themselves of health services and what types of diseases and conditions they develop.  With the recent decision of the Supreme Court that ruled DNA information is not patentable, expect bazillions of fly-by-night genetics testing providers to spring up offering discount rates on gene testing and storage.  This will initially be a boon for patients, but also for future government eugenics programs, and embryonic screening of children for desirable traits and exclusion and abortion of children with less desirable ones. (For an interesting window into the possible future of this type of genetic screening and profiling of children based mathematical projections and expectations I’d recommend watching the movie Gattaca.  We’re not as far removed from this future as you might think and this inBloom database LDOE is pushing is a necessary first step towards this future.)

Today instead of the Rockefeller Foundation funding eugenics programs with have the Bill and Melinda Gates foundation funding inBloom, a database that can be used to capture information on potential test subjects. We have Pearson conducting field tests on millions of children without their parents’ permission or knowledge. We have Michael and Susan Dell running a rival database called Ed-Fi that operates identically now, to the way inBloom is trying to operate in the future. We have the Walton family, heirs to the Wal-Mart fortunes, funding a pared down pauper’s education to the masses, so they are easier to control and convert into future Wal-Mart employees and customers. The Koch brothers have influence over PBS (the Public Broadcasting System) which in theory is a media watchdog that only theoretically keeps watch over our liberties and infringement upon the same. All other media sources are beholden and censored by corporate and government interests, save independent bloggers who are now under siege by these government and corporate interests seeking to silence us so you only get a single “sponsored” narrative.

Gun control opponents fight tooth and nail against the regulation of firearms sales, and electronic documentation of gun ownership, for fear of what the government can do with such a list and such information. Unbeknownst to them, the State (their states and the United States) are sponsoring a much more insidious data collection that will start with their children and follow them throughout their life. A federal database, called EDEN, is the first step toward knowing everything about you, forever. Currently EDEN does not collect personally identifiable information, but The US Department of Education is pushing national database collections SDLCs like inBloom and Ed-Fi because they will be able to quietly change a few policies and suck in all their information these providers collect. FERPA, the Familiy Educational Right Privacy Act, specifically exempts federal agencies from having to comply with it. Federal agencies that can request information at any time without parental notification or consent: 

 to authorized representatives of the Comptroller General of the United States, the Attorney General of the United States, the U.S. Secretary of Education, and State and local educational authorities for audit or evaluation of Federal or State supported education programs, or for the enforcement of or compliance with Federal legal requirements that relate to those programs;

The Federal government will be able to tie this information into the all the other databases they use to keep tabs on you at all times. As recent leaks about PRISM by Edward Snowden reveal, the NSA (National Security Administration) gathers everything on you that search engines like Google possess, anything you post on Facebook, anything you do with your cellphone and anything you save on your cellphone. Google actually physically drives their Google-mobiles through everyone’s neighborhood photographing your actual houses, sucking up your local network names, your cars’ license plates, and any signal they can. This information gets included in Google maps, but also gets tied to a profile of you. From census information you are required to report every 10 years, the government gets more. Google was recently fined for their privacy invasion tactics to the tune of just 7 million dollars, or less than 1/3rd of a day’s profits. (My guess is this is because the Federal Government wants this data, perhaps even requested Google compile this data, but needed to issue a token enforcement in response to the public outcry.)



While I think we were all impressed with how quickly the Boston bombers were identified and brought to justice, on some level most of you probably had a slightly queasy feeling. The amount of technology brought to bear, the speed with which that data was analyzed and actual pictures isolated and released, the subsequent identification of these bombers through a convenience store camera, the infrared heat signal tracking . . . it was all a bit spooky to me. Not long after there was the strange lethal shooting of the unarmed interview subject related to this case by the FBI, in the presence of 6 FBI agents, including what may be once in the back of the head.

So in addition to the criminal types and unscrupulous corporations that will have access to your children’s data as I covered here, you will have to worry about the Federal government getting a hold of your data and using for whatever suits their fancy. But let’s get to the meat of this initial matter, the handing over of student data to external data storage providers using Cloud Computing.

Here are some of the key things to keep in mind when your DOE comes knocking with a proposal to use a cloud storage provider like inBloom or Ed-fi for handling all your data storage and dissemination needs.

  • Most IT pros do not trust cloud services with sensitive data. (There’s a reason banks don’t conduct financial transactions using cloud computing and the military doesn’t store top secret weapons designs on something called CloudNuke.)

    Some 86% of those polled by Lieberman Software said they do not trust the cloud for their organization’s more sensitive data, and 88% said that they believe that there is a chance that the data their organization keeps in the cloud could be lost, corrupted or accessed by unauthorized individuals.

  • Clouds consolidate data, making it easier for criminals and governments to access this data, especially secretly. Vendors have a vested interest it concealing whether your data has been compromised, and as recent and historical events have shown, even the US government spies on its own citizens and allied nations.
  • Clouds make your data a bigger, tastier target, in much the same way shopping malls attract patrons, gold rushes attract miners, and dung attracts flies.
  • Storing data on inBloom and Ed-Fi Clouds adds an addition level of risk. These vendors are not suggesting they will replace your internal data systems, they are “in addition to” your existing systems. Sharing student data on Clouds is like passing out your spare house key to everyone on the block, including ones you don’t know well or at all, instead of just a single well known neighbor – in case of an emergency.
  • Storage of student data is expected to cost 5 dollars per student, but could be more. With 700,000 current students in Louisiana that comes to 3.5 million dollars per year. If this figure includes all students that total surges to 15 million dollars per year, or roughly the cost of this year’s entire Voucher private school expansion that was recently ruled unconstitutional to fund from the public school MFP formula by Louisiana’s Supreme Court.
  • LDOE has not proposed any specific use for this data, or this 15 million dollar annual expenditure. Wouldn’t this money be better spent on students, pre-k education programs, teaching supplies, professional development, anything else?
  • FERPA was weakened by USED to allow vendors to use data for non-educational purposes. Just as your iPhone terms and conditions change almost daily, so could the terms and conditions under which these vendors operate. They claim they will not share this data initially, but they also indicate they will provide discounts to states that provide date to third party vendors from whom inBloom will “recapture costs.”

    “As a non-profit organization, inBloom is exploring cost recovery partnerships with select vendors, which are contracted by states and districts, for the services that it provides. These recovered costs will ultimately be passed on to participating districts through lower annual fees.”

    (This is fancy schmancy talk for selling your data but instead of money changing hands they will give “discounts” in much the same way sleazy car salesmen and fly-by-night furniture sellers mark up their prices before offering 30-50% discounts on everything in their store!)

But don’t take my word this.  Ask LDOE and BESE at tomorrow’s BESE meeting (June 18th), about what they feel it is necessary to spend upwards of 15 million dollars to endanger your children’s futures and allow the federal government, hackers and pedophiles easy access to your children’s private information and future.  They will tell you to make things easier for school districts to work with 3rd party vendors, they will tell you to take advantage of teacher dashboards not teachers unaffiliated with this administration are asking for, they will tell you this is to take a step into the future.

 

But I ask you, is this a future you want for yourself or your children and grandchildren?

gattaca-review-valid

Where we are nothing more than what our DNA and data says we are?

 

 

 

 

 

 

 

 

 

 

 

 

 

Has John White lied to BESE and the State of Louisiana, or is inBloom lying?

Has John White lied to BESE and the State of Louisiana, or is inBloom lying?

Regular readers of this blog may be aware that I am fighting the unlawful sharing of private student data to unsupervised private unaccountable vendors. I’ve even started a petition to support this effort. Friday morning I got some good news, or at least I thought I had. John White seemed to come to his senses and agreed to withdraw the student data he supplied to inBloom.

For those not in the know, inBloom is a privately operated data cloud that advertises its ability to host all personal student data, from Social Security Numbers, to names, dates of birth, pictures, medical information, discipline records and history, test scores, etc. John White tried to simply spin his inBloom “partnership” (his word not mine) as a data garage housing “cars” he likened to our students. White claimed like all garages, once the cars are parked there, no one can get the keys so our cars (kids) are perfectly safe.

inBloom cannot see or use any information regarding students or schools in Louisiana. This is like renting space in a parking garage. The garage company may house the car for a while, but it may not touch or use the cars in the garage. While inBloom stores information, inBloom does not have access to the information

At first I thought this was an overly simplistic, condescending analogy, perhaps something thought up by a small child, but the more I thought about it, the more I realized he may actually be on to something. So let’s go with it.

Virtual garages, like real garages in real life, can have cars stolen from them all the time at any moment. Putting a car in a garage does not magically make it safe, and actually makes it less safe by virtue of placing it into someone else’s custody who does not have as much vested interest in taking care of your car as you do. What’s more, the “garage” inBloom and similar vendors are proposing will eventually hold all the cars. They want to hold everyone’s data, all their data, in one place. While it’s true cars can be stolen from personal garages, thieves have to go to each garage and steal each car. . . one at a time.  In the virtual garage scenario all thieves have to do is get access to one garage, (the garage) and they can steal everyone’s car (actually all their cars, and any car they’ve ever owned.)

What’s worse is while a car thief might have to go physically to your home or to a real garage and steal a car in the flesh, drive it away manually, and find a buyer one at a time. . .well most hackers actually live in countries outside of the United States like Russia, China, Iran, North Korea, etc. They don’t have to travel to the car (the student data) to steal it. They can steal it from the privacy of their home or “professional” hacking corporation composed of career and sometimes government sponsored and supported hackers.  Their “jobs” are to find vulnerabilities to exploit an steal data and trade secrets. Many foreign governments like China, Iran, and North Korea actually support these efforts.  These foreign “car” thieves can steal all the cars in the blink of an eye and sell them to millions of other criminals just as fast.

So yeah, a virtual garage is a horrible idea, for us. It’s a great idea for criminals and whatever companies like inBloom would like us to believe they are.

Every public garage I’ve parked in has a big disclaimer on the wall when you drive in that the owner of the garage cannot be liable for thefts, damage or stolen property left in the automobiles. When you give the keys to a valet to park your “car” they can damage your car, take it for a joy ride, forget to lock the doors, any number of unpleasant things. . .  And cars have been hot-wired at least since episodes of Starsky and Hutch originally ran on television.

MyParkingSign.com

. . .inBloom has a disclaimer too.

“[inBloom] cannot guarantee the security of the information stored in inBloom or that the information will not be intercepted when it is being transmitted.”

Pretty familiar, eh? Would you trust a car for permanent storage under such an agreement? Would you trust your child to an establishment that made you sign such an agreement. . . that they are not responsible if your child gets kidnapped, or injured. . .  but they will take “reasonable precautions

Yeah, you’re not taking my kids, you freaks, and I’m not trusting you with their future either, inBloom.  But I digress.

A number of parents, students and legislators have been alerted to this violation of our privacy and an emergency item was placed on the BESE agenda by BESE member Lottie Beebe.  This meeting was held Wednesday the 17th.

Shortly after what has been reported as a “lively” BESE meeting (who knew they had those?) John White promised to release all MOUs and contracts related to data sharing agreements like inBloom or Agilix (another vendor that was uncovered from internal e-mails.)  White then sent out this letter (I mentioned above) to Superintendents and school districts to try and spin and sell his garage idea.  It did not seem to work because the next day he informed BESE members he was withdrawing the state’s data from inBloom.  White implied he was cancelling the contract until he was able to alleviate fears and run such agreements by BESE. He issues this letter to BESE to that effect.

Update
04/18/2013 06:16 PM

Subject

Members:

At Wednesday’s meeting we heard some compelling testimony regarding the state’s and school districts’ data storage practices. It’s an issue worth continued discussion with the board.

The data storage agreement with the inBloom database was undertaken with caution and a sense of responsibility. However, because of the concerns expressed by some parents, and because we have not yet had an in-depth discussion with the board and public about data storage at the agency or district level, I think that it is best for now that we withdraw student information from the inBloom database. I have told our staff to do so and have informed inBloom of our decision.

We have protected student information for decades and take security very seriously. Given the concerns expressed by our most important constituents — students and families — I’d like a chance to discuss our policies and procedures with you before we enter into new relationships with partners providing this service.

Thanks as always for your time. Have a great weekend.

John

John White

Louisiana Department of Education
Twitter @LouisianaSupe

Barbara Leader, with the Monroe News Star, has been investigating this story for the last week and calling folks all over the state (including yours truly) and had interviewed White earlier in the week about inBloom and Louisiana’s role/partnership with this private company. As Barbara was preparing to run a story on Friday, John White contacted her out of the blue to announce his decision to “seemingly” rescind his agreement.

Louisiana Department of Education Superintendent John White says he is withdrawing Louisiana student information from a non-profit database, just two days after he assured Board of Elementary and Secondary Education members that the data was safe and could not be distributed without DOE approval.

This seemed like good news and I was grateful to Barbara for covering this story that was so dear to so many parents and children. While I was unable to make the Wednesday meeting I heard there was a robust turnout and even some brave students from Mandeville High School showed up to testify against this unlawful data sharing. I can’t speak for these students, but many of our students are 18 or older and had no say and no knowledge of the inBloom agreement and did not give permission to share their details with private vendors. The only folks who seemed aware of these agreements of questionable legality were White’s inner circle but not BESE which is supposed to review and approve such contracts by law.

However just when I thought things might be going well I was forwarded this tweet from inBloom’s official twitter account that got me to thinking. . .

inBloom@inBloomEdu

.@frankcatalano
@audreywatters Louisiana still part of inBloom community. Many inaccuracies in coverage

I asked inBloom to explain this cryptic tweet that they sent to other education reporters, but so far they have not elaborated. Nevertheless it brought to mind a question. I never did see what John White actually sent to inBloom to cancel his legal agreement with them – to withdraw “student information from the inBloom database.”  Did you?

Did he withdraw it all?

Did he simply tell inBloom to lay low while he “handles” those yokels in Louisiana?

Did John White make a jaded calculation that if he placated us on a Friday release, he could take advantage of the Boston Bombing coverage and people would simply forget about this come Monday? Later he could go back to BESE and get them to rubberstamp his agreement while no one was watching?

I wonder who is lying?

Did John White actually lie to BESE, to the Monroe News Star, to our legislators, to all the citizens of Louisiana?

Is this inBloom’s desperate attempt to stop other states from pulling out of the inBloom project? Perhaps. . . but if they are shown to be lying that will only further damage their credibility. Would inBloom risk lying about something that is easily disproved with the simple production of the John White cancellation notification?

I would ask that John White clears this up right away. He still has not produced the MOU that he promised to produce at the April 17th BESE meeting. Surely to cancel such a contract (which by law he would have been required to create to share student data like name, Date of Birth and Social Security number) he would have had to review it to determine how exactly to go around cancelling that agreement? White could not have shared the data in the first place (even under the weakened FERPA laws) without this legal document, a contract or MOU (Memorandum of Understanding) describing duties, uses, what data was to be shared, and under which circumstances the agreement could be cancelled.

I strongly encourage John White to produce the MOU with inBloom that he promised to punctually produce at Wednesday’s meeting and to produce the subsequent cancellation notification this contract would have required that he sent to inBloom. That’s all it will take to demonstrate that inBloom is lying, or at least in error, and they he did not lie to all of us, over and over.

However it occurred to me that maybe John White is lying, if not about this, maybe something else.  So just to be on the safe side, I felt this warranted me looking into John White’s other claims at this point. I contacted Barbara Leader, who produced the article for the Monroe News Star that announced John White was withdrawing from his inBloom agreement to ask for something she mentioned in her article. . .the file layout John White provided to back up his claim he only provided:

In an email to The News-Star, White said that “the only student info we are storing in this garage: local student ID, first name, last name, gender, date of birth, ethnicity and race.”

You see, I know a little bit about data, especially Louisiana Department of Education data, having worked in that area for almost 9 years, so there was something that bothered me about this statement. You see, local student ID is optional, and most school districts don’t send it. State ID is required, and is about 98% of the time the student’s Social Security Number. The local ID field did not seem like it could possibly be correct since most of them are blank.. Then when I looked at the rest of the fields, and looked at this description of who John White said would be using this or a similar database (if a similar database it’s one he did not cancel yet) in this statement:

John White, Superintendent of Louisiana Schools, says, “By connecting to IBDS, Agilix opens a lot of doors for our Course Choice product not only for registration but also for detailed analysis of student performance. We expect this will assist greatly in tracking and reporting results of Course Choice adoption to state authorities.”

Did you catch it? J Probably not, but let me explain. White said this would be used for registration. This information would have to be sent to school districts and registration through school districts to keep track of student performance and what their kids have register for unless LDE plans to handle all that in-house. Even then you would need to know a few more basic things, like grade level, where the child is enrolled, if they are still enrolled, etc. You can’t get all that from those 7 elements. You’d need more. The News Star Reported John White provided documentation that only those 7 elements were shared, so I figured I’d just check myself. I asked Barbara to forward the file John White sent to her to me. This is it, and I’ll explain what I found.


<?xml version=”1.0″ ?>

<InterchangeStudentParent xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance” xmlns=”http://ed-fi.org/0100” xsi:schemaLocation=”http://ed-fi.org/0100 ../../../../../../domain/src/main/resources/edfiXsd/Interchange-StudentParent.xsd“>

<Student>

<StudentUniqueStateId>999999999</StudentUniqueStateId>

<Name>

<FirstName>JANE</FirstName>

<LastSurname>DOE</LastSurname>

</Name>

<Sex>Female</Sex>

<BirthData>

<BirthDate>2005-05-19</BirthDate>

</BirthData>

<Address>

<StreetNumberName>No Data Exists</StreetNumberName>

<City>No Data Exists</City>

<StateAbbreviation>LA</StateAbbreviation>

<PostalCode>0000000</PostalCode>

</Address>

<Telephone>

<TelephoneNumber>0</TelephoneNumber>

</Telephone>

<ElectronicMail>

<EmailAddress>No Data Exists</EmailAddress>

</ElectronicMail>

<ProfileThumbnail>No Data Exists</ProfileThumbnail>

<HispanicLatinoEthnicity>false</HispanicLatinoEthnicity>

<Race>

<RacialCategory>White</RacialCategory>

</Race>

</Student>


<StudentSchoolAssociation>

<StudentReference>

<StudentIdentity>

<StudentUniqueStateId>999999999</StudentUniqueStateId>

</StudentIdentity>

</StudentReference>

<SchoolReference>

<EducationalOrgIdentity>

<StateOrganizationId>032023</StateOrganizationId>

</EducationalOrgIdentity>

</SchoolReference>

<EntryDate>2012-08-09</EntryDate>

<EntryGradeLevel>Twelfth grade</EntryGradeLevel>

</StudentSchoolAssociation>

John White unwittingly sent us a file for yet another (third?) data aggregator he shared student data with and did not run by BESE. You see, these xml files look like they came from and/or go to Ed-Fi if you read the header for this file. Ed-Fi is yet another data aggregation company owned by a different set of billionaires, Michael and Susan Dell. inBloom is a company created by another pair of billionaires, Bill and Melinda Gates. A third company, Amplify, which partnering with inBloom was set up by yet another billionaire named Rupert Murdoch of News Corp and child phone hacking fame.

This is how Ed-Fi describes itself.

The Ed-Fi Solution

The Ed-Fi solution is an educational data standard and tool suite (unifying data model, data exchange framework, application framework, and sample dashboard source code) that enables vital academic information on K-12 students to be consolidated from the different data systems of school districts while leaving the management and governance of data within those districts and states. Ed-Fi components act as a translator of academic data, integrating and organizing information so that educators can start addressing the individual needs of each student from day one, and can measure progress and refine action plans throughout the school year.

This Ed-Fi tidbit reminded me of some internal e-mails I’d obtained some time ago but had not figured out how to connect to anything, until now.  These are correspondence from John White, and Ed-Fi where he was exploring a relationship with Ed-Fi.  This was done either before or while simultaneously working with inBloom.

Here’s some of the correspondence from over a year ago with Ed-Fi. (DOE apparently provides their FOIA requests as a sideways oriented image files to make use very difficult. You will have to orient them image one rotation clockwise to view.)

To summarize this set of emails: it appears the Louisiana Department of Education was sending data to Ed-Fi too, long before inBloom. I wonder how many other groups like this John White has been sharing with? Agilix seems like another one as well as the Course Choice providers. Did White simply sacrifice inBloom to save all these other relationships, perhaps 4 that we know of at this point?

It seems quite likely we’ve been duped and inBloom was offered up as a sacrificial lamb.

Now to get back to the Ed-Fi file John White has characterized as the inBloom file. Let’s assume these are the same elements that were actually provided to inBloom. . . too. I notice that Grade level is included, site code is included of which the first three characters are the school district ID, entry date is include, and State ID (the student’s SSN) not the local ID was sent to Ed-Fi and or inBloom. That’s a shame, EdFi was only asking for a unique ID, not SSN, but John White decided to send a less accurate number for tracking unique students but more dangerous for students. I can tell we sent the SSN because they DOE shows they are sending a 9 character number and our unique internal state ID is 10 characters to make differentiation readily apparent. SSN is a totally unnecessary bit of info that can be used for identity theft especially with the date of birth and name John White is also helpfully (for criminals) providing.

What I find intriguing is that there are empty spots for the student’s address, their picture, their phone number and e-mail address. I can’t think of a reason to leave those in the file unless you’re leaving them as placeholders to fill later.

To summarize:

  • John White can prove he did not falsely inform BESE and the state of Louisiana about cancelling a contract with inBloom he has no intention of cancelling by production of the cancellation agreement.
  • John White can prove he did not lie to BESE that he would produce the inBloom MOU and all other sharing/partnership agreements by doing so quickly and in good faith.
  • We need to know how many vendors has John White shared date with already and not recalled . . . but it appears to be at least 3 more. . . (Ed-Fi, Course Choice, Agilix)
  • John White may not have cancelled the inBloom contract as he claimed. InBloom has publicly claimed otherwise.
  • John White sent more than the 7 data elements he claimed to BESE and the Monroe News Star that he sent. It also looks like he plans to send much more sensitive data at a later date.
  • John White has definitely already sent private student data to Ed-Fi, an inBloom like operation, as much as a year ago, based on the internal e-mail trail and file spec. He did not notify school districts or BESE about this agreement to my knowledge.  (I will be happy to amend this statement if somone can show me that I’m wrong.)

Now, what are we going to do about this?