LDOE Lays an Egg: Violates FERPA and Their Own MOU Providing Data to CREDO

LDOE Lays an Egg: Violates FERPA and Their Own MOU Providing Data to CREDO

I know its reaching, but I thought I’d give everyone a little Easter reference with this surprise post.  Smile

Before I left LDOE 3 years ago I was asked to help assemble some de-identified data for a research outfit named CREDO.  At the time most of my colleagues didn’t know who CREDO was or what they were all about.  (It turns out they are a pro-charter funded propaganda machine masquerading as legitimate researchers.)   We had a standing policy not to provide this type of data to anyone. . . except a few local research universities like ULL we had established contracts with – to provide analysis services to LODE for specific grants.

Then came John White and CREDO.  We’d been telling CREDO “No” for years because the amount of data they wanted was excessive and the time involved with compiling it was also going to be pretty steep.  John White was not the State Superintendent when he started giving orders through Erin Bendilly, a Jindal appointee.  This request was one of those, and it was coordinated, reviewed, and delivered by Kim Nesmith, the “Data Quality Director” and department’s FERPA enforcer.  (The fact that this request was  being forced through quickly on John White’s behalf was confirmed by both Kim and Devora Davis, head CREDO researcher, in a conference call.)

happy Easter

FERPA tidbit:

US DOE requires State agencies to select a number between 1 and 10 to mask all their student level data to conform to FERPA. Kim actually required the department go one step further.  She insisted we mask by using less than (<) and greater than (>) symbols in the ones digits in most numbers reported.  (We can still derive the specific numbers from the percentages and enrollment numbers but I won’t tell if you won’t)


(You can Download the full report example if you’d like.)

Another provision of FERPA calls for agencies to restrict access to data – keep it private from those that don’t need that access to perform their specific role or function.  While I dealt with the student data of all students, I did not need to have access to their medical records or diagnoses, or their specific Special Education classifications.  This role was handled by the folks that worked directly with this data and these students in our SER system or those folks who produced necessary reports to the Finance department.  For the nine years I worked there, I did not have access to that data.

New Orleans based, Research on Reforms filed a lawsuit to discover just what data LDOE had released to CREDO.  When ROR eventually prevailed I learned what else LDOE had provided to CREDO.  (LDOE first denied the existence of this MOU until I agreed to testify for Research on Reforms.  Then LDOE argued that they could choose whomever they wanted to evaluate their programs and did not need to provide equal access to anyone else to cross examine the claims.  The first judge agreed, but the appeals court overturned this ruling.)

It turns out LDOE violated their own very expansive MOU.  What follows is a description of a few things that should not have been sent.

For instance, it turns out that LDOE sent quite a bit of detailed data on non-public students, their DOB’s, their teachers, their special education conditions, schools, etc.  Non-Public schools were not part of the research project and not part of the MOU.


Here’s a snapshot of some of the NPB (Non-Public School) records.  Hundreds of non-public schools’ data was disclosed – without their knowledge I would imagine.


And here is some of the specific data elements they handed over on nonpublic and public students – some of which is specifically prohibited and some of which should have been because it was outside the scope of the study.  This shows the full Date of birth (not just month and year) as well as any section 504 classifications and also identifies one student as blind and another one as deaf.  (Note: these records are from completely different sections and do not match up to any of the schools shown above.)


Of course if that’s not enough, they also included the specific teacher and the course they took with that teacher for each student. (Note: each snap shot is from different records to prevent identification of students.  Something LDOE might have considered.)


To make sure researchers could identify and use all these codes, LDOE created a decode file with useful tables like this one for Special Education classifications.


You will note in the study, none of this info is necessary, and if you look at the final CREDO reports none of it was used – but it was provided unnecessarily.

LDOE also can’t make the claim they did not know what they were providing or that they were unaware that to provide it was a violation of FERPA.  Most of the files, like the one containing Special Education data, carry a pretty convincing warning.

This report contains personally identifiable information or information that when combined withother reports and/or information a student’s identity might be revealed.  Personally identifiable studentinformation must be kept confidential pursuant to the Family Educational Rights and Privacy Act (FERPA)codified at 20 U.S.C. 1232g.  Information in this report cannot be disclosed to any other person,except for employees of a student’s school or school system who must have access to that information in order to perform their official duties and for those other persons and entitiesspecified in 20 U.S.C. 1232g.


In this case, LDOE provided this information without any masking for every school in the state (including Non-Publics).  They provided a file that contains the school, school year, grade, age, ethnicity, disabilities, gender.  They provided this information for counts as low as one single student.

You would think a Student Privacy Director and Data Quality Director would know better, wouldn’t you?

According to the MOU, here is the scope of the study:




The dubious nature of the decision to provide all the data they agreed to provide aside, I don’t see any reason to provide private school data, let alone disabled student data.  Do you?

This is an example of why LDOE needs to be fully transparent and properly overseen.  There is no telling how many other data sharing agreements LDOE has entered into that most of us are completely unaware of.  LDOE is apparently incapable of even adhering to their own internal privacy decisions and their own MOU’s.  This is not an example of a rogue department providing data accidentally.  This is an example of LDOE’s top privacy guru, the Student Privacy and Data Quality Director reviewing and assembling the data, personally, before handing it over to strangers in California.


It’s only a combination of chance and persistence that I stumbled across the details of this agreement and am able to share my findings with you.  How many more agreements like this are out there that are unknown to us?  How poorly have they been reviewed?  I can’t actually say.  Someone outside of LDOE needs to review these types of disclosures (All of them)  – before they happen.  It is important for the public to have an accounting of both what was promised, but also what was actually delivered.  Frankly, if LDOE doesn’t understand their own data, they shouldn’t be providing it to others.  I also question whether they should be collecting it all or storing it for decades in the first place.

Data Security Fail: John White and LDOE up to their old irresponsible data tricks again

Data Security Fail: John White and LDOE up to their old irresponsible data tricks again


John White recently testified multiple times in front of the Louisiana House Education Committee that he has a firm commitment to student privacy and takes his responsibilities toward ensuring the department only collects data that is absolutely necessary and does so responsibly. He made the argument that without detail student level data, the Department would not be able to fulfil their reporting duties lain out by the federal government and auditing duties to ensure data is being accurately reported. When State Representative John Schroeder introduced a bill a few months back that only allowed LDOE to collect aggregated data, John White was adamant that he would not be able to adequately report to the legislature and federal government. Neither assertion is true. White also assured House members he took great pains to safeguard information and that he did not need to document all the data elements he was collecting, or what they were being collected for, but we could be sure they were only collecting exactly what was needed.

All of these claims were complete lies, but they sounded convincing to most folks and I was not asked by any Senator or Representative to debunk them, despite my numerous offers to cut through White’s BS before the session and during it. (If anyone would like to contact me I am still available.) I’ve worked with other state’s privacy advocates and Senators so I’m not sure why ours have not accepted my numerous offers. (I was told more than half a dozen times that I would be called or contacted about the various privacy bills making their ways through the Senate and House, but these promises never materialized into any actual direct correspondence. I find that . . . interesting. Perhaps folks don’t want to know the truth? But I digress.)

Last I checked Louisiana has a privacy bill that has been voted on in the House but which has not been taken up in the Senate. As this legislative session closes it appears less and less likely every day that we will get a privacy bill through the legislature and onto Governor Jindal’s desk to sign. I can only assume Jindal will sign such a bill since he has had his folks publicly support it while it made its way through the House.

This brings me to this week’s latest finding that might be of some interest to parents and legislators pondering data privacy and security issues and the promises John White made just a few weeks ago in front of cameras, parents, legislators, the press, and God. His testimony is still available to review if you care to take the time to listen. . . But back to the latest example of LDOE incompetence under John White.

Introducing the new:

Alternative School/Program Data Collection

Please forward to district alternative school/program staff.
The 2013-14 Annual Report on Alternative Education Schools/Programs is a report submitted to BESE on the effectiveness of alternative education schools and programs. Please complete the school/program overview and student roster layout provided (under Announcements to the right) by May 23, 2014
and email a signed and scanned copy of the overview to Renee Montogmery at
renee.montgomery@la.gov. The alternative program/school roster should be uploaded via your districts’ secured FTP site. For questions regarding data collection, layout/template, or FTP upload instructions, please contact Crystal Wilkinson at crystal.wilkinson@la.gov.


LDOE created a new data collection they want LEAs to submit by May 25th of 2014 that they introduced on May 2nd. LDOE is asking school districts to aggregate all their data for them on the first page, which is the data they really want, but they also want LEAs to submit student level data (that they already have and that was obtained more securely) via an unencrypted Excel Spreadsheet. Element H, Student Sate ID, is Social Security number for 97+% of students in Louisiana. They are having schools and districts submit this along with a student’s full name and Date of Birth to ensure if this info was stolen it could be used to obtain credit cards and apply for loans. To ensure student’s privacy rights will be violated they are asking LEAs to define students as dropouts, their discipline records, whether they were expelled, and if they are disabled.


They did this while the legislative session is still going on.

They are doing this after they testified they don’t request info unnecessarily. (All of this info is already in their possession except dropouts – which are not final and are official produced by LDOE not school districts, and the program code.)  None of that data is necessary if they just collect the summary page which I have no objection to as long as this was only done this one year and next year the program element was collected in SIS properly.

LDOE attempted to collect this data in a wildly irresponsible way that no one would endorse as a safe or proper way to collect data (Even themselves when questioned about it.) Here is an official response from Barry Landry, official spokesperson for LDOE. I asked who was in charge or this and questioned the wisdom of doing this (in a less civil way to be sure.) The response I got back was mildly reassuring . . . at first.


 This original form is not an appropriate way to collect this data,  [emphasis mine] and the Department has taken down this form. No information or data concerning alternative schools or programs was submitted by any district to the Department.  



It took LDOE a few days to get back to me. (I learned they were scrambling around based on my initial inquiries and trying to get their stories straight.) I did verify they took the information about the collection down from their “Insight” portal, where they communicate with school district personnel indirectly. Per John White, LDOE staff are not permitted to talk directly to school districts on the off chance they would provide helpful information accidentally. That is not made up or even the slightest bit sarcastic. I’d tell you to ask a current LDOE staffer if this was true, but they would not be able to answer you without worrying about being fired. Instead I ask you to ask a recently departed staff member and verify.

Now, back to the data collection. I was briefly encouraged that LDOE was taking my concerns, parent’s concerns seriously for once. I actually figured they would just hold off on collecting this data this way until after the legislative session, so legislators would go home without passing any serious student privacy and data security legislation and go about business as usual. However, even I was surprised that Kim Nesmith, the creator of this data collection, immediately contacted SIS (Student Information System) vendors and denied that they were doing away with this collection, or even that they were doing away with this data collection method. She told them to continue building the reports and files less than 5 hours after I received an e-mail from Barry Landry at LDOE that “this was not an appropriate way to collect data”. The following e-mail was sent by one of the SIS vendors to their client. Apparently they were contacted around noon.

I have been in contact with the state. They have not made that decision yet. They may or may not require the file at this time. They just don’t know.

I will keep you up to date as I get more information. Please forward me the statement from Barry Landry saying they won’t need the report.

It is true they took the form down about this data collection. (at least for a few hours)  It may be true that no data was transmitted this way. What is missing is any confirmation that they are not collecting data this inappropriate way. All Barry reported to me was they took the form down (true) and that no data was transmitted this way. (I have not verified this one way or the other yet.)

When I saw this collection, I knew right away that Kim Nesmith was behind it. I verified this on my own later although, and one of the contacts listed as a contact reports directly to her, but LDOE refused to confirm this officially. However this is not the first time Kim has collected data this way. In 2011 she demanded IT collect data this way for students that were corporally punished or bullied and for identified bullies. I refused to collect this data this way because I believed it was dangerous, inefficient and stupid, however I was overruled by Patrick Dobard (currently the superintendent of RSD, then Superintendent Paul Pastorek, and Kim Nesmith.) What happened was Kim collected this data herself, but was unable to use it to build any reports so I was called in to link the hundreds of excel data files and report from them. Paul, Patrick and I are gone, but Kim remains. Kim no longer has anyone that can summarize the data, hence the summary page.

Kim is also LDOE’s FERPA compliance person in IT, the supervisor in charge of data collections and data collectors (including student data collections), and the self-titled Data Quality Director. Yep. Kim is the person who LDOE put in charge of ensuring your students’ data is treated carefully and securely, that data is reported accurately, and that school districts know what to report.

I will have more information on current issues facing the data collections department, under Kim, in future posts. I have been getting specific complaints about her from school districts for years. I’ve done my best to give LEAs information they can feed back to LDOE to fix the data problems they have been having in the wake of firing or driving off all the experienced and qualified IT staff, but it has gotten so bad that even if I get step by step instructions on what to fix Kim’s staff is unable to address any of the problems they are having. Currently they are unable to properly calculate dropouts. I believe they are also the reason LDOE gave incorrect budget numbers to the legislature at the start of the session that John White tried to vaguely explain away.

White said $35 million of this year’s shortfall is tied to having higher-than-estimated student enrollment for the 2013-14 school year.

This is the 2013-2014 school year. We have those numbers in October 2013 and February 2014. How could they have been surprised if they had the actual numbers 6 months prior to being surprised unless the numbers they originally collected were wrong?

I don’t blame Kim’s staff. With proper training and a competent supervisor I’m sure they would do fine. I blame Kim for claiming she knew what she was doing and for driving off all the people that did know what they were doing. I blame John White for promoting her, putting her in charge of our children’s data, for and keeping her around this long. This is exactly the type of situation you should expect from putting someone with a Home Economics degree in charge of Statewide data collections and data security and privacy. My degree is in Accounting and I specialized on systems accounting and design, but I would make a terrible dress maker.  Just sayin’. . .

Here are the actual files LDOE took down but probably still plans to use once the session is over unless by some miracle enough legislators start taking data privacy and security seriously enough to pass some meaningful legislation.

Copy of 2013-14 Alternative Schools Programs Data Collection Layout

Facilitating the Reporting of Alternative Programs and Schools


Louisiana’s Privacy Legislation and Testimony – Setting the Record Straight

On March 19th the Louisiana House and Senate Education Committee’s both heard testimony at the same time on the same types of legislation. This legislation was about student privacy. Holding meetings on the same subject at the same time required folks to split up their resources. Since most of us do not have ready doppelgangers, or clones, this meant parents went unrepresented on either the Senate side or the House side. This was pointed out as a little fishy by passionate privacy advocate, Sara Wood, in testimony delivered to the Senate during the hearing on Senator Conrad Appel’s “privacy” bill 449. She points that out as her first point in this YouTube video. Sara Wood’s testimony: http://www.youtube.com/watch?v=xFEjudTEDSk#t=30

Prior to Sara Wood, I said my piece on SB 449. All of the points I covered, with the exception of the Amendments that were introduced that day, were included in my earlier analysis of the various privacy bills.

If you would like to get a look at my actual testimony you can see that here. My testimony: https://www.youtube.com/watch?v=zoHK3TqeksE (I rock – although my “rocking” is certainly of a lower intensity variety than Sara’s.)

Meanwhile at virtually the same time Superintendent of Louisiana Schools, John White, was giving some of his own testimony at the House Education Committee. His testimony and the amendments he offered came after all the parents spoke, and I was told there would not be a chance for anyone else there to weigh in on what he was saying. Nevertheless, I feel it’s important that someone does. You see, when I gave my testimony I had to sign a card stating the testimony I was prepared to give would be accurate and truthful. I assume John White was required to make a similar statement when he gave his testimony. However upon reviewing the testimony he gave I have my doubts about the truthfulness of it. That’s probably putting it too tactfully. I think it would be more accurate to say he perjured himself on at least one point and omitted several details and context about numerous others. I won’t dissect every statement he said, but I’d like to pull out some relevant ones I feel are important. I’m guessing he made these statements to cover his . . . back. To protect himself from angry parents and lawsuits, but he boldly lied about these issues at least.

John White claimed the department only had Social Security numbers for State IDs and that the department had applied for a 700,000 grant to try and switch over to another system that did not rely on SSN’s. This is a lie many times over. I know this because I was in charge of the Student Information System for almost 9 years before leaving the department to tell folks about John White and his reformers. Our first ID was first used for the 1996 data collection, about 18 years ago. This ID was called the “Generated ID” and lasted until about 2008. This ID was used to calculate dropouts, and was generally held to be more accurate than SSN, although SSN was used to help define whether a new Generated ID needed to be created for a new student. John White also did not share that SSN’s are not required. Parents have the option to “opt out” of sharing their child’s SSN and asking their school district to create and report a Temporary ID. Both of my children have temporary IDs in the EBR parish school district. I switched them over after John White sent millions of children’s SSN’s (including my daughter’s) to an unregulated third party vendor, inBloom, despite my refusal to allow her information to be included or shared sent right to him and the head of his legal department. Obviously the Department feels FERPA does not apply to them, and the rights of parents and children are non-existent. (They are right which is why we need our own State privacy law.) That’s why I find John White’s statements that he is concerned about student privacy a lie. Had he been concerned he should and could have been concerned when letters, calls and e-mails form other parents flowed into the department once I published my letter. (I heard John White’s actual reaction was cursing me quite soundly as other letters rolled in. Interesting reaction for someone concerned with protecting the rights of parents and students, no?)

But I’ve digressed. As I reported, Generated ID was created 18 years ago, by the department, without a grant of any size. It lasted quite well. Louisiana then applied for a new grant from the IES (Institute of Education Sciences), a division of US ED. Louisiana received this 4 million dollar grant. The data system created was called LEDRS.


Project Start Date: 3/1/2009

Project End Date: 2/28/2012

Amount Awarded: $4,056,510

The Louisiana Department of Education (LDOE) proposes to use the US Department of Education

longitudinal data systems grant to build the Louisiana Education Data Repository System (LEDRS). The

LEDRS will allow the LDOE to organize and link all of its data into a centralized repository. The LEDRS

project will consist of three main tasks:

The creation of a data repository that will centralize and link the data that currently reside in

isolated silos.

The creation of a data reporting system that will enable the LDOE to automate its EdFacts

reporting and provide tools for routine and rapid ad hoc reporting.


I was one of the key members of the LEDRS team. The objective of the LEDRS grant was to pool data strewn about the department, to eliminate redundant data collections, and to merge disparate data systems using a new Generated Universal ID. This ID was called a GUID. LDOE had a fully functional GUID when I left in February of 2012 and was using this GUID to fulfill the data request to CREDO, to the Governor’s office for the BP lawsuit, and to calculate dropouts and graduate cohort reports and rates. The department still uses the GUID to perform these functions. The objective of the LEDRS grant was to make us more internally self-sufficient, so we could save the State money by eliminate redundant data collections and numerous third part contractors that built and maintained those data collection systems. John White essentially fired or drove off all the full time state employees that ran the LEDRS system and turned it over to full time contractors being paid 2 to three times as much as state workers, that rotate out frequently, and owe no allegiance to Louisiana or our children or citizens, just to their out-of-state CEOs. This is the mockery of privacy and efficiency that John White has created with His department of education, and our children and their information.

So let me reiterate restate the lies given to the House Education Committee on April 19th, 2014, in case anyone would like to go review the tapes for themselves. (Just Sayin’)

  • John White stated SSN’s are required: This has never been true. It is illegal under federal law to require an SSN to enroll in a school. Louisiana allows “Temporary IDs” for this reason, as well as if a parent is uncomfortable providing an SSN because they believe the State Superintendent of Education is an incompetent buffoon and liar.
  • John White stated LDOE was applying for a 700,000 grant to create an ID that was not a SSN to address the concerns of parents over SSN’s: While the department may have applied for this grant, it was unnecessary. The Department has employed at least 3 IDs that are not SSN. Two of these IDs are currently in use, Temporary ID, and GUID. I’m not sure what this third ID would be, but it’s not necessary to protect students. John White is just using this as a dodge because he thinks the legislators are too lazy to verify his statements, or too stupid to understand that the Department already has these IDs. (Quite a ballsy approach actually. I’m curious to see if it pays off for him.) I will be happy to speak to any legislator that wishes to chat about this. My folks will be at the House hearing tomorrow – any of them know how to reach me one way or another.

Oh, one more thing. I wonder if John White knows that detailed data is not required to receive Federal funding, certainly not the vast sum he quoted of 900 million. I would like to see him break down that 900 million by the exact data the Feds required. I bet that would be pretty interesting (and likely inaccurate, sadly) Many states did not have student level systems just a few years ago, just aggregate systems. Before LDOE stopped sending me DOE’s national data conferences in DC, I went to a number of presentations from states that did not have a decent student level system at the state level. Alaska only had details on about a third of their children (American Eskimos and Indians do not have to submit data to get federal funding and often choose not too.) I recall California has had a very difficult time pulling in all their data from all their school districts although they are doing better now. However I think it’s worth mentioning that the data states (including Louisiana) report to the Federal government to the EdFacts or EDEN data collection system is aggregated data.

In the House hearing, John White claimed Louisiana had to collect student level data to report to the Federal government and satisfy existing legislated tasks. I’m not sure that’s entirely correct. For instance, just because the state requires LDOE to develop and implement a state accountability system, that doesn’t mean that student level data needs to be used to that end nor that LDOE needs to collect or possess it. After all, the data released is highly summarized and aggregated data. . .

John White also claimed LDOE had to collect student level data to perform audits, but that is also an overstatement. You see, I’ve taken a few auditing classes enroute to getting my Accounting degree from LSU. I’ve never heard of any big accounting firms collecting all data from their clients to perform an audit. Much of what the department uses the detailed info for is to determine which students to audit, by selecting a randomized sample, and then asking the school districts to provide detailed records in an electronic/scanned or hardcopy form; proving they have those students. You don’t need a lot of sate to do that. Do you think you need all of this?

SIS User Guide

I see no reason the state could not do something similar with school districts more directly. Most auditing is not done by collecting all the data from a client year after year. That’s a bit of overkill, actually. Moreover, current law actually requires school districts to have their own audits of just about everything already! Perhaps you’d like to ask your school district’s business office manager about those? Those audits include finances, student counts, classes enrolled, etc. I see no reason the state could not participate in those processes, or review those reports that are required annually already. So that reasoning holds as much water as a colander.

But hey, what do I know? I just collected this data for 9 years in the Finance Department, working closely with the auditors, and have a degree in accounting. I didn’t go to the Broad Superintendent Academy for a few weeks and TFA for a few more to get all my experience like our State Superintendent of Education, who ironically seems to have obtained very little of the necessary education to be holding his current post. I’ll give him this though. What John White lacks in knowledge, he more than makes up in telling convincing lies. If I didn’t know much, much better, why I might almost believe him myself. . .

Enjoy that House Hearing tomorrow, John. I’ll be thinking of you.

FERPA does not protect student privacy, and never did

FERPA does not protect student privacy, and never did

I’ve been debating for a few months on how to tackle this topic in a way that is both informative and engaging while providing firmly grounded sources that back up my analysis. I’ve finally decided that might be too ambitious, and certainly a lot to tackle in a single piece Rather than let anymore grass grow underneath my feet on this issue I decided to jump right in and I’ll be amending and updating my work on this topic much as Congress and US ED as amended FERPA continuously throughout the years. FERPA laws, interpretations and guidance are dense and jargon filled. I will refer to some specific passages, but I will leave it to you delve into those documents directly if you are so inclined. I’ve been asked to synthesize and summarize what I know and have read. If you feel more informed and more concerned after reading this piece I will see my work as successful.

FERPA is old and outdated

FERPA was created in 1974, before much of the current technology, we take for granted today, was even imagined by most legislators (except maybe the creator of the Internet, Al Gore.) As such, the framework is suspect and a patchwork of fixes and amendments that really fails to do what many people think it does. FERPA does not protect student privacy to any real degree, not to the extent we would expect a modern law to do. FERPA was written when many computers were housed in underground facilities on universities campuses (to make cooling them easier) and were the size of houses. Here is a state of the art computer from 1973, a GEC 4000.

And a close up of its fanciest part.

You couldn’t exactly hack into one of these and the data they stored was on tapes that had to be manually mounted. A modern thumb drive probably contains more data that the entire wall of tape cartridges shown in the picture, and most had no external connections. There was no Internet and top transmission speeds through dedicated phone lines with connected modems were about 300bps or about 37 characters per second (on a good day.) Todays transmission speeds can top 100Mbps or more which is the equivalent of 13 million characters per second if my rough estimates are correct. The computers millions of folks carry around in their pockets dwarf the processing speeds of even the fastest computers of 40 years ago, that were usually relegated to musty university and government warehouses and not the least bit portable.

So when FERPA was conceived computers and computerized records were not prevalent, data was not very portable, and usage and applicability of any data was almost non-existent. Fast forward 40 years and now computers are the size of wallets and watches. Millions of bits of data, or names and SSNs, can be stored on hard drives the size of a thumbnail that cost a few dollars and can be purchased at convenience stores. If you drive down almost any city block you can pick up dozens to hundreds of WiFi connections that access computers or computer networks, and the internet allows access to almost any computer anywhere on the planet. Messages and data can be transmitted virtually instantaneously to anyone anywhere via radio or satellite transmissions for little to no cost. Credit agencies, insurance agencies, employment agencies, advertising agencies, and government agencies use data collected and aggregated on everyone to sell, hire, investigate, issue or deny credit, fire, provide or deny benefits etc. We now have cyber bullies, phishers, hackers, identity thieves, and online predators to worry about in addition to all the physical threats of yesteryear to worry about as parents and consumers. When FERPA was created none of these threats were known and FERPA does next to nothing to protect against these threats.

For the dry specifics and dates you can refer to this passage, but I will be going into more detail about specific shortcomings and necessities.

FERPA History

Let’s start at the beginning with a brief history of how FERPA came to be.

The Family Educational Rights and Privacy Act of 1974 (“FERPA”), § 513 of P.L. 93-380 (The Education Amendments of 1974), was signed into law by President Ford on August 21, 1974, with an effective date of November 19, 1974, 90 days after enactment. FERPA was enacted as a new § 438 of the General Education Provisions Act (GEPA) called “Protection of the Rights and Privacy of Parents and Students,” and codified at 20 U.S.C. § 1232g. It was also commonly referred to as the “Buckley Amendment” after its principal sponsor, Senator James Buckley of New York. FERPA was offered as an amendment on the Senate floor and was not the subject of Committee consideration. Accordingly, traditional legislative history for FERPA as first enacted is unavailable.

Senators Buckley and Pell sponsored major FERPA amendments that were enacted on December 31, 1974, just four months later, and made retroactive to its effective date of November 19, 1974. These amendments were intended to address a number of ambiguities and concerns identified by the educational community, including parents, students, and institutions. On December 13, 1974, these sponsors introduced the major source of legislative history for the amendment, which is known as the “Joint Statement in Explanation of Buckley/Pell Amendment” (“Joint Statement”). See Volume 120 of the Congressional Record, pages 39862-39866.

Congress has amended FERPA a total of nine times in the nearly28 years since its enactment, as follows:

P.L. 93-568, Dec. 31, 1974, effective Nov. 19, 1974 (Buckley/Pell Amendment)
P.L. 96-46, Aug. 6, 1979 (Amendments to Education Amendments of 1978)
P.L. 96-88, Oct. 17, 1979 (Establishment of Department of Education)
P.L. 101-542, Nov. 8, 1990 (Campus Security Act)
P.L. 102-325, July 23, 1992 (Higher Education Amendments of 1992)
P.L. 103-382, Oct. 20, 1994 (Improving America’s Schools Act)
P.L. 105-244, Oct. 7, 1998 (Higher Education Amendments of 1998)
P.L. 106-386, Oct. 28, 2000 (Campus Sex Crime Prevention Act)
P.L. 107-56, Oct. 26, 2001 (USA PATRIOT Act of 2001)

Unapproved Changes to FERPA

What you don’t see in this bit of US ED lore is that the changes enacted by the US Department of Education over the last decade (plus) were not approved by Congress. The most recent and significant one I would like to direct you too occurred in 2011 and can viewed here along with a discussion of objections raised and DOEs responses to the objections.


These are very telling indications of how DOE intends to enforce (or not enforce FERPA) but it is 58 pages so I will excerpt a few of the more concerning sections to direct your attention to throughout my examination.

Before we go there though, let me summarize by saying FERPA was theoretically enacted in 1974 to protect the rights of parents and students under very specific situations that were known or understood at that time. (I would assert it actually defines the rights and preeminence of Federal agencies to oversee education matters and data with a small set of rights for parents under a few limited circumstances.) FERPA has been amended 9 times by Congress, and the primary enforcement mechanism is reduction or disqualification for funding directed at schools and states that fail to comply with FERPA regulations.

Applicability and Scope

This leads directly to the next point I would like to discuss; something many people may not be fully aware of or understand about FERPA. Namely the scope and applicability or in other words what it applies to and how it works and can be enforced.

Scope and Applicability

FERPA is a “Spending Clause” statute enacted under the authority of Congress in Art. I, § 8 of the U.S. Constitution to spend funds to provide for the general welfare. (“No funds shall be made available under any applicable program…” unless statutory requirements are met.)

Let me translate this a bit. FERPA has no defined penalties for folks who willfully and/or negligently and repetitively violate it. I can take your children’s personal data and wallpaper my house with it, use it to wrap all my presents, post it in the newspaper, print it on souvenir toilet paper and make paper airplanes out of it and launch them from atop the State Capital during Mardi Gras (something I’ve always wanted to do, sans the personal data) and FERPA and the US Department of Ed cannot prosecute you and the only sanction available to them is to withhold federal funding, if they so choose. This means any vendor that obtains personally identifiable data is largely immune to any repercussions or restrictions on its use or misuse. This is a matter of settled law and an opinion issued by US ED in the afore-linked 2011 document.

. . .Thus, if an authorized representative receives funds under a program administered by the Secretary, the Department has the authority to enforce failures to comply with FERPA under any of GEPA’s enforcement methods. If an authorized representative does not receive funds under a program administered by the Secretary and improperly rediscloses PII from education records, then the only remedy available under FERPA against the authorized representative would be for the Department to prohibit the disclosing educational agency or institution from permitting the authorized representative from accessing PII from education records for a period of not less than five years. 20 U.S.C. 1232g(b)(4)(B). These are the only remedies available to the Department to enforce FERPA. Remedies, such as assessing fines against any entity that violates FERPA, are not within the Department’s statutory authority. Under the FERPA regulations, and in accordance with its longstanding practice, the Department only will take an enforcement action if voluntary compliance and corrective actions cannot first be obtained. If the violating entity refuses to come into voluntary compliance, the Department can take the above listed enforcement actions. However, in addition to these statutorily authorized remedies, we encourage FERPA-permitted entities to consider specifying additional remedies or sanctions as part of the written agreements with their authorized representatives under § 99.35 in order to protect PII from education records. Written agreements can be used to permit increased flexibility in sanctions, to the extent that the desired sanction is permitted under law.

All vendors are free to use and misuse as much data however they choose without real restrictions or penalties

This means US ED has no authority over vendors or use or misuse data, that it must first try and convince abusers to stop abusing and disclosing the data they have received, and that their only recourse is to forbid school districts from providing data to them directly for 5 years or more. However if they obtain the data from another source, say another vendor, agencies can bypass even this very minor censure. Additionally, since DOE has no enforcement mechanism provided by FERPA, agencies can ignore this decision with impunity. This is why inBloom is not going out of business with no one officially committing to provide data to them. They intend to get this data secretly other ways and through other avenues. FERPA does allow schools, school districts and states to state their own civil penalties in their contracts, but most, if not all, fail to do so. What this means is any vendor for any data system in any school district that has access to data can currently use that data however they want if their only restriction written into their contract is that they will comply with FERPA. FERPA does not restrict or target vendors, only schools and school districts. State agencies are also largely excluded from many of the provisions of FERPA although references to them have been sprinkled in throughout the years. Most of the sanctions and wording it directed at local school districts, not state agencies who subsequently acquire the data.

Additionally, parents do not have the right to sue or take actions against vendors, state agencies, local school districts, or individuals who use, misuse or abuse their children’s data, or their own data under FERPA. All enforcement actions are handled through FPCO (the Family Policy Compliance Office), if they so choose. Parents may make a formal complaint, but those complaints can be ignored and parents have no further recourse.

The Kickboard and inBloom connection

A couple of months ago I was contacted by a parent and technology insider about a new company operating in New Orleans in coordination with Leslie Jacobs, a chief reform figure in Louisiana and one of the principal people responsible for creating RSD an creating the deforms striking across Louisiana and particularly New Orleans. This company is called KickBoard, and run by a former Teach for America alum named Jennifer “Jen” Medbery. Kickboard is an inBloom ally and dashboard provider that goes into schools and school districts to obtain all of their student and teacher data and provide tools and metrics for the teachers. What I have been told is that inBloom is now working with groups like Kickboard to obtain student data indirectly, bypassing contracts and oversight with school districts and state agencies. Please refer to this comment provided below.

I have to commend you and brilliant citizens like yourself for standing up and fighting against the partnership between LDOE and inBloom. As a parent and an EdTech critic, I’m so proud to see that partnership dissolving even if only for now. However, I’ve been alarmed for quite some time at the fact that no one has ever called out or investigated the more direct link between our state’s children’s data and inBloom than through Kickboard for Teachers. A search of your blog and even your readers’ comments pulled up zero hits on Kickboard. Jen Medbery and her self-proclaimed mentor and investor Leslie Jacobs more than likely played huge roles in the backroom deals between White and inBloom. As the poster child for New Orleans Edtech specifically and New Orleans entrepreneurship in general, Kickboard cannot be allowed to falter or worse die. Several prominent groups including Idea Village and the New Orleans Startup Fund have too much riding on Kickboard’s success in spite of the fact that Kickboard remains nearly two years behind on its own growth projections. Why else is there such a huge media blitz for Kickboard originating from Idea Village for each of the past two autumns despite that Idea Village has incubated probably five dozen other start-ups since Kickboard graduated from its program four years ago?

The hidden revenue stream was and probably continues to be to Kickboard from other inBloom members at the expense of our state’s children and their parents. Kickboard is listed alphabetically as the 15th of 21 inBloom partners. Leslie Jacobs took over the New Orleans Startup Fund precisely when the Fund was faltering and had really only one major investment consuming the bulk of its pledges, Kickboard. John White’s severing of his contract with inBloom has only served now to push the Kickboard and inBloom partnership deeper and further underground. And, contracts between Kickboard and the schools and districts it services permit the same data exchange through Kickboard to inBloom that White was permitting from the LDOE directly.

We can only hope that Medbery and Kickboard put our children before profits. Yet, I don’t see them justifying a recent unjustifiable valuation in the millions of dollars which subsequently resulted in them securing a sizable out-of-state venture capital investment without extracurricular income from inBloom partnerships.

I do not have detailed financials disclosing how these partnerships work, but I have been wondering how inBloom could continue to function without student data commitments. To be quite frank, there is no way they could operate as they’ve defined themselves (a centralized student data repository and intermediary) without obtaining data from someone. Initially inBloom was going to provide data to their partners like Kickboard. Now that virtually every state and large school district has pulled out of inBloom, thanks to the efforts of Leonie Haimson, Rachel Strickland, Debbie Sachs and others, the only available path I see to them is obtaining this data through vendors that already have access to it. Their most likely place for inBloom to acquire this data will be via and through their existing partners. There are currently not Federal laws to safeguard or prevent this, which is why State laws must be enacted in every state if you wish to prevent personal, student, teacher and parent data from falling into the hand of anyone and everyone who wants it.

For a current list of partnering companies with inBloom you can go here. If your parish does business with any of these vendors there is a decent chance inBloom and other data aggregators will be able to obtain your children’s data through them.

Please note: I do not have concrete proof Kickboard or any of these partners are actively sharing data with inBloom although I have had reports from sources that they are and have included one of those reports provided to me in this article. I have shown that there FERPA has no teeth to prohibit this, and US ED has no inclination or authority to address this issue. As every state and partner that I am aware of has pulled out of inBloom (or allowed parent opt outs or opt ins) and inBloom has not closed up shop it stands to reason they have plans to get this data another way. Bill Gates has 150 million reasons to see this venture succeed.

Future posts will include an outline on how to craft State legislation to address these issues but suffice it to say specific monetary and criminal penalties will need to be enacted.

Additional Note: If the only protections your vendor agreement defines is that it complies with FERPA, then essentially you have no real protections to safeguard or define ownership of your data or penalties for its misuse.  However, many vendors like JPAMS/EdGear (the largest SIS vendor in Louisiana whom contacted as part of my research for this story) have privacy agreements that go far beyond the use, ownership, storage, sharing and destruction restrictions defined by FERPA.  As a local superintendent or school board I believe it would be a good idea to review my contracts with my vendors and tighten up those that lack appropriate safeguards.  I do not attribute this lack to subterfuge on most of your vendors’ parts.  Many vendors may not even be aware of how poorly FERPA defines safeguards for data, as this lack is not something US ED or the Family Compliance Office actively advertises.

Time to start covering the many data thieving operations in our state and around the nation. . .

Time to start covering the many data thieving operations in our state and around the nation. . .

I’ve been promising for some time to cover some of the many secret and not-so-secret grants and data operations that will result in your data, and your children’s data being stolen and shared without your permission or knowledge. Now that it is clear the EPIC lawsuit against the US Department of Education has failed, the only solution to fix this problem is a state privacy law to protect the rights of parents, students and teachers. Considering the federal government can’t even agree to fund the federal government for a minute to protect our nation from terrorists or the prevent children from staving or dying from cancer, I have feel pretty confident they will not try to address student privacy concerns anytime soon. I’ve provided details to others on how this privacy law/framework would work and the necessary elements for meaningful legislation, but for now I will provide the documentation in a series of posts that shows why such a law is needed.

I will try to cover at least one scheme a day for the rest of the week. Some of the projects I’m considering covering are Kickboard, WDQI, MSIX, among many others like inBloom and Ed-Fi. Today I will mention a new database I learned about for tracking disabled students in a federal database.

This database grant awarded to Weststat Inc., by the US Department of Ed, is intuitively called the “National Technical Assistance Center to Improve State Capacity to Accurately Collect and Report IDEA Data.” (Or I guess NTACTISCTACARID for short?) This grant is aimed at creating a:

. . .national center aimed at improving the quality of data on educating America’s 7 million children and youth with disabilities.

However this database is not designed to help children. It is designed to guide and produce PR pieces for reform, according to US Education Secretary Arne Duncan.

“More than ever, we need good data to guide reform,” said U.S. Secretary of Education Arne Duncan. “Good data promotes transparency and accountability. It shows the public the value that they’re getting in their investment in education. It gives teachers information they need to change their practices to improve student achievement. And, data shows us when students are making progress and when they’re not.”

Duncan tries to characterize this database as something that will simply “assist states” but that make no sense base don’t he tasks and goals assigned to this project.

Among the areas the center will focus technical assistance to states:

  • Gathering more accurate, reliable data—from all appropriate resources in a state.
  • Providing training to states to help school and district officials submit better data.
  • Improving data infrastructure among the states.

Arne Duncan speaks with a forked tongue, telling us one thing, while clearly meaning another.

This is clearly a data collection, not an “assistance center.” The purpose of this database is to “guide reform” or in other words, define opportunities for advertisers and companies to exploit our most vulnerable children for profit. US Ed clearly plans to intervene if states are not meting multiple measurable and rigorous targets for infants and toddlers.

For infants and toddlers with disabilities, states must provide baseline data, measurable and rigorous targets, and improvement activities for 12 indicators. . .

With the information, the Education Department is required to make determinations on how well each state is meeting its obligations to serve its children and youth with disabilities. The determinations can include: “Meets the requirements of IDEA;” “Needs assistance;” “Needs intervention;” or “Needs substantial intervention.”

Intervention in the past has required school districts to turn their children overt o charter operators that do not need to meet the same rigorous targets or oversight traditional school districts do. That is quite likely the case here as well.

However what I find most disturbing is Arne Duncan is arguably the one most responsible for altering FERPA to make it ineffective for protecting student privacy. Duncan has converted FERPA into a warm blanket of protection for anyone who wants to collect and exploit students and student data for profit. By issuing guidance that it is “ok” for private companies to use data as they see fit, for educational and non-educational purposes alike, Duncan has opened the floodgates for abuse of student data, and abuse of students. By issuing this guidance he has given a blank check to corporations and a “get out of jail free card” all at the same time. Under Federal law, based on Duncan’s guidance, anyone can collect student data, sell it, use it for purposes other than for which it was intended, do a poor job guarding it, and retain it indefinitely and parents and students have no recourse whatsoever.

This data belongs to our most vulnerable children. Identity thieves, scam artists, pedophiles and corporations that obtain this information through legal or illegal means can use it for predatory commercial practices, or any other predatory practice under the sun and the corporations that collect and guard, or fail to sufficiently guard this information can never be held accountable for any damage done. Students and adults that have mental illness or limited mental capacity will be targeted by hucksters for the rest of their lives if this information falls into the wrong hands. Students with missing limbs, poor eyesight or hearing can be targeted by thieves at their homes who will be able to easily prey upon those documented weaknesses. Corporations that learn your child has down syndrome or a weak heart may refuse to employ them, perhaps without even realizing they are discriminating against them. This will be done through complex ranking systems that will evaluate everyone based on suitability for specific jobs or tasks, just like credit reports determine credit worthiness. Employers may never be aware they are using data to discriminate against people illegally, but they will use these systems nevertheless as there are not laws and there is no oversight to prevent this from happening. The only defense we have right now is that of refusing to share or allow our data to be harvested and shared.

John White and Chas Roemer frequently claim national and federal collections are no different than the local vendors and arrangement school districts use. There is video tape of this at various BESE meetings if you are interested in looking for it. However there are major differences between what local vendors use and collect and what a national vendor does.

Local vendors:

  • Are answerable to local districts and local parents.
  • Parents and local districts have financial leverage over their vendors
  • Their contracts are locally controlled and defined.
  • Local vendors collect data for a specific contracted reason, that directly serves students, parents and families in the school district
  • Local vendors are usually excluded from using student data for commercial purposes (and should always be)
  • Superintendents and IT staff that sign contracts with local vendors are answerable to the people in their districts. If they screw it up, they can lose their jobs and be found personally liable in the event of negligence or criminal activity
  • LEAs are required to notify parents and ask for their permission before they provide student data for directory information
  • Parents have a direct line of contact with their schools and their school districts and personnel if they suspect a problem
  • Are smaller target for hackers and thieves. A single breach does not reveal everyone’s data all at once.
  • Are necessary for the day to day operations of a school district
  • Local vendors are selected by school districts and relationships can be terminated at any time

Federal and National data collections and vendors:

  • Are answerable only to themselves
  • Can use their leverage to force districts to comply with their policies
  • Engage in monopolistic practices eliminate rights for parents, states and school districts
  • Parents, students, local districts and sometimes states have no rights to object (in the case of federally mandated collections)
  • Parents have no financial leverage over national players
  • May have hundreds or thousands of partners and contract relationships which exponentially increase the likelihood of intentional or unintentional disclosure
  • Are exponentially more attractive and visible targets for hackers and thieves and the damage done from a breach is irreparable
  • Can ignore parents and students with impunity
  • Can rename themselves, create shell companies, and sell student data and contracts to third parties without consent making tracking of responsible parties impossible (as inBloom as done or created clauses in their contract with Louisiana and other states to allow.)
  • Are not necessary for the day to day operations of a school district
  • Federal collections and vendors are never selected by local districts or parents, and these relationships are not usually terminable under any circumstances controlled by parents or students

So which arrangement are you more comfortable with? Who do you think you will be able to hold more accountable for mistakes, your local superintendent and school board, or Iwan Streichenberged who is likely zooming around on his yacht paid for by the exploitation of your children?

For these reasons we should limit what national collections are permitted to collect. Congress is currently unable to function enough to fund the government for a single minute, even though this game of political chicken makes us more vulnerable to terrorist attacks, more vulnerable to foreign invasions, more vulnerable to natural disasters, and makes it very likely we will have children starving or dying from cancer. It is unlikely a Congress as dysfunctional as this will be able to pass legislation to protect our children from the threats they face from data predation and exploitation.

We must push our State governments to pass privacy legislation that truly protects our children. If they refuse, or if they do a poor job, then they will be directly answerable to us, their neighbors, fellow church members and little league coaches.

Is Student Privacy Hopeless?

Is Student Privacy Hopeless?

(This will be a long one, and has some ranting folks, so buckle up.)

Is student privacy hopeless?

Sadly, this may be little more than a rhetorical question after the last week of horrible setbacks on the student privacy front. I’ve been gathering information and leads for months now, researching some, and holding onto others. I was hoping some of these issues would become non-issues if EPIC, the Electronic Privacy Information Center, was successful in their lawsuit against the US Department of Education’s change to FERPA that allows vendors to use student data and resell it as they see fit, for any reason and without parents or students having any rights or say in the matter. Unfortunately the lawsuit was thrown out because the courts did not believe EPIC had the standing to bring the suit.

But Judge Amy Berman Jackson of U.S. District Court in Washington issued summary judgment for the Education Department, ruling that the plaintiffs have not suffered any real legal injuries stemming from the regulations and thus they lack legal standing to bring their suit.

In order for someone to have “standing”, they must first be victimized. When that happens it won’t be one child affected. The data being transmitted and bartered belongs to every child on any DOE databases, many of which are now adults. We are not talking about just one child, but quite likely millions, if not all of them.  All of our kids data will have to be sent to third party vendors, and then shared or sold based on the policy change, then many years of lawsuits and appeals will have to take place, during which vendors will continue to collect and sell student data for students through cloud based infrastructures, with no liability for the damage they cause. If you went to school after computer records were kept in your state, probably the eighties or nineties, then your data is at risk too. This data can be used, abused and misused by anyone, and because the federal government changed the policy defining what student privacy is, and what vendors can do with this data, even if the lawsuits are successful, this will be of small comfort for the millions of children and adults who have their data permanently dispersed throughout cyberspace, in the hands of criminals, pedophiles, and companies selling information and making employment decisions based on this information. Our students will become adults, and they will never be able to reclaim their data or their identity that other adults like John White and Arne Duncan have stolen from them.

It will be impossible to fix the damage done, to unring the bell and much if this information will be incorrect, and haunt our citizens, our children, ourselves, throughout life. In the very near future, every job interview, every interest rate they or you get, every credit score, every rejection for college or a job, every insurance rate or refusal, every mortgage rate, every failed background check could be directly related to this information, and you will never know, and never, ever, be able to remedy this situation. This will make many people very rich. Many of these soon to rich, or richer, people are those who secretly lobbied the US Ed Department to change this policy to render it worse than worthless. This is not an overstatement. I say worse, because not only does it not actually protect children from the ones their data needs to be protected from most, strangers, thieves, criminals, corporations, hucksters, it outright protects the despicable uses and users. FERPA is now an indemnification clause to allow anyone to harvest and use student data without anyone having any way to stop them.  How can you take any recourse against those who have been told by the federal government to take our data it use it however they see fit?  Are you going to sue the federal government?  Would you sue them for not having a law that does what its supposed to do?  When wouldn’t you sue the government if that was something you could do?  The other harmful thing this law does is It makes average people be deluded into believing there is a federal privacy law that protects them, when FERPA is anything but.  You almost have to admire the corporations that distorted a student privacy law into a legal blanket for themselves to use children’s data however they see fit.

The way the law now works, the less direct contact you have with a student, the less legitimate reason you have for possessing it, the more freedom you have to exploit a child and their data. Schools still have to notify parents if they plan to share student data, but once that data is handed over to a corporation that corporation has no restrictions on use or misuse, no liabilities and the only restrictions they have are ones they place on themselves.  These terms can be modified at any time, as often as Apple modifies your iTunes terms of service, but leaving you with less recourse. If you don’t like the iTunes terms of service, you can throw out your iPhone and discontinue using the ITunes store. You can’t throw out your children or yourself, or disconnect yourself from the data being used against them.

FERPA also protects many of the lying education reformers running US Ed, State departments of education and our local LEAs. FERPA allows dishonest superintendents like John White to share data with whomever they want, with any restrictions they choose to apply or not apply such as was done with CREDO recently. They can also refuse to turn over data anyone for any reason, but the reasons it is being denied right now is to protect people from learning the truth. What is happening in Louisiana and in many states is our state departments of educations are failing in epic ways. All of their reform schemes are colossal utter failures that cost anywhere from 2 to 10 times as much as other solutions, but which gets terrible results, almost without exception. I suppose I should clarify, the results they get are often great for charter schools, contractors, reformers and their bottom lines and salaries. For children and taxpayers the results are nothing short of criminal, but you will never know, thanks to FERPA.

What these DOE thieves and charlatans, like John White, are doing is preparing completely false reports, reports with absurd self-serving conclusions, results that they slice and dice the data to find something remotely positive to report. These results are often reported as percentages without any context, without history, without magnitude, without mitigating factors, without costs either direct or opportunity costs (programs terminated to fund vouchers or teachers fired to pay for Common Core.) These reports in some cases are simply outright false. Our department of education also fails to report anything they can get away with not reporting that shows them in a bad light, even if that same information was used in the past to create a sense of urgency in the public for the need for “education reforms.”

For instance, RSD sucks bad. No pretty phrasing needed for the shithole that RSD, the state takeover of public schools, has become. No RSD schools have ever been returned to their original districts, as was the original intent of the legislation. RSD conquered schools are sold off to unscrupulous charter operators who apply for charter grants they use to pay themselves exorbitant salaries. Many of these charter schools treat students and parents like your butt treats toilet paper, use once and dispose of. Charters falsify exit reasons to hide the fact they exclude disabled students, English language learners, and students with behavior problems. I’ve been told many of them cheat on state tests, remove students that will do poorly after they get funding for them but before they take state exams, or simply don’t administer the exams to many of their students they don’t expect to do well. They report fantastic success, but what they don’t tell you about their high completion rates is that only 5 students were tested. What they don’t tell you is that 90% of the students that could have taken the tests don’t take them so their score look fantastic, for the few students that end up taking them.

Our DOE thinks that if they simply deny access to this data, no one will call them on it, but I am. LDOE is lying to you about graduation rates, dropout rates, class schedules, VAM, COMPASS, test scores, enrollments, student classifications, enrollments and exit reasons and test scores. They are lying outright and through admission and they are using FERPA to do this. I saw the data. I collect the data. I analyzed the data. I knew the data, the data was a friend of mine. And believe me, John White is no data steward . . . but he is a paragon of pure dishonesty and disdain for the people of Louisiana. White has fired, force retired, or driven off everyone who collected or analyzed, audited or evaluated data in LDOE so he can now almost honestly say he has no earthly idea what’s going on. He’s driven off all the programmers that maintained our databases and systems and used their salaries to hire scores of unqualified TFA spawnlings who he gives fancy titles to so they can spread their filthy incompetence and corporate welfare programs throughout the world on the backs of their unearned titles, on the backs of needy children, on the backs of our children. LDOE has no chance of processing accountability scores themselves, collecting data themselves, maintaining data systems themselves and this is entirely a planned situation. This was done so White will have no choice but to contract out data collecting, processing, and analyzing services to vendors who will charge much more, magnitudes more, than it ever cost to do in-house. inBloom was just the tip of the iceberg, which is why White was so cavalier about sharing and selling it our student’s data through them. To him that is nothing, and we are nothing. That data will be given to anyone and everyone if it has not already, through dozens of other contracts we can never hope to keep track of.

Just about everyone who is forced to attend RSD hates it and would rather any other solution which is why in Baton Rouge only 1500 of the more than 6000 RSD seats are filled, and RSD is still seeking to expand until students have not choices, but RSD. (So much for choice, eh parents?) In St Helena RSD made the case that its presence is helping the cause of desegregation. RSD claimed that if the local school board opened up new grade levels, white students would flee and the segregation would be worse. They also claimed they were doing a good job in St Helena. RSD provided data that to a casual observer might back up their case. They removed all the data from their website that might disprove their assertions, but I have folks that archived just enough for me to prove show them as completely deceptive unscrupulous liars that they have always been. St Helena’s white population is increasing since RSD came to town, but only in the non-RSD schools. In RSD the population is declining by about 20-40%, in the elementary school it has increased by that much. The data RSD showed the judge was for a single year, between October and February, which shown as a percentage after students left at mid-year and a few students transferred in looked like a small increase. Over the actual 7 years they have been there the trend is completely opposite. RSD and LDE knew this, they have all the data, but chose to submit a legal document to a federal judge that lied about this. RSD also showed how their schools have been improving. RSD has schools all over the state. Instead of showing the progress at the middle school, which has gotten progressively worse, they showed information about RSD as a whole, including most of the schools in New Orleans. (Incidentally I have evidence of systematic cheating at RSD New Orleans schools to incrementally increase their scores, more on that on part 2 of John McDonogh story .)

Here are a few of the stories detailing St Helena, but replace St Helena with the name of your own school district, because this, or some version of it, will be the story of your district soon enough. The methods and actors might change, but when you have someone without a shred of human decency, honor, or morality determined to destroy you, he will win.





Even now, the voucher case Jindal and White are making much hay about is nothing more than poor theatre to prevent people from learning the truth about the voucher program and the destruction it is quietly wreaking on minority communities. Laws and agreements were already in place that Jindal and John White violated with his voucher program, in much the same way Jindal violated our very state Constitution, repeatedly and viciously throughout his tenure as our tyrannical governor. As part of the agreement consent decrees in many parishes throughout the state, White and Jindal were supposed to notify the Attorney General’s office about programs that might have an impact on desegregation progress, as vouchers have clearly done. Jindal and White knew this, and refused to comply with existing law and legal agreements because they were afraid their plans might be stalled or found to be out of compliance, so they willfully violated those agreements and orders. In response a federal judge asked for data to determine whether the programs had a negative impact on desegregation. White and Jindal refused to comply (knowing full well that their voucher program was removing poor black children from public schools and putting them in substandard schools that teach kids with DVDs, teach kids with uncertified teachers, and teach kids so poorly they score on average 30 points lower on state tests than their public school counterparts) and instead characterized that request, that the Federal government was bound by existing law and orders to uphold, into a power grab. Read the MOU for yourself.

So to reiterate the absurdity and dishonesty of John White and Bobby Jindal: In the span of the same three months John White and Jindal argued allowing parents the choice to attend a public school instead of RSD would jeopardize desegregation. (Knowing full well that not only was this not true, but that in fact RSD was driving white students out of the system and intentionally misleads a federal judge with irrelevant data) They also refused to turn over data that would show their voucher program was having a negative impact on desegregation in numerous other parishes, knowing full well that it did. Their argument was that since most of the recipients of the scholarships statewide were black it would be absurd that the impact could be harmful. This is a ridiculous argument. There could be local issues where every single white student in a majority black district pulled out for instance. The vouchers could make the public schools less financially viable (as was the case RSD also made for rejecting St Helena to add grades to their existing schools). The results could be sporadic since they only reported a majority of students statewide, individual parishes could have been unharmed, and some dramatically harmed. As time goes on, these impacts could get much much worse, but Jindal and John White have successfully fended off the feds, and fooled the majority of the public with their grandstanding. Have children been the losers in this equation? Quite likely, but neither of these phonies cares one whit about other people’s children. They care about images and political careers and their donors, not ordinary people.

Our only hope is if we resist the status quo and momentum Jindal and John White have built around their plans, their multilayered deceptions. Drastic methods are required to confront and prevent this and keep them from succeeding. White knows you are onto him, which is why he is signaling his reformer kin to change their tactics and brand parents the enemy. I knew this was coming. I’ve seen it and said it form months now, but he has branded us the enemy now.

“An aggressive form of populism has asserted itself in the rhetoric of our day,” White is expected to say at the conservative American Enterprise Institute’s headquarters in Washington. “I see it in a tone that is skeptical of reformers in the same populist way our country today is skeptical of authority generally. This is, I believe, greatly damaging for an education reform effort that has done good in America and that needs to be sustained. And it needs to be addressed, lest this generational effort wash out with the tide of the next administration.”

“How we manage our newfound authority in a populist time is a critical and tenuous question,” White will say. “Our most important responsibility as reformers is no longer just to clamor for change but to sustain and expand the positive direction of our nation’s education system. The greatest risk we face in doing this is not the validity of our ideas but the pitfalls of authority itself.”

The aggressive populism White speaks of is you, is parents, is children, is teachers who are tired of being told what is good for our children by folks who don’t have them. Teachers are tired of being told how to educate children by folks who took a 5 week TFA correspondence course, or who never taught a day in their life, like Bill Gates, who says his reforms will take 10 years or more to see if they were effective! These bastards want to literally experiment on a whole generation of our children, on their hunches, that data has heretofore proved not just wrong, but damn wrong. The few reformers, who have children, enroll them in exclusive private schools that do the opposite of everything they preach is great for our kids. Put Bill Gate’s kids and Michele Rhee’s kids in a class of 50+ students, glued to a computer all day, learning Common Core drilled mathematics.

They preach choice, but deny us ours. They choose different than what they choose for us! I choose different than what they would choose for us! Who is with me?!?! Do these cowards who hide behind wealthy donors and speak at secret meetings beyond parents dare subject their own children to these education tortures, these heinous crimes against education that they would subject the rest of us to in the name of choice, in the name of global competitiveness they have never documented? Do they dare face us! They are miserable sniveling cowards picked by even more cowards to lead us like lemmings of the cliff while they parachute down to their pavilions paid for on the backs of our children. If that be an aggressive form of populism, letting the people decide what is best for their own children than wealthy overlords, then sobeit. I am a populist. I am a knuckle dragger. I am for the people. I am for what is best for my children and what is best for yours, not what is best for their wallets. When you see them at your schools, at your town halls, at your school board meetings, at your churches wearing their smug smiles of confidence and control, let them know you are onto them and their little game. Let them know you are for people, for your children, for your neighbor’s children, and not the filthy blood money lining their pockets.

it may be hopeless but we fight

Do I seem angry? Damn straight I’m angry. You should be too. This has gone on long enough. The time for politely making 3 minute statements in a highly staged BESE meeting or before an orchestrated legislature is over. They are told how to vote by Bobby Jindal before they even set foot in those venues. They think they have this and you all wrapped up in a pretty little bundle, and I tell you it’s time to blow that package apart.

John White sees this as just a little game where their only problem is the messaging, not the horribly destructive agenda. White is so arrogant he tells us “reformers” are manipulating us with meaningless semantics and “framing.” In White’s play we are merely actors with parts he has written for us. In this passage he says as much.

To prevent that from happening, White is offering a three-part solution. “First, if we are to sustain our positive impact on the future of American education, reform leaders will shift their mission to national responsibility over self-righteous sympathy,” he will say. Reformers who rely too much “on an easy sympathy for the urban poor” can hurt the cause, he will say.

Second, he will call for the narrative around reform to be “refreshed.” This means taking the fight to enemies beyond teachers unions. While White argues that the media paint reformers as “ideologues,” what he calls the real “establishment bureaucracy” — the management of huge federal programs like Title I and Head Start — takes little flak.

“Without the new fight, what we have is stale story,” White will say. “We are letting the populist story of reformer versus working person tell itself.”

But John White is no Shakespeare either. Those of us that were educated before Common Core supplanted real Shakespeare with “informational texts” recognize the real stuff versus a pathetic imitation.

CCSS Shakespeare courtesy of John White
CCSS Hamlet, courtesy of John White

So in answer to my initial question.  Yes.  As long as we have people like Bobby Jindal and John White calling the shots, student and parent privacy is impossible.


How my original “Opt Out Letter” was converted to a “form”

At the June 18th BESE meeting John White relayed that he did not recall seeing my opt-out letter and did not reply because it was something he characterized as a “form letter.”  Technically this was true.  Mine was the first letter to get sent, so it was not a form letter, however Tom Aswell at the Louisiana Voice republished it after redacting my personal info so other parents could likewise opt their children out of any data sharing using my letter as a template.  (I subsequently learned there was much swearing of my name by John White, as a result of my letter and privacy petition and campaign, but we must pick and choose our battles, right?)

A form letter type approach was adopted because Louisiana has not provided an organized method of transmitting or submitting opt-out requests and some very specific information needs to be submitted for Louisiana to identify children that are opted out, while not revealing too much information (like DOB and SSN) which could be used by identity thieves that might intercept the e-mail making the opt-out procedure as dangerous as the data sharing.

My son will be starting pre-k this year in EBR so I will be updating my opt-out request in a few weeks with his info.

Feel free to use this letter as a template for your own, or simply write your own and simply make sure to send the bolded data elements.  Since John White did not recall seeing my letter, even thought I sent it to him and most of his senior staff and legal counsel, I would recommend making sure you send it to more folks than just John White.  I asked him to provide a method by which parents could opt-out their children without this hassle, but White did not address any future plans to make this process easy in the meeting.

Feel free to send your opt outs to any or all of:

John.White@la.gov (state Superintendent of Education)

Erin.Bendily@la.gov (Governor Jindal’s handpicked DOE handmaiden )

Joan.Hunt@la.gov (DOE chief legal counsel)

Kim.Nesmith@la.gov (Data Quality and collections director)

My name is (PARENT’S NAME) and I am a parent of children in Louisiana public schools. This is to formally inform you that you do not have my permission to share my children’s personally identifiable student information with any external agency, researcher, non-profit group, vendor or government or quasi-government agency under any circumstances (specifically, name, DOB, SSN). They are public students in the (parish/city/parochial) school system and you have not asked my permission to share their information as required by law. I am purposefully informing you that you do not have permission to share their information unless I provide appropriate parental guidance. Their/his/her name(s) is/are (STUDENT’S OR STUDENTS’ NAME[S]). If you already have, I would like you to promptly request that his/her/their information be expunged from any data set you have already shared.

Mr. White, on the basis of your e-mails it appears you are planning on sharing this data and I will hold you personally responsible for any subsequent violations. I will be recommending that other parents likewise notify you if they do not wish their information to be shared with corporations/vendors whom you have agreed to not hold liable for any security breaches or unauthorized releases (which I don’t believe you have a legal right or authority to do). Moreover, any such release of personally identifiable information without each parent’s express permission will be a direct violation of the Family Educational Rights and Privacy Act (FERPA) and a willfully unnecessary one since you have non-personally identifiable student identifiers and have taken great pains to claim FERPA exclusions for all other releases of de-identified student data to the media, researchers, and the general public.

Please note the section in the last paragraph below. Schools may disclose, without consent, directory information. But you must notify us when doing so. You, however, do not have my consent and you are not a school. You have my absolute, unequivocal, official refusal on record.

You also do not have a legal right to require social security numbers from any student in Louisiana. I will be recommending parents and school districts to promptly stop providing them as you seem unwilling to guard this information as required by law.

Thank you for your prompt attention to this matter.


Family Educational Rights and Privacy Act (FERPA)

The Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.

FERPA gives parents certain rights with respect to their children’s education records. These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level. Students to whom the rights have transferred are “eligible students.”

• Parents or eligible students have the right to inspect and review the student’s education records maintained by the school. Schools are not required to provide copies of records unless, for reasons such as great distance, it is impossible for parents or eligible students to review the records. Schools may charge a fee for copies.

• Parents or eligible students have the right to request that a school correct records which they believe to be inaccurate or misleading. If the school decides not to amend the record, the parent or eligible student then has the right to a formal hearing. After the hearing, if the school still decides not to amend the record, the parent or eligible student has the right to place a statement with the record setting forth his or her view about the contested information.

• Generally, schools must have written permission from the parent or eligible student in order to release any information from a student’s education record. However, FERPA allows schools to disclose those records, without consent, to the following parties or under the following conditions (34 CFR § 99.31):

o School officials with legitimate educational interest;

o Other schools to which a student is transferring;

o Specified officials for audit or evaluation purposes;

o Appropriate parties in connection with financial aid to a student;

o Organizations conducting certain studies for or on behalf of the school;

o Accrediting organizations;

o To comply with a judicial order or lawfully issued subpoena;

o Appropriate officials in cases of health and safety emergencies; and

o State and local authorities, within a juvenile justice system, pursuant to specific State law.

Schools may disclose, without consent, “directory” information such as a student’s name, address, telephone number, date and place of birth, honors and awards, and dates of attendance. However, schools must tell parents and eligible students about directory information and allow parents and eligible students a reasonable amount of time to request that the school not disclose directory information about them. Schools must notify parents and eligible students annually of their rights under FERPA. The actual means of notification (special letter, inclusion in a PTA bulletin, student handbook, or newspaper article) is left to the discretion of each school.