LDOE Lays an Egg: Violates FERPA and Their Own MOU Providing Data to CREDO

LDOE Lays an Egg: Violates FERPA and Their Own MOU Providing Data to CREDO

I know its reaching, but I thought I’d give everyone a little Easter reference with this surprise post.  Smile

Before I left LDOE 3 years ago I was asked to help assemble some de-identified data for a research outfit named CREDO.  At the time most of my colleagues didn’t know who CREDO was or what they were all about.  (It turns out they are a pro-charter funded propaganda machine masquerading as legitimate researchers.)   We had a standing policy not to provide this type of data to anyone. . . except a few local research universities like ULL we had established contracts with – to provide analysis services to LODE for specific grants.

Then came John White and CREDO.  We’d been telling CREDO “No” for years because the amount of data they wanted was excessive and the time involved with compiling it was also going to be pretty steep.  John White was not the State Superintendent when he started giving orders through Erin Bendilly, a Jindal appointee.  This request was one of those, and it was coordinated, reviewed, and delivered by Kim Nesmith, the “Data Quality Director” and department’s FERPA enforcer.  (The fact that this request was  being forced through quickly on John White’s behalf was confirmed by both Kim and Devora Davis, head CREDO researcher, in a conference call.)

happy Easter

FERPA tidbit:

US DOE requires State agencies to select a number between 1 and 10 to mask all their student level data to conform to FERPA. Kim actually required the department go one step further.  She insisted we mask by using less than (<) and greater than (>) symbols in the ones digits in most numbers reported.  (We can still derive the specific numbers from the percentages and enrollment numbers but I won’t tell if you won’t)


(You can Download the full report example if you’d like.)

Another provision of FERPA calls for agencies to restrict access to data – keep it private from those that don’t need that access to perform their specific role or function.  While I dealt with the student data of all students, I did not need to have access to their medical records or diagnoses, or their specific Special Education classifications.  This role was handled by the folks that worked directly with this data and these students in our SER system or those folks who produced necessary reports to the Finance department.  For the nine years I worked there, I did not have access to that data.

New Orleans based, Research on Reforms filed a lawsuit to discover just what data LDOE had released to CREDO.  When ROR eventually prevailed I learned what else LDOE had provided to CREDO.  (LDOE first denied the existence of this MOU until I agreed to testify for Research on Reforms.  Then LDOE argued that they could choose whomever they wanted to evaluate their programs and did not need to provide equal access to anyone else to cross examine the claims.  The first judge agreed, but the appeals court overturned this ruling.)

It turns out LDOE violated their own very expansive MOU.  What follows is a description of a few things that should not have been sent.

For instance, it turns out that LDOE sent quite a bit of detailed data on non-public students, their DOB’s, their teachers, their special education conditions, schools, etc.  Non-Public schools were not part of the research project and not part of the MOU.


Here’s a snapshot of some of the NPB (Non-Public School) records.  Hundreds of non-public schools’ data was disclosed – without their knowledge I would imagine.


And here is some of the specific data elements they handed over on nonpublic and public students – some of which is specifically prohibited and some of which should have been because it was outside the scope of the study.  This shows the full Date of birth (not just month and year) as well as any section 504 classifications and also identifies one student as blind and another one as deaf.  (Note: these records are from completely different sections and do not match up to any of the schools shown above.)


Of course if that’s not enough, they also included the specific teacher and the course they took with that teacher for each student. (Note: each snap shot is from different records to prevent identification of students.  Something LDOE might have considered.)


To make sure researchers could identify and use all these codes, LDOE created a decode file with useful tables like this one for Special Education classifications.


You will note in the study, none of this info is necessary, and if you look at the final CREDO reports none of it was used – but it was provided unnecessarily.

LDOE also can’t make the claim they did not know what they were providing or that they were unaware that to provide it was a violation of FERPA.  Most of the files, like the one containing Special Education data, carry a pretty convincing warning.

This report contains personally identifiable information or information that when combined withother reports and/or information a student’s identity might be revealed.  Personally identifiable studentinformation must be kept confidential pursuant to the Family Educational Rights and Privacy Act (FERPA)codified at 20 U.S.C. 1232g.  Information in this report cannot be disclosed to any other person,except for employees of a student’s school or school system who must have access to that information in order to perform their official duties and for those other persons and entitiesspecified in 20 U.S.C. 1232g.


In this case, LDOE provided this information without any masking for every school in the state (including Non-Publics).  They provided a file that contains the school, school year, grade, age, ethnicity, disabilities, gender.  They provided this information for counts as low as one single student.

You would think a Student Privacy Director and Data Quality Director would know better, wouldn’t you?

According to the MOU, here is the scope of the study:




The dubious nature of the decision to provide all the data they agreed to provide aside, I don’t see any reason to provide private school data, let alone disabled student data.  Do you?

This is an example of why LDOE needs to be fully transparent and properly overseen.  There is no telling how many other data sharing agreements LDOE has entered into that most of us are completely unaware of.  LDOE is apparently incapable of even adhering to their own internal privacy decisions and their own MOU’s.  This is not an example of a rogue department providing data accidentally.  This is an example of LDOE’s top privacy guru, the Student Privacy and Data Quality Director reviewing and assembling the data, personally, before handing it over to strangers in California.


It’s only a combination of chance and persistence that I stumbled across the details of this agreement and am able to share my findings with you.  How many more agreements like this are out there that are unknown to us?  How poorly have they been reviewed?  I can’t actually say.  Someone outside of LDOE needs to review these types of disclosures (All of them)  – before they happen.  It is important for the public to have an accounting of both what was promised, but also what was actually delivered.  Frankly, if LDOE doesn’t understand their own data, they shouldn’t be providing it to others.  I also question whether they should be collecting it all or storing it for decades in the first place.

Data Security Fail: John White and LDOE up to their old irresponsible data tricks again

Data Security Fail: John White and LDOE up to their old irresponsible data tricks again


John White recently testified multiple times in front of the Louisiana House Education Committee that he has a firm commitment to student privacy and takes his responsibilities toward ensuring the department only collects data that is absolutely necessary and does so responsibly. He made the argument that without detail student level data, the Department would not be able to fulfil their reporting duties lain out by the federal government and auditing duties to ensure data is being accurately reported. When State Representative John Schroeder introduced a bill a few months back that only allowed LDOE to collect aggregated data, John White was adamant that he would not be able to adequately report to the legislature and federal government. Neither assertion is true. White also assured House members he took great pains to safeguard information and that he did not need to document all the data elements he was collecting, or what they were being collected for, but we could be sure they were only collecting exactly what was needed.

All of these claims were complete lies, but they sounded convincing to most folks and I was not asked by any Senator or Representative to debunk them, despite my numerous offers to cut through White’s BS before the session and during it. (If anyone would like to contact me I am still available.) I’ve worked with other state’s privacy advocates and Senators so I’m not sure why ours have not accepted my numerous offers. (I was told more than half a dozen times that I would be called or contacted about the various privacy bills making their ways through the Senate and House, but these promises never materialized into any actual direct correspondence. I find that . . . interesting. Perhaps folks don’t want to know the truth? But I digress.)

Last I checked Louisiana has a privacy bill that has been voted on in the House but which has not been taken up in the Senate. As this legislative session closes it appears less and less likely every day that we will get a privacy bill through the legislature and onto Governor Jindal’s desk to sign. I can only assume Jindal will sign such a bill since he has had his folks publicly support it while it made its way through the House.

This brings me to this week’s latest finding that might be of some interest to parents and legislators pondering data privacy and security issues and the promises John White made just a few weeks ago in front of cameras, parents, legislators, the press, and God. His testimony is still available to review if you care to take the time to listen. . . But back to the latest example of LDOE incompetence under John White.

Introducing the new:

Alternative School/Program Data Collection

Please forward to district alternative school/program staff.
The 2013-14 Annual Report on Alternative Education Schools/Programs is a report submitted to BESE on the effectiveness of alternative education schools and programs. Please complete the school/program overview and student roster layout provided (under Announcements to the right) by May 23, 2014
and email a signed and scanned copy of the overview to Renee Montogmery at
renee.montgomery@la.gov. The alternative program/school roster should be uploaded via your districts’ secured FTP site. For questions regarding data collection, layout/template, or FTP upload instructions, please contact Crystal Wilkinson at crystal.wilkinson@la.gov.


LDOE created a new data collection they want LEAs to submit by May 25th of 2014 that they introduced on May 2nd. LDOE is asking school districts to aggregate all their data for them on the first page, which is the data they really want, but they also want LEAs to submit student level data (that they already have and that was obtained more securely) via an unencrypted Excel Spreadsheet. Element H, Student Sate ID, is Social Security number for 97+% of students in Louisiana. They are having schools and districts submit this along with a student’s full name and Date of Birth to ensure if this info was stolen it could be used to obtain credit cards and apply for loans. To ensure student’s privacy rights will be violated they are asking LEAs to define students as dropouts, their discipline records, whether they were expelled, and if they are disabled.


They did this while the legislative session is still going on.

They are doing this after they testified they don’t request info unnecessarily. (All of this info is already in their possession except dropouts – which are not final and are official produced by LDOE not school districts, and the program code.)  None of that data is necessary if they just collect the summary page which I have no objection to as long as this was only done this one year and next year the program element was collected in SIS properly.

LDOE attempted to collect this data in a wildly irresponsible way that no one would endorse as a safe or proper way to collect data (Even themselves when questioned about it.) Here is an official response from Barry Landry, official spokesperson for LDOE. I asked who was in charge or this and questioned the wisdom of doing this (in a less civil way to be sure.) The response I got back was mildly reassuring . . . at first.


 This original form is not an appropriate way to collect this data,  [emphasis mine] and the Department has taken down this form. No information or data concerning alternative schools or programs was submitted by any district to the Department.  



It took LDOE a few days to get back to me. (I learned they were scrambling around based on my initial inquiries and trying to get their stories straight.) I did verify they took the information about the collection down from their “Insight” portal, where they communicate with school district personnel indirectly. Per John White, LDOE staff are not permitted to talk directly to school districts on the off chance they would provide helpful information accidentally. That is not made up or even the slightest bit sarcastic. I’d tell you to ask a current LDOE staffer if this was true, but they would not be able to answer you without worrying about being fired. Instead I ask you to ask a recently departed staff member and verify.

Now, back to the data collection. I was briefly encouraged that LDOE was taking my concerns, parent’s concerns seriously for once. I actually figured they would just hold off on collecting this data this way until after the legislative session, so legislators would go home without passing any serious student privacy and data security legislation and go about business as usual. However, even I was surprised that Kim Nesmith, the creator of this data collection, immediately contacted SIS (Student Information System) vendors and denied that they were doing away with this collection, or even that they were doing away with this data collection method. She told them to continue building the reports and files less than 5 hours after I received an e-mail from Barry Landry at LDOE that “this was not an appropriate way to collect data”. The following e-mail was sent by one of the SIS vendors to their client. Apparently they were contacted around noon.

I have been in contact with the state. They have not made that decision yet. They may or may not require the file at this time. They just don’t know.

I will keep you up to date as I get more information. Please forward me the statement from Barry Landry saying they won’t need the report.

It is true they took the form down about this data collection. (at least for a few hours)  It may be true that no data was transmitted this way. What is missing is any confirmation that they are not collecting data this inappropriate way. All Barry reported to me was they took the form down (true) and that no data was transmitted this way. (I have not verified this one way or the other yet.)

When I saw this collection, I knew right away that Kim Nesmith was behind it. I verified this on my own later although, and one of the contacts listed as a contact reports directly to her, but LDOE refused to confirm this officially. However this is not the first time Kim has collected data this way. In 2011 she demanded IT collect data this way for students that were corporally punished or bullied and for identified bullies. I refused to collect this data this way because I believed it was dangerous, inefficient and stupid, however I was overruled by Patrick Dobard (currently the superintendent of RSD, then Superintendent Paul Pastorek, and Kim Nesmith.) What happened was Kim collected this data herself, but was unable to use it to build any reports so I was called in to link the hundreds of excel data files and report from them. Paul, Patrick and I are gone, but Kim remains. Kim no longer has anyone that can summarize the data, hence the summary page.

Kim is also LDOE’s FERPA compliance person in IT, the supervisor in charge of data collections and data collectors (including student data collections), and the self-titled Data Quality Director. Yep. Kim is the person who LDOE put in charge of ensuring your students’ data is treated carefully and securely, that data is reported accurately, and that school districts know what to report.

I will have more information on current issues facing the data collections department, under Kim, in future posts. I have been getting specific complaints about her from school districts for years. I’ve done my best to give LEAs information they can feed back to LDOE to fix the data problems they have been having in the wake of firing or driving off all the experienced and qualified IT staff, but it has gotten so bad that even if I get step by step instructions on what to fix Kim’s staff is unable to address any of the problems they are having. Currently they are unable to properly calculate dropouts. I believe they are also the reason LDOE gave incorrect budget numbers to the legislature at the start of the session that John White tried to vaguely explain away.

White said $35 million of this year’s shortfall is tied to having higher-than-estimated student enrollment for the 2013-14 school year.

This is the 2013-2014 school year. We have those numbers in October 2013 and February 2014. How could they have been surprised if they had the actual numbers 6 months prior to being surprised unless the numbers they originally collected were wrong?

I don’t blame Kim’s staff. With proper training and a competent supervisor I’m sure they would do fine. I blame Kim for claiming she knew what she was doing and for driving off all the people that did know what they were doing. I blame John White for promoting her, putting her in charge of our children’s data, for and keeping her around this long. This is exactly the type of situation you should expect from putting someone with a Home Economics degree in charge of Statewide data collections and data security and privacy. My degree is in Accounting and I specialized on systems accounting and design, but I would make a terrible dress maker.  Just sayin’. . .

Here are the actual files LDOE took down but probably still plans to use once the session is over unless by some miracle enough legislators start taking data privacy and security seriously enough to pass some meaningful legislation.

Copy of 2013-14 Alternative Schools Programs Data Collection Layout

Facilitating the Reporting of Alternative Programs and Schools


Louisiana’s Privacy Legislation and Testimony – Setting the Record Straight

On March 19th the Louisiana House and Senate Education Committee’s both heard testimony at the same time on the same types of legislation. This legislation was about student privacy. Holding meetings on the same subject at the same time required folks to split up their resources. Since most of us do not have ready doppelgangers, or clones, this meant parents went unrepresented on either the Senate side or the House side. This was pointed out as a little fishy by passionate privacy advocate, Sara Wood, in testimony delivered to the Senate during the hearing on Senator Conrad Appel’s “privacy” bill 449. She points that out as her first point in this YouTube video. Sara Wood’s testimony: http://www.youtube.com/watch?v=xFEjudTEDSk#t=30

Prior to Sara Wood, I said my piece on SB 449. All of the points I covered, with the exception of the Amendments that were introduced that day, were included in my earlier analysis of the various privacy bills.

If you would like to get a look at my actual testimony you can see that here. My testimony: https://www.youtube.com/watch?v=zoHK3TqeksE (I rock – although my “rocking” is certainly of a lower intensity variety than Sara’s.)

Meanwhile at virtually the same time Superintendent of Louisiana Schools, John White, was giving some of his own testimony at the House Education Committee. His testimony and the amendments he offered came after all the parents spoke, and I was told there would not be a chance for anyone else there to weigh in on what he was saying. Nevertheless, I feel it’s important that someone does. You see, when I gave my testimony I had to sign a card stating the testimony I was prepared to give would be accurate and truthful. I assume John White was required to make a similar statement when he gave his testimony. However upon reviewing the testimony he gave I have my doubts about the truthfulness of it. That’s probably putting it too tactfully. I think it would be more accurate to say he perjured himself on at least one point and omitted several details and context about numerous others. I won’t dissect every statement he said, but I’d like to pull out some relevant ones I feel are important. I’m guessing he made these statements to cover his . . . back. To protect himself from angry parents and lawsuits, but he boldly lied about these issues at least.

John White claimed the department only had Social Security numbers for State IDs and that the department had applied for a 700,000 grant to try and switch over to another system that did not rely on SSN’s. This is a lie many times over. I know this because I was in charge of the Student Information System for almost 9 years before leaving the department to tell folks about John White and his reformers. Our first ID was first used for the 1996 data collection, about 18 years ago. This ID was called the “Generated ID” and lasted until about 2008. This ID was used to calculate dropouts, and was generally held to be more accurate than SSN, although SSN was used to help define whether a new Generated ID needed to be created for a new student. John White also did not share that SSN’s are not required. Parents have the option to “opt out” of sharing their child’s SSN and asking their school district to create and report a Temporary ID. Both of my children have temporary IDs in the EBR parish school district. I switched them over after John White sent millions of children’s SSN’s (including my daughter’s) to an unregulated third party vendor, inBloom, despite my refusal to allow her information to be included or shared sent right to him and the head of his legal department. Obviously the Department feels FERPA does not apply to them, and the rights of parents and children are non-existent. (They are right which is why we need our own State privacy law.) That’s why I find John White’s statements that he is concerned about student privacy a lie. Had he been concerned he should and could have been concerned when letters, calls and e-mails form other parents flowed into the department once I published my letter. (I heard John White’s actual reaction was cursing me quite soundly as other letters rolled in. Interesting reaction for someone concerned with protecting the rights of parents and students, no?)

But I’ve digressed. As I reported, Generated ID was created 18 years ago, by the department, without a grant of any size. It lasted quite well. Louisiana then applied for a new grant from the IES (Institute of Education Sciences), a division of US ED. Louisiana received this 4 million dollar grant. The data system created was called LEDRS.


Project Start Date: 3/1/2009

Project End Date: 2/28/2012

Amount Awarded: $4,056,510

The Louisiana Department of Education (LDOE) proposes to use the US Department of Education

longitudinal data systems grant to build the Louisiana Education Data Repository System (LEDRS). The

LEDRS will allow the LDOE to organize and link all of its data into a centralized repository. The LEDRS

project will consist of three main tasks:

The creation of a data repository that will centralize and link the data that currently reside in

isolated silos.

The creation of a data reporting system that will enable the LDOE to automate its EdFacts

reporting and provide tools for routine and rapid ad hoc reporting.


I was one of the key members of the LEDRS team. The objective of the LEDRS grant was to pool data strewn about the department, to eliminate redundant data collections, and to merge disparate data systems using a new Generated Universal ID. This ID was called a GUID. LDOE had a fully functional GUID when I left in February of 2012 and was using this GUID to fulfill the data request to CREDO, to the Governor’s office for the BP lawsuit, and to calculate dropouts and graduate cohort reports and rates. The department still uses the GUID to perform these functions. The objective of the LEDRS grant was to make us more internally self-sufficient, so we could save the State money by eliminate redundant data collections and numerous third part contractors that built and maintained those data collection systems. John White essentially fired or drove off all the full time state employees that ran the LEDRS system and turned it over to full time contractors being paid 2 to three times as much as state workers, that rotate out frequently, and owe no allegiance to Louisiana or our children or citizens, just to their out-of-state CEOs. This is the mockery of privacy and efficiency that John White has created with His department of education, and our children and their information.

So let me reiterate restate the lies given to the House Education Committee on April 19th, 2014, in case anyone would like to go review the tapes for themselves. (Just Sayin’)

  • John White stated SSN’s are required: This has never been true. It is illegal under federal law to require an SSN to enroll in a school. Louisiana allows “Temporary IDs” for this reason, as well as if a parent is uncomfortable providing an SSN because they believe the State Superintendent of Education is an incompetent buffoon and liar.
  • John White stated LDOE was applying for a 700,000 grant to create an ID that was not a SSN to address the concerns of parents over SSN’s: While the department may have applied for this grant, it was unnecessary. The Department has employed at least 3 IDs that are not SSN. Two of these IDs are currently in use, Temporary ID, and GUID. I’m not sure what this third ID would be, but it’s not necessary to protect students. John White is just using this as a dodge because he thinks the legislators are too lazy to verify his statements, or too stupid to understand that the Department already has these IDs. (Quite a ballsy approach actually. I’m curious to see if it pays off for him.) I will be happy to speak to any legislator that wishes to chat about this. My folks will be at the House hearing tomorrow – any of them know how to reach me one way or another.

Oh, one more thing. I wonder if John White knows that detailed data is not required to receive Federal funding, certainly not the vast sum he quoted of 900 million. I would like to see him break down that 900 million by the exact data the Feds required. I bet that would be pretty interesting (and likely inaccurate, sadly) Many states did not have student level systems just a few years ago, just aggregate systems. Before LDOE stopped sending me DOE’s national data conferences in DC, I went to a number of presentations from states that did not have a decent student level system at the state level. Alaska only had details on about a third of their children (American Eskimos and Indians do not have to submit data to get federal funding and often choose not too.) I recall California has had a very difficult time pulling in all their data from all their school districts although they are doing better now. However I think it’s worth mentioning that the data states (including Louisiana) report to the Federal government to the EdFacts or EDEN data collection system is aggregated data.

In the House hearing, John White claimed Louisiana had to collect student level data to report to the Federal government and satisfy existing legislated tasks. I’m not sure that’s entirely correct. For instance, just because the state requires LDOE to develop and implement a state accountability system, that doesn’t mean that student level data needs to be used to that end nor that LDOE needs to collect or possess it. After all, the data released is highly summarized and aggregated data. . .

John White also claimed LDOE had to collect student level data to perform audits, but that is also an overstatement. You see, I’ve taken a few auditing classes enroute to getting my Accounting degree from LSU. I’ve never heard of any big accounting firms collecting all data from their clients to perform an audit. Much of what the department uses the detailed info for is to determine which students to audit, by selecting a randomized sample, and then asking the school districts to provide detailed records in an electronic/scanned or hardcopy form; proving they have those students. You don’t need a lot of sate to do that. Do you think you need all of this?

SIS User Guide

I see no reason the state could not do something similar with school districts more directly. Most auditing is not done by collecting all the data from a client year after year. That’s a bit of overkill, actually. Moreover, current law actually requires school districts to have their own audits of just about everything already! Perhaps you’d like to ask your school district’s business office manager about those? Those audits include finances, student counts, classes enrolled, etc. I see no reason the state could not participate in those processes, or review those reports that are required annually already. So that reasoning holds as much water as a colander.

But hey, what do I know? I just collected this data for 9 years in the Finance Department, working closely with the auditors, and have a degree in accounting. I didn’t go to the Broad Superintendent Academy for a few weeks and TFA for a few more to get all my experience like our State Superintendent of Education, who ironically seems to have obtained very little of the necessary education to be holding his current post. I’ll give him this though. What John White lacks in knowledge, he more than makes up in telling convincing lies. If I didn’t know much, much better, why I might almost believe him myself. . .

Enjoy that House Hearing tomorrow, John. I’ll be thinking of you.

FERPA does not protect student privacy, and never did

FERPA does not protect student privacy, and never did

I’ve been debating for a few months on how to tackle this topic in a way that is both informative and engaging while providing firmly grounded sources that back up my analysis. I’ve finally decided that might be too ambitious, and certainly a lot to tackle in a single piece Rather than let anymore grass grow underneath my feet on this issue I decided to jump right in and I’ll be amending and updating my work on this topic much as Congress and US ED as amended FERPA continuously throughout the years. FERPA laws, interpretations and guidance are dense and jargon filled. I will refer to some specific passages, but I will leave it to you delve into those documents directly if you are so inclined. I’ve been asked to synthesize and summarize what I know and have read. If you feel more informed and more concerned after reading this piece I will see my work as successful.

FERPA is old and outdated

FERPA was created in 1974, before much of the current technology, we take for granted today, was even imagined by most legislators (except maybe the creator of the Internet, Al Gore.) As such, the framework is suspect and a patchwork of fixes and amendments that really fails to do what many people think it does. FERPA does not protect student privacy to any real degree, not to the extent we would expect a modern law to do. FERPA was written when many computers were housed in underground facilities on universities campuses (to make cooling them easier) and were the size of houses. Here is a state of the art computer from 1973, a GEC 4000.

And a close up of its fanciest part.

You couldn’t exactly hack into one of these and the data they stored was on tapes that had to be manually mounted. A modern thumb drive probably contains more data that the entire wall of tape cartridges shown in the picture, and most had no external connections. There was no Internet and top transmission speeds through dedicated phone lines with connected modems were about 300bps or about 37 characters per second (on a good day.) Todays transmission speeds can top 100Mbps or more which is the equivalent of 13 million characters per second if my rough estimates are correct. The computers millions of folks carry around in their pockets dwarf the processing speeds of even the fastest computers of 40 years ago, that were usually relegated to musty university and government warehouses and not the least bit portable.

So when FERPA was conceived computers and computerized records were not prevalent, data was not very portable, and usage and applicability of any data was almost non-existent. Fast forward 40 years and now computers are the size of wallets and watches. Millions of bits of data, or names and SSNs, can be stored on hard drives the size of a thumbnail that cost a few dollars and can be purchased at convenience stores. If you drive down almost any city block you can pick up dozens to hundreds of WiFi connections that access computers or computer networks, and the internet allows access to almost any computer anywhere on the planet. Messages and data can be transmitted virtually instantaneously to anyone anywhere via radio or satellite transmissions for little to no cost. Credit agencies, insurance agencies, employment agencies, advertising agencies, and government agencies use data collected and aggregated on everyone to sell, hire, investigate, issue or deny credit, fire, provide or deny benefits etc. We now have cyber bullies, phishers, hackers, identity thieves, and online predators to worry about in addition to all the physical threats of yesteryear to worry about as parents and consumers. When FERPA was created none of these threats were known and FERPA does next to nothing to protect against these threats.

For the dry specifics and dates you can refer to this passage, but I will be going into more detail about specific shortcomings and necessities.

FERPA History

Let’s start at the beginning with a brief history of how FERPA came to be.

The Family Educational Rights and Privacy Act of 1974 (“FERPA”), § 513 of P.L. 93-380 (The Education Amendments of 1974), was signed into law by President Ford on August 21, 1974, with an effective date of November 19, 1974, 90 days after enactment. FERPA was enacted as a new § 438 of the General Education Provisions Act (GEPA) called “Protection of the Rights and Privacy of Parents and Students,” and codified at 20 U.S.C. § 1232g. It was also commonly referred to as the “Buckley Amendment” after its principal sponsor, Senator James Buckley of New York. FERPA was offered as an amendment on the Senate floor and was not the subject of Committee consideration. Accordingly, traditional legislative history for FERPA as first enacted is unavailable.

Senators Buckley and Pell sponsored major FERPA amendments that were enacted on December 31, 1974, just four months later, and made retroactive to its effective date of November 19, 1974. These amendments were intended to address a number of ambiguities and concerns identified by the educational community, including parents, students, and institutions. On December 13, 1974, these sponsors introduced the major source of legislative history for the amendment, which is known as the “Joint Statement in Explanation of Buckley/Pell Amendment” (“Joint Statement”). See Volume 120 of the Congressional Record, pages 39862-39866.

Congress has amended FERPA a total of nine times in the nearly28 years since its enactment, as follows:

P.L. 93-568, Dec. 31, 1974, effective Nov. 19, 1974 (Buckley/Pell Amendment)
P.L. 96-46, Aug. 6, 1979 (Amendments to Education Amendments of 1978)
P.L. 96-88, Oct. 17, 1979 (Establishment of Department of Education)
P.L. 101-542, Nov. 8, 1990 (Campus Security Act)
P.L. 102-325, July 23, 1992 (Higher Education Amendments of 1992)
P.L. 103-382, Oct. 20, 1994 (Improving America’s Schools Act)
P.L. 105-244, Oct. 7, 1998 (Higher Education Amendments of 1998)
P.L. 106-386, Oct. 28, 2000 (Campus Sex Crime Prevention Act)
P.L. 107-56, Oct. 26, 2001 (USA PATRIOT Act of 2001)

Unapproved Changes to FERPA

What you don’t see in this bit of US ED lore is that the changes enacted by the US Department of Education over the last decade (plus) were not approved by Congress. The most recent and significant one I would like to direct you too occurred in 2011 and can viewed here along with a discussion of objections raised and DOEs responses to the objections.


These are very telling indications of how DOE intends to enforce (or not enforce FERPA) but it is 58 pages so I will excerpt a few of the more concerning sections to direct your attention to throughout my examination.

Before we go there though, let me summarize by saying FERPA was theoretically enacted in 1974 to protect the rights of parents and students under very specific situations that were known or understood at that time. (I would assert it actually defines the rights and preeminence of Federal agencies to oversee education matters and data with a small set of rights for parents under a few limited circumstances.) FERPA has been amended 9 times by Congress, and the primary enforcement mechanism is reduction or disqualification for funding directed at schools and states that fail to comply with FERPA regulations.

Applicability and Scope

This leads directly to the next point I would like to discuss; something many people may not be fully aware of or understand about FERPA. Namely the scope and applicability or in other words what it applies to and how it works and can be enforced.

Scope and Applicability

FERPA is a “Spending Clause” statute enacted under the authority of Congress in Art. I, § 8 of the U.S. Constitution to spend funds to provide for the general welfare. (“No funds shall be made available under any applicable program…” unless statutory requirements are met.)

Let me translate this a bit. FERPA has no defined penalties for folks who willfully and/or negligently and repetitively violate it. I can take your children’s personal data and wallpaper my house with it, use it to wrap all my presents, post it in the newspaper, print it on souvenir toilet paper and make paper airplanes out of it and launch them from atop the State Capital during Mardi Gras (something I’ve always wanted to do, sans the personal data) and FERPA and the US Department of Ed cannot prosecute you and the only sanction available to them is to withhold federal funding, if they so choose. This means any vendor that obtains personally identifiable data is largely immune to any repercussions or restrictions on its use or misuse. This is a matter of settled law and an opinion issued by US ED in the afore-linked 2011 document.

. . .Thus, if an authorized representative receives funds under a program administered by the Secretary, the Department has the authority to enforce failures to comply with FERPA under any of GEPA’s enforcement methods. If an authorized representative does not receive funds under a program administered by the Secretary and improperly rediscloses PII from education records, then the only remedy available under FERPA against the authorized representative would be for the Department to prohibit the disclosing educational agency or institution from permitting the authorized representative from accessing PII from education records for a period of not less than five years. 20 U.S.C. 1232g(b)(4)(B). These are the only remedies available to the Department to enforce FERPA. Remedies, such as assessing fines against any entity that violates FERPA, are not within the Department’s statutory authority. Under the FERPA regulations, and in accordance with its longstanding practice, the Department only will take an enforcement action if voluntary compliance and corrective actions cannot first be obtained. If the violating entity refuses to come into voluntary compliance, the Department can take the above listed enforcement actions. However, in addition to these statutorily authorized remedies, we encourage FERPA-permitted entities to consider specifying additional remedies or sanctions as part of the written agreements with their authorized representatives under § 99.35 in order to protect PII from education records. Written agreements can be used to permit increased flexibility in sanctions, to the extent that the desired sanction is permitted under law.

All vendors are free to use and misuse as much data however they choose without real restrictions or penalties

This means US ED has no authority over vendors or use or misuse data, that it must first try and convince abusers to stop abusing and disclosing the data they have received, and that their only recourse is to forbid school districts from providing data to them directly for 5 years or more. However if they obtain the data from another source, say another vendor, agencies can bypass even this very minor censure. Additionally, since DOE has no enforcement mechanism provided by FERPA, agencies can ignore this decision with impunity. This is why inBloom is not going out of business with no one officially committing to provide data to them. They intend to get this data secretly other ways and through other avenues. FERPA does allow schools, school districts and states to state their own civil penalties in their contracts, but most, if not all, fail to do so. What this means is any vendor for any data system in any school district that has access to data can currently use that data however they want if their only restriction written into their contract is that they will comply with FERPA. FERPA does not restrict or target vendors, only schools and school districts. State agencies are also largely excluded from many of the provisions of FERPA although references to them have been sprinkled in throughout the years. Most of the sanctions and wording it directed at local school districts, not state agencies who subsequently acquire the data.

Additionally, parents do not have the right to sue or take actions against vendors, state agencies, local school districts, or individuals who use, misuse or abuse their children’s data, or their own data under FERPA. All enforcement actions are handled through FPCO (the Family Policy Compliance Office), if they so choose. Parents may make a formal complaint, but those complaints can be ignored and parents have no further recourse.

The Kickboard and inBloom connection

A couple of months ago I was contacted by a parent and technology insider about a new company operating in New Orleans in coordination with Leslie Jacobs, a chief reform figure in Louisiana and one of the principal people responsible for creating RSD an creating the deforms striking across Louisiana and particularly New Orleans. This company is called KickBoard, and run by a former Teach for America alum named Jennifer “Jen” Medbery. Kickboard is an inBloom ally and dashboard provider that goes into schools and school districts to obtain all of their student and teacher data and provide tools and metrics for the teachers. What I have been told is that inBloom is now working with groups like Kickboard to obtain student data indirectly, bypassing contracts and oversight with school districts and state agencies. Please refer to this comment provided below.

I have to commend you and brilliant citizens like yourself for standing up and fighting against the partnership between LDOE and inBloom. As a parent and an EdTech critic, I’m so proud to see that partnership dissolving even if only for now. However, I’ve been alarmed for quite some time at the fact that no one has ever called out or investigated the more direct link between our state’s children’s data and inBloom than through Kickboard for Teachers. A search of your blog and even your readers’ comments pulled up zero hits on Kickboard. Jen Medbery and her self-proclaimed mentor and investor Leslie Jacobs more than likely played huge roles in the backroom deals between White and inBloom. As the poster child for New Orleans Edtech specifically and New Orleans entrepreneurship in general, Kickboard cannot be allowed to falter or worse die. Several prominent groups including Idea Village and the New Orleans Startup Fund have too much riding on Kickboard’s success in spite of the fact that Kickboard remains nearly two years behind on its own growth projections. Why else is there such a huge media blitz for Kickboard originating from Idea Village for each of the past two autumns despite that Idea Village has incubated probably five dozen other start-ups since Kickboard graduated from its program four years ago?

The hidden revenue stream was and probably continues to be to Kickboard from other inBloom members at the expense of our state’s children and their parents. Kickboard is listed alphabetically as the 15th of 21 inBloom partners. Leslie Jacobs took over the New Orleans Startup Fund precisely when the Fund was faltering and had really only one major investment consuming the bulk of its pledges, Kickboard. John White’s severing of his contract with inBloom has only served now to push the Kickboard and inBloom partnership deeper and further underground. And, contracts between Kickboard and the schools and districts it services permit the same data exchange through Kickboard to inBloom that White was permitting from the LDOE directly.

We can only hope that Medbery and Kickboard put our children before profits. Yet, I don’t see them justifying a recent unjustifiable valuation in the millions of dollars which subsequently resulted in them securing a sizable out-of-state venture capital investment without extracurricular income from inBloom partnerships.

I do not have detailed financials disclosing how these partnerships work, but I have been wondering how inBloom could continue to function without student data commitments. To be quite frank, there is no way they could operate as they’ve defined themselves (a centralized student data repository and intermediary) without obtaining data from someone. Initially inBloom was going to provide data to their partners like Kickboard. Now that virtually every state and large school district has pulled out of inBloom, thanks to the efforts of Leonie Haimson, Rachel Strickland, Debbie Sachs and others, the only available path I see to them is obtaining this data through vendors that already have access to it. Their most likely place for inBloom to acquire this data will be via and through their existing partners. There are currently not Federal laws to safeguard or prevent this, which is why State laws must be enacted in every state if you wish to prevent personal, student, teacher and parent data from falling into the hand of anyone and everyone who wants it.

For a current list of partnering companies with inBloom you can go here. If your parish does business with any of these vendors there is a decent chance inBloom and other data aggregators will be able to obtain your children’s data through them.

Please note: I do not have concrete proof Kickboard or any of these partners are actively sharing data with inBloom although I have had reports from sources that they are and have included one of those reports provided to me in this article. I have shown that there FERPA has no teeth to prohibit this, and US ED has no inclination or authority to address this issue. As every state and partner that I am aware of has pulled out of inBloom (or allowed parent opt outs or opt ins) and inBloom has not closed up shop it stands to reason they have plans to get this data another way. Bill Gates has 150 million reasons to see this venture succeed.

Future posts will include an outline on how to craft State legislation to address these issues but suffice it to say specific monetary and criminal penalties will need to be enacted.

Additional Note: If the only protections your vendor agreement defines is that it complies with FERPA, then essentially you have no real protections to safeguard or define ownership of your data or penalties for its misuse.  However, many vendors like JPAMS/EdGear (the largest SIS vendor in Louisiana whom contacted as part of my research for this story) have privacy agreements that go far beyond the use, ownership, storage, sharing and destruction restrictions defined by FERPA.  As a local superintendent or school board I believe it would be a good idea to review my contracts with my vendors and tighten up those that lack appropriate safeguards.  I do not attribute this lack to subterfuge on most of your vendors’ parts.  Many vendors may not even be aware of how poorly FERPA defines safeguards for data, as this lack is not something US ED or the Family Compliance Office actively advertises.

Time to start covering the many data thieving operations in our state and around the nation. . .

Time to start covering the many data thieving operations in our state and around the nation. . .

I’ve been promising for some time to cover some of the many secret and not-so-secret grants and data operations that will result in your data, and your children’s data being stolen and shared without your permission or knowledge. Now that it is clear the EPIC lawsuit against the US Department of Education has failed, the only solution to fix this problem is a state privacy law to protect the rights of parents, students and teachers. Considering the federal government can’t even agree to fund the federal government for a minute to protect our nation from terrorists or the prevent children from staving or dying from cancer, I have feel pretty confident they will not try to address student privacy concerns anytime soon. I’ve provided details to others on how this privacy law/framework would work and the necessary elements for meaningful legislation, but for now I will provide the documentation in a series of posts that shows why such a law is needed.

I will try to cover at least one scheme a day for the rest of the week. Some of the projects I’m considering covering are Kickboard, WDQI, MSIX, among many others like inBloom and Ed-Fi. Today I will mention a new database I learned about for tracking disabled students in a federal database.

This database grant awarded to Weststat Inc., by the US Department of Ed, is intuitively called the “National Technical Assistance Center to Improve State Capacity to Accurately Collect and Report IDEA Data.” (Or I guess NTACTISCTACARID for short?) This grant is aimed at creating a:

. . .national center aimed at improving the quality of data on educating America’s 7 million children and youth with disabilities.

However this database is not designed to help children. It is designed to guide and produce PR pieces for reform, according to US Education Secretary Arne Duncan.

“More than ever, we need good data to guide reform,” said U.S. Secretary of Education Arne Duncan. “Good data promotes transparency and accountability. It shows the public the value that they’re getting in their investment in education. It gives teachers information they need to change their practices to improve student achievement. And, data shows us when students are making progress and when they’re not.”

Duncan tries to characterize this database as something that will simply “assist states” but that make no sense base don’t he tasks and goals assigned to this project.

Among the areas the center will focus technical assistance to states:

  • Gathering more accurate, reliable data—from all appropriate resources in a state.
  • Providing training to states to help school and district officials submit better data.
  • Improving data infrastructure among the states.

Arne Duncan speaks with a forked tongue, telling us one thing, while clearly meaning another.

This is clearly a data collection, not an “assistance center.” The purpose of this database is to “guide reform” or in other words, define opportunities for advertisers and companies to exploit our most vulnerable children for profit. US Ed clearly plans to intervene if states are not meting multiple measurable and rigorous targets for infants and toddlers.

For infants and toddlers with disabilities, states must provide baseline data, measurable and rigorous targets, and improvement activities for 12 indicators. . .

With the information, the Education Department is required to make determinations on how well each state is meeting its obligations to serve its children and youth with disabilities. The determinations can include: “Meets the requirements of IDEA;” “Needs assistance;” “Needs intervention;” or “Needs substantial intervention.”

Intervention in the past has required school districts to turn their children overt o charter operators that do not need to meet the same rigorous targets or oversight traditional school districts do. That is quite likely the case here as well.

However what I find most disturbing is Arne Duncan is arguably the one most responsible for altering FERPA to make it ineffective for protecting student privacy. Duncan has converted FERPA into a warm blanket of protection for anyone who wants to collect and exploit students and student data for profit. By issuing guidance that it is “ok” for private companies to use data as they see fit, for educational and non-educational purposes alike, Duncan has opened the floodgates for abuse of student data, and abuse of students. By issuing this guidance he has given a blank check to corporations and a “get out of jail free card” all at the same time. Under Federal law, based on Duncan’s guidance, anyone can collect student data, sell it, use it for purposes other than for which it was intended, do a poor job guarding it, and retain it indefinitely and parents and students have no recourse whatsoever.

This data belongs to our most vulnerable children. Identity thieves, scam artists, pedophiles and corporations that obtain this information through legal or illegal means can use it for predatory commercial practices, or any other predatory practice under the sun and the corporations that collect and guard, or fail to sufficiently guard this information can never be held accountable for any damage done. Students and adults that have mental illness or limited mental capacity will be targeted by hucksters for the rest of their lives if this information falls into the wrong hands. Students with missing limbs, poor eyesight or hearing can be targeted by thieves at their homes who will be able to easily prey upon those documented weaknesses. Corporations that learn your child has down syndrome or a weak heart may refuse to employ them, perhaps without even realizing they are discriminating against them. This will be done through complex ranking systems that will evaluate everyone based on suitability for specific jobs or tasks, just like credit reports determine credit worthiness. Employers may never be aware they are using data to discriminate against people illegally, but they will use these systems nevertheless as there are not laws and there is no oversight to prevent this from happening. The only defense we have right now is that of refusing to share or allow our data to be harvested and shared.

John White and Chas Roemer frequently claim national and federal collections are no different than the local vendors and arrangement school districts use. There is video tape of this at various BESE meetings if you are interested in looking for it. However there are major differences between what local vendors use and collect and what a national vendor does.

Local vendors:

  • Are answerable to local districts and local parents.
  • Parents and local districts have financial leverage over their vendors
  • Their contracts are locally controlled and defined.
  • Local vendors collect data for a specific contracted reason, that directly serves students, parents and families in the school district
  • Local vendors are usually excluded from using student data for commercial purposes (and should always be)
  • Superintendents and IT staff that sign contracts with local vendors are answerable to the people in their districts. If they screw it up, they can lose their jobs and be found personally liable in the event of negligence or criminal activity
  • LEAs are required to notify parents and ask for their permission before they provide student data for directory information
  • Parents have a direct line of contact with their schools and their school districts and personnel if they suspect a problem
  • Are smaller target for hackers and thieves. A single breach does not reveal everyone’s data all at once.
  • Are necessary for the day to day operations of a school district
  • Local vendors are selected by school districts and relationships can be terminated at any time

Federal and National data collections and vendors:

  • Are answerable only to themselves
  • Can use their leverage to force districts to comply with their policies
  • Engage in monopolistic practices eliminate rights for parents, states and school districts
  • Parents, students, local districts and sometimes states have no rights to object (in the case of federally mandated collections)
  • Parents have no financial leverage over national players
  • May have hundreds or thousands of partners and contract relationships which exponentially increase the likelihood of intentional or unintentional disclosure
  • Are exponentially more attractive and visible targets for hackers and thieves and the damage done from a breach is irreparable
  • Can ignore parents and students with impunity
  • Can rename themselves, create shell companies, and sell student data and contracts to third parties without consent making tracking of responsible parties impossible (as inBloom as done or created clauses in their contract with Louisiana and other states to allow.)
  • Are not necessary for the day to day operations of a school district
  • Federal collections and vendors are never selected by local districts or parents, and these relationships are not usually terminable under any circumstances controlled by parents or students

So which arrangement are you more comfortable with? Who do you think you will be able to hold more accountable for mistakes, your local superintendent and school board, or Iwan Streichenberged who is likely zooming around on his yacht paid for by the exploitation of your children?

For these reasons we should limit what national collections are permitted to collect. Congress is currently unable to function enough to fund the government for a single minute, even though this game of political chicken makes us more vulnerable to terrorist attacks, more vulnerable to foreign invasions, more vulnerable to natural disasters, and makes it very likely we will have children starving or dying from cancer. It is unlikely a Congress as dysfunctional as this will be able to pass legislation to protect our children from the threats they face from data predation and exploitation.

We must push our State governments to pass privacy legislation that truly protects our children. If they refuse, or if they do a poor job, then they will be directly answerable to us, their neighbors, fellow church members and little league coaches.

Is Student Privacy Hopeless?

Is Student Privacy Hopeless?

(This will be a long one, and has some ranting folks, so buckle up.)

Is student privacy hopeless?

Sadly, this may be little more than a rhetorical question after the last week of horrible setbacks on the student privacy front. I’ve been gathering information and leads for months now, researching some, and holding onto others. I was hoping some of these issues would become non-issues if EPIC, the Electronic Privacy Information Center, was successful in their lawsuit against the US Department of Education’s change to FERPA that allows vendors to use student data and resell it as they see fit, for any reason and without parents or students having any rights or say in the matter. Unfortunately the lawsuit was thrown out because the courts did not believe EPIC had the standing to bring the suit.

But Judge Amy Berman Jackson of U.S. District Court in Washington issued summary judgment for the Education Department, ruling that the plaintiffs have not suffered any real legal injuries stemming from the regulations and thus they lack legal standing to bring their suit.

In order for someone to have “standing”, they must first be victimized. When that happens it won’t be one child affected. The data being transmitted and bartered belongs to every child on any DOE databases, many of which are now adults. We are not talking about just one child, but quite likely millions, if not all of them.  All of our kids data will have to be sent to third party vendors, and then shared or sold based on the policy change, then many years of lawsuits and appeals will have to take place, during which vendors will continue to collect and sell student data for students through cloud based infrastructures, with no liability for the damage they cause. If you went to school after computer records were kept in your state, probably the eighties or nineties, then your data is at risk too. This data can be used, abused and misused by anyone, and because the federal government changed the policy defining what student privacy is, and what vendors can do with this data, even if the lawsuits are successful, this will be of small comfort for the millions of children and adults who have their data permanently dispersed throughout cyberspace, in the hands of criminals, pedophiles, and companies selling information and making employment decisions based on this information. Our students will become adults, and they will never be able to reclaim their data or their identity that other adults like John White and Arne Duncan have stolen from them.

It will be impossible to fix the damage done, to unring the bell and much if this information will be incorrect, and haunt our citizens, our children, ourselves, throughout life. In the very near future, every job interview, every interest rate they or you get, every credit score, every rejection for college or a job, every insurance rate or refusal, every mortgage rate, every failed background check could be directly related to this information, and you will never know, and never, ever, be able to remedy this situation. This will make many people very rich. Many of these soon to rich, or richer, people are those who secretly lobbied the US Ed Department to change this policy to render it worse than worthless. This is not an overstatement. I say worse, because not only does it not actually protect children from the ones their data needs to be protected from most, strangers, thieves, criminals, corporations, hucksters, it outright protects the despicable uses and users. FERPA is now an indemnification clause to allow anyone to harvest and use student data without anyone having any way to stop them.  How can you take any recourse against those who have been told by the federal government to take our data it use it however they see fit?  Are you going to sue the federal government?  Would you sue them for not having a law that does what its supposed to do?  When wouldn’t you sue the government if that was something you could do?  The other harmful thing this law does is It makes average people be deluded into believing there is a federal privacy law that protects them, when FERPA is anything but.  You almost have to admire the corporations that distorted a student privacy law into a legal blanket for themselves to use children’s data however they see fit.

The way the law now works, the less direct contact you have with a student, the less legitimate reason you have for possessing it, the more freedom you have to exploit a child and their data. Schools still have to notify parents if they plan to share student data, but once that data is handed over to a corporation that corporation has no restrictions on use or misuse, no liabilities and the only restrictions they have are ones they place on themselves.  These terms can be modified at any time, as often as Apple modifies your iTunes terms of service, but leaving you with less recourse. If you don’t like the iTunes terms of service, you can throw out your iPhone and discontinue using the ITunes store. You can’t throw out your children or yourself, or disconnect yourself from the data being used against them.

FERPA also protects many of the lying education reformers running US Ed, State departments of education and our local LEAs. FERPA allows dishonest superintendents like John White to share data with whomever they want, with any restrictions they choose to apply or not apply such as was done with CREDO recently. They can also refuse to turn over data anyone for any reason, but the reasons it is being denied right now is to protect people from learning the truth. What is happening in Louisiana and in many states is our state departments of educations are failing in epic ways. All of their reform schemes are colossal utter failures that cost anywhere from 2 to 10 times as much as other solutions, but which gets terrible results, almost without exception. I suppose I should clarify, the results they get are often great for charter schools, contractors, reformers and their bottom lines and salaries. For children and taxpayers the results are nothing short of criminal, but you will never know, thanks to FERPA.

What these DOE thieves and charlatans, like John White, are doing is preparing completely false reports, reports with absurd self-serving conclusions, results that they slice and dice the data to find something remotely positive to report. These results are often reported as percentages without any context, without history, without magnitude, without mitigating factors, without costs either direct or opportunity costs (programs terminated to fund vouchers or teachers fired to pay for Common Core.) These reports in some cases are simply outright false. Our department of education also fails to report anything they can get away with not reporting that shows them in a bad light, even if that same information was used in the past to create a sense of urgency in the public for the need for “education reforms.”

For instance, RSD sucks bad. No pretty phrasing needed for the shithole that RSD, the state takeover of public schools, has become. No RSD schools have ever been returned to their original districts, as was the original intent of the legislation. RSD conquered schools are sold off to unscrupulous charter operators who apply for charter grants they use to pay themselves exorbitant salaries. Many of these charter schools treat students and parents like your butt treats toilet paper, use once and dispose of. Charters falsify exit reasons to hide the fact they exclude disabled students, English language learners, and students with behavior problems. I’ve been told many of them cheat on state tests, remove students that will do poorly after they get funding for them but before they take state exams, or simply don’t administer the exams to many of their students they don’t expect to do well. They report fantastic success, but what they don’t tell you about their high completion rates is that only 5 students were tested. What they don’t tell you is that 90% of the students that could have taken the tests don’t take them so their score look fantastic, for the few students that end up taking them.

Our DOE thinks that if they simply deny access to this data, no one will call them on it, but I am. LDOE is lying to you about graduation rates, dropout rates, class schedules, VAM, COMPASS, test scores, enrollments, student classifications, enrollments and exit reasons and test scores. They are lying outright and through admission and they are using FERPA to do this. I saw the data. I collect the data. I analyzed the data. I knew the data, the data was a friend of mine. And believe me, John White is no data steward . . . but he is a paragon of pure dishonesty and disdain for the people of Louisiana. White has fired, force retired, or driven off everyone who collected or analyzed, audited or evaluated data in LDOE so he can now almost honestly say he has no earthly idea what’s going on. He’s driven off all the programmers that maintained our databases and systems and used their salaries to hire scores of unqualified TFA spawnlings who he gives fancy titles to so they can spread their filthy incompetence and corporate welfare programs throughout the world on the backs of their unearned titles, on the backs of needy children, on the backs of our children. LDOE has no chance of processing accountability scores themselves, collecting data themselves, maintaining data systems themselves and this is entirely a planned situation. This was done so White will have no choice but to contract out data collecting, processing, and analyzing services to vendors who will charge much more, magnitudes more, than it ever cost to do in-house. inBloom was just the tip of the iceberg, which is why White was so cavalier about sharing and selling it our student’s data through them. To him that is nothing, and we are nothing. That data will be given to anyone and everyone if it has not already, through dozens of other contracts we can never hope to keep track of.

Just about everyone who is forced to attend RSD hates it and would rather any other solution which is why in Baton Rouge only 1500 of the more than 6000 RSD seats are filled, and RSD is still seeking to expand until students have not choices, but RSD. (So much for choice, eh parents?) In St Helena RSD made the case that its presence is helping the cause of desegregation. RSD claimed that if the local school board opened up new grade levels, white students would flee and the segregation would be worse. They also claimed they were doing a good job in St Helena. RSD provided data that to a casual observer might back up their case. They removed all the data from their website that might disprove their assertions, but I have folks that archived just enough for me to prove show them as completely deceptive unscrupulous liars that they have always been. St Helena’s white population is increasing since RSD came to town, but only in the non-RSD schools. In RSD the population is declining by about 20-40%, in the elementary school it has increased by that much. The data RSD showed the judge was for a single year, between October and February, which shown as a percentage after students left at mid-year and a few students transferred in looked like a small increase. Over the actual 7 years they have been there the trend is completely opposite. RSD and LDE knew this, they have all the data, but chose to submit a legal document to a federal judge that lied about this. RSD also showed how their schools have been improving. RSD has schools all over the state. Instead of showing the progress at the middle school, which has gotten progressively worse, they showed information about RSD as a whole, including most of the schools in New Orleans. (Incidentally I have evidence of systematic cheating at RSD New Orleans schools to incrementally increase their scores, more on that on part 2 of John McDonogh story .)

Here are a few of the stories detailing St Helena, but replace St Helena with the name of your own school district, because this, or some version of it, will be the story of your district soon enough. The methods and actors might change, but when you have someone without a shred of human decency, honor, or morality determined to destroy you, he will win.





Even now, the voucher case Jindal and White are making much hay about is nothing more than poor theatre to prevent people from learning the truth about the voucher program and the destruction it is quietly wreaking on minority communities. Laws and agreements were already in place that Jindal and John White violated with his voucher program, in much the same way Jindal violated our very state Constitution, repeatedly and viciously throughout his tenure as our tyrannical governor. As part of the agreement consent decrees in many parishes throughout the state, White and Jindal were supposed to notify the Attorney General’s office about programs that might have an impact on desegregation progress, as vouchers have clearly done. Jindal and White knew this, and refused to comply with existing law and legal agreements because they were afraid their plans might be stalled or found to be out of compliance, so they willfully violated those agreements and orders. In response a federal judge asked for data to determine whether the programs had a negative impact on desegregation. White and Jindal refused to comply (knowing full well that their voucher program was removing poor black children from public schools and putting them in substandard schools that teach kids with DVDs, teach kids with uncertified teachers, and teach kids so poorly they score on average 30 points lower on state tests than their public school counterparts) and instead characterized that request, that the Federal government was bound by existing law and orders to uphold, into a power grab. Read the MOU for yourself.

So to reiterate the absurdity and dishonesty of John White and Bobby Jindal: In the span of the same three months John White and Jindal argued allowing parents the choice to attend a public school instead of RSD would jeopardize desegregation. (Knowing full well that not only was this not true, but that in fact RSD was driving white students out of the system and intentionally misleads a federal judge with irrelevant data) They also refused to turn over data that would show their voucher program was having a negative impact on desegregation in numerous other parishes, knowing full well that it did. Their argument was that since most of the recipients of the scholarships statewide were black it would be absurd that the impact could be harmful. This is a ridiculous argument. There could be local issues where every single white student in a majority black district pulled out for instance. The vouchers could make the public schools less financially viable (as was the case RSD also made for rejecting St Helena to add grades to their existing schools). The results could be sporadic since they only reported a majority of students statewide, individual parishes could have been unharmed, and some dramatically harmed. As time goes on, these impacts could get much much worse, but Jindal and John White have successfully fended off the feds, and fooled the majority of the public with their grandstanding. Have children been the losers in this equation? Quite likely, but neither of these phonies cares one whit about other people’s children. They care about images and political careers and their donors, not ordinary people.

Our only hope is if we resist the status quo and momentum Jindal and John White have built around their plans, their multilayered deceptions. Drastic methods are required to confront and prevent this and keep them from succeeding. White knows you are onto him, which is why he is signaling his reformer kin to change their tactics and brand parents the enemy. I knew this was coming. I’ve seen it and said it form months now, but he has branded us the enemy now.

“An aggressive form of populism has asserted itself in the rhetoric of our day,” White is expected to say at the conservative American Enterprise Institute’s headquarters in Washington. “I see it in a tone that is skeptical of reformers in the same populist way our country today is skeptical of authority generally. This is, I believe, greatly damaging for an education reform effort that has done good in America and that needs to be sustained. And it needs to be addressed, lest this generational effort wash out with the tide of the next administration.”

“How we manage our newfound authority in a populist time is a critical and tenuous question,” White will say. “Our most important responsibility as reformers is no longer just to clamor for change but to sustain and expand the positive direction of our nation’s education system. The greatest risk we face in doing this is not the validity of our ideas but the pitfalls of authority itself.”

The aggressive populism White speaks of is you, is parents, is children, is teachers who are tired of being told what is good for our children by folks who don’t have them. Teachers are tired of being told how to educate children by folks who took a 5 week TFA correspondence course, or who never taught a day in their life, like Bill Gates, who says his reforms will take 10 years or more to see if they were effective! These bastards want to literally experiment on a whole generation of our children, on their hunches, that data has heretofore proved not just wrong, but damn wrong. The few reformers, who have children, enroll them in exclusive private schools that do the opposite of everything they preach is great for our kids. Put Bill Gate’s kids and Michele Rhee’s kids in a class of 50+ students, glued to a computer all day, learning Common Core drilled mathematics.

They preach choice, but deny us ours. They choose different than what they choose for us! I choose different than what they would choose for us! Who is with me?!?! Do these cowards who hide behind wealthy donors and speak at secret meetings beyond parents dare subject their own children to these education tortures, these heinous crimes against education that they would subject the rest of us to in the name of choice, in the name of global competitiveness they have never documented? Do they dare face us! They are miserable sniveling cowards picked by even more cowards to lead us like lemmings of the cliff while they parachute down to their pavilions paid for on the backs of our children. If that be an aggressive form of populism, letting the people decide what is best for their own children than wealthy overlords, then sobeit. I am a populist. I am a knuckle dragger. I am for the people. I am for what is best for my children and what is best for yours, not what is best for their wallets. When you see them at your schools, at your town halls, at your school board meetings, at your churches wearing their smug smiles of confidence and control, let them know you are onto them and their little game. Let them know you are for people, for your children, for your neighbor’s children, and not the filthy blood money lining their pockets.

it may be hopeless but we fight

Do I seem angry? Damn straight I’m angry. You should be too. This has gone on long enough. The time for politely making 3 minute statements in a highly staged BESE meeting or before an orchestrated legislature is over. They are told how to vote by Bobby Jindal before they even set foot in those venues. They think they have this and you all wrapped up in a pretty little bundle, and I tell you it’s time to blow that package apart.

John White sees this as just a little game where their only problem is the messaging, not the horribly destructive agenda. White is so arrogant he tells us “reformers” are manipulating us with meaningless semantics and “framing.” In White’s play we are merely actors with parts he has written for us. In this passage he says as much.

To prevent that from happening, White is offering a three-part solution. “First, if we are to sustain our positive impact on the future of American education, reform leaders will shift their mission to national responsibility over self-righteous sympathy,” he will say. Reformers who rely too much “on an easy sympathy for the urban poor” can hurt the cause, he will say.

Second, he will call for the narrative around reform to be “refreshed.” This means taking the fight to enemies beyond teachers unions. While White argues that the media paint reformers as “ideologues,” what he calls the real “establishment bureaucracy” — the management of huge federal programs like Title I and Head Start — takes little flak.

“Without the new fight, what we have is stale story,” White will say. “We are letting the populist story of reformer versus working person tell itself.”

But John White is no Shakespeare either. Those of us that were educated before Common Core supplanted real Shakespeare with “informational texts” recognize the real stuff versus a pathetic imitation.

CCSS Shakespeare courtesy of John White
CCSS Hamlet, courtesy of John White

So in answer to my initial question.  Yes.  As long as we have people like Bobby Jindal and John White calling the shots, student and parent privacy is impossible.


How my original “Opt Out Letter” was converted to a “form”

At the June 18th BESE meeting John White relayed that he did not recall seeing my opt-out letter and did not reply because it was something he characterized as a “form letter.”  Technically this was true.  Mine was the first letter to get sent, so it was not a form letter, however Tom Aswell at the Louisiana Voice republished it after redacting my personal info so other parents could likewise opt their children out of any data sharing using my letter as a template.  (I subsequently learned there was much swearing of my name by John White, as a result of my letter and privacy petition and campaign, but we must pick and choose our battles, right?)

A form letter type approach was adopted because Louisiana has not provided an organized method of transmitting or submitting opt-out requests and some very specific information needs to be submitted for Louisiana to identify children that are opted out, while not revealing too much information (like DOB and SSN) which could be used by identity thieves that might intercept the e-mail making the opt-out procedure as dangerous as the data sharing.

My son will be starting pre-k this year in EBR so I will be updating my opt-out request in a few weeks with his info.

Feel free to use this letter as a template for your own, or simply write your own and simply make sure to send the bolded data elements.  Since John White did not recall seeing my letter, even thought I sent it to him and most of his senior staff and legal counsel, I would recommend making sure you send it to more folks than just John White.  I asked him to provide a method by which parents could opt-out their children without this hassle, but White did not address any future plans to make this process easy in the meeting.

Feel free to send your opt outs to any or all of:

John.White@la.gov (state Superintendent of Education)

Erin.Bendily@la.gov (Governor Jindal’s handpicked DOE handmaiden )

Joan.Hunt@la.gov (DOE chief legal counsel)

Kim.Nesmith@la.gov (Data Quality and collections director)

My name is (PARENT’S NAME) and I am a parent of children in Louisiana public schools. This is to formally inform you that you do not have my permission to share my children’s personally identifiable student information with any external agency, researcher, non-profit group, vendor or government or quasi-government agency under any circumstances (specifically, name, DOB, SSN). They are public students in the (parish/city/parochial) school system and you have not asked my permission to share their information as required by law. I am purposefully informing you that you do not have permission to share their information unless I provide appropriate parental guidance. Their/his/her name(s) is/are (STUDENT’S OR STUDENTS’ NAME[S]). If you already have, I would like you to promptly request that his/her/their information be expunged from any data set you have already shared.

Mr. White, on the basis of your e-mails it appears you are planning on sharing this data and I will hold you personally responsible for any subsequent violations. I will be recommending that other parents likewise notify you if they do not wish their information to be shared with corporations/vendors whom you have agreed to not hold liable for any security breaches or unauthorized releases (which I don’t believe you have a legal right or authority to do). Moreover, any such release of personally identifiable information without each parent’s express permission will be a direct violation of the Family Educational Rights and Privacy Act (FERPA) and a willfully unnecessary one since you have non-personally identifiable student identifiers and have taken great pains to claim FERPA exclusions for all other releases of de-identified student data to the media, researchers, and the general public.

Please note the section in the last paragraph below. Schools may disclose, without consent, directory information. But you must notify us when doing so. You, however, do not have my consent and you are not a school. You have my absolute, unequivocal, official refusal on record.

You also do not have a legal right to require social security numbers from any student in Louisiana. I will be recommending parents and school districts to promptly stop providing them as you seem unwilling to guard this information as required by law.

Thank you for your prompt attention to this matter.


Family Educational Rights and Privacy Act (FERPA)

The Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.

FERPA gives parents certain rights with respect to their children’s education records. These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level. Students to whom the rights have transferred are “eligible students.”

• Parents or eligible students have the right to inspect and review the student’s education records maintained by the school. Schools are not required to provide copies of records unless, for reasons such as great distance, it is impossible for parents or eligible students to review the records. Schools may charge a fee for copies.

• Parents or eligible students have the right to request that a school correct records which they believe to be inaccurate or misleading. If the school decides not to amend the record, the parent or eligible student then has the right to a formal hearing. After the hearing, if the school still decides not to amend the record, the parent or eligible student has the right to place a statement with the record setting forth his or her view about the contested information.

• Generally, schools must have written permission from the parent or eligible student in order to release any information from a student’s education record. However, FERPA allows schools to disclose those records, without consent, to the following parties or under the following conditions (34 CFR § 99.31):

o School officials with legitimate educational interest;

o Other schools to which a student is transferring;

o Specified officials for audit or evaluation purposes;

o Appropriate parties in connection with financial aid to a student;

o Organizations conducting certain studies for or on behalf of the school;

o Accrediting organizations;

o To comply with a judicial order or lawfully issued subpoena;

o Appropriate officials in cases of health and safety emergencies; and

o State and local authorities, within a juvenile justice system, pursuant to specific State law.

Schools may disclose, without consent, “directory” information such as a student’s name, address, telephone number, date and place of birth, honors and awards, and dates of attendance. However, schools must tell parents and eligible students about directory information and allow parents and eligible students a reasonable amount of time to request that the school not disclose directory information about them. Schools must notify parents and eligible students annually of their rights under FERPA. The actual means of notification (special letter, inclusion in a PTA bulletin, student handbook, or newspaper article) is left to the discretion of each school.

Excellent Letter sent to BESE by one of my readers about data sharing and inBloom

Dear BESE member, I am writing to voice my concern over the massive student data sharing scheme with InBloom and whomever else is on track to receive information on our students, and even teachers and parents.

Please understand our concerns for this unprecedented and massive information sharing by companies and individuals who may or may not have the best interests of our children in mind. When For Profit companies are given access to private and confidential information, it begins a slippery slope of loosening our rights to privacy. As has already been proven, once this information is out, as so called data, what these companies do with it is now out of our control. We have no idea what they will eventually do with it and who will later have access to it. It is your responsibility to take back control of our children’s education and private information. It seems as if our state is being sold a bill of goods at the expense of our children. For Profit companies are taking over the education of our children. These unregulated, unaccredited ,and uncredentialed “schools” and “teachers” are allowed to “teach” our children, while public schools are left with minimal funding and more regulations. Yet it is amazing that there is always money for more tests for the testing companies, and now more money for Data companies to do what they will with confidential student information.

Please hear our cries for adequate funding for public schools so that our children can receive the education they deserve with certified and credentialed teachers in accredited public schools. Many of these charter and RSD schools are allowed to segregate students, with no oversight, and dismal test scores. This is a horrible, unresearched experiment being inflicted on our most vulnerable children in the name of reform. It is time to take back our neighborhood schools from the profit barons and put the decision making back into the hands of the tax paying citizens who support our public schools.

Please stop this massive data sharing scheme and put the funding back into our public schools.

Please stop this unfair attack on our public schools and public school teachers.

Please respect the professionalism of teachers.

I am an educator, a parent, and a concerned citizen.

Privacy Advocates Take Heed!

Recently I (as well as a dozen or so student and parent activists) testified at the June 18th Louisiana BESE meeting about our concerns related to the inBloom data sharing and selling project Superintendent John White secretly entered into on behalf of all Louisiana citizens. Our spot came up 4 hours late, and without an outcry from one of our tireless privacy advocates named Debbie Sachs would have been pushed back another 3 hours or postponed to another day (when most of us would not be able to be there.)

I believe Debbie and her group arrived at 8:30 and stayed until 5 or later for their chance to speak their 2 minutes and because they knew I had to leave to pick up my children they arranged so I could speak first so we all owe Debbie and her folks a debt of gratitude.

For a quick synopsis of this meeting you can review this article courtesy of the Associated Press. Although it really fails to convey the passion and concerns of the other children and parents who testified. While they did capture some of my points from the meeting. . .

Jason France is a former Department of Education employee who worked on data collection for the agency and a parent of public school children. He said the state’s contractual arrangement with inBloom runs through 2014 unless the department sends a certified letter ending it, and he said the deal contained no opt-out clause for parents.

“The contract is still in force and that data can be sent back at any time,” he told BESE members.

White said he’ll send the certified letter to inBloom, but he said he’s sent several letters already notifying the organization that Louisiana’s data-sharing had ended.

. . .due to time constraints and the meeting format I was not able to pose questions nor respond to all the answers given.  I could probably go on for days about why this is a foolish and dangerous enterprise, but I will stick to some of what I felt were more important points.  By all means I encourage you delve into the agreements appended to the end and make your own observations.  (My classes in contract law were several decades ago, but I did my best and I don’t charge as much as lawyers 🙂 )

In an earlier post I expressed the desire to finally see the MOU, or Memorandum of Understanding between the Louisiana Department of Education and inBloom which also apparently does business under a number of other names and with a number of different partners, including Ed-Fi, Wireless Generation, SLI (Shared Learning Infrastructure), and the Shared Learning Collaborative, LLC. It’s not clear why these folks have to use so many subcontractors and go by so many different names except to make data available to all these parties and to perhaps confuse anyone trying to investigate these folks. . . In the event of a massive release of protected information, how would anyone even begin to figure out who was responsible? Speaking of responsibility, this SLI/SLC/InBloom entity accepts none, nor do they back up Superintendent White assertions that inBloom is compliant with FERPA, the federal law defining student privacy rights.

11.2 Privacy and Security Limitations. Service Provider does not warrant or represent that by using the SLI Service, Customer will be in compliance with Data Privacy and Security Laws, FERPA or any other federal or state law or regulation. Service Provider does not warrant that its electronic files containing Customer Data are not susceptible to intrusion, attack, or computer virus infection,

Of course in the event of gross negligence, contract assertions that a service provider is not responsible are sometimes found to be unenforceable. In those cases plaintiffs can seek damages from insurance or assets of the company. InBloom is seeking not only student data from Louisiana, which numbers around 7 hundred thousand students, but students across the United States and perhaps the world. The current level of insurance they have promised to retain seems woefully inadequate:

13. Insurance. Service Provider, at Service Provider’s expense, will procure and maintain during the Initial Term, a minimum $2,500,000 per occurrence/$5,000,000 aggregate limit of Professional Liability, covering technology errors and omissions, privacy liability, network security and liability, and network extortion.

Recently another Service Provider named Living Social using the same cloud technology and same cloud vendor that inBloom is using (Amazon) was hacked and fifty million users accounts were stolen, or about 1/6th of the entire population of the United States or around 17 Louisiana’s.

 (At the BESE meeting I mistakenly quoted 500,000, which was off by a factor of 100. Oops. One of the benefits of blogging is the ability to research and revise your work.)

With a similar breach inBloom or SLC would only be able to compensate each student 10 cents before exhausting the insurance they have promised to carry. This would not exactly buy a lot of credit monitoring, let alone begin to compensate anyone except maybe a lawyer or two – obviously the 5 mill is the max before any legal fees were paid to bring such a class action suit. Boy, this makes me feel safer.  How ’bout you?

If this is such a safe technology why is this all the insurance they can afford? The amount of money insurance companies charge to insure an activity is often a pretty good indication of how risky “professionals” have determined that activity to be. Sheesh, I have almost that much insurance on myself and I’m not the healthiest or youngest person on the planet. Clearly we can take this as evidence that the “industry” sees this is a very risky endeavor that is very likely to result in claims being filed.

Where will you spend you 2/3 of 10 cents (after legal fees)?

I found this next section to be interesting as well. Apparently InBloom/SLC/SLI, whatever it calls itself today, can hand off this agreement to any other non-profit entity it wants to, without input from the State.

Isn’t it nice that our children and their data are simply a tradable, transferable commodity?

Non-profits can still be quite “profitable” for those who running them. They can simply pay themselves whatever salary they feel is appropriate.

14.1 Assignment, Successors. Service Provider may freely assign this Agreement, in whole, to a not-for-profit entity that expressly assumes the Service Provider’s rights and obligations hereunder arising after the date of assignment

We are allowed to peek behind the curtain, every 6 months, so long as we foot the entire bill. Since John White has laid off most of DOE’s IT staff I wonder who he will subcontract that work out to, or if he will even bother? It’s not like he’s worried too much about such things in the past I suppose since previous audits of his lack of audits by legislative auditor Daryl Pupera clearly indicate as much.

14.2 Audit.

(a) Customer shall have the right, at Customer’s expense, to conduct independent code and network security reviews following each major release (i.e., Alpha Release, Release 1.0, etc.), and no more than once every six (6) months thereafter, upon reasonable notice to Service Provider and at reasonable times. Notwithstanding the foregoing, if Customer has reasonable cause to believe Service Provider is not in compliance with this Agreement, Customer may perform an independent code and network security review up to once every three (3) months.

Did you think your data was only going to be available to the half dozen initial vendors plus all the third party vendors inBloom expects “Customers” to subcontract with? Guess what, they can subcontract with anyone they choose for anything they choose, as much as they choose.

At the State we limited who had access to student data to direct staff, and only those that had a need. How will these guys keep track of all the folks that will have access to student data through all the complex vendor relationships they plan to engage? When recording studios can’t keep bootleg copies of music CDs hitting the internet before official release dates, and can’t track down pre-releasers, how can we really expect to keep our data safe once so many vendors and eyes have access to it?

14.3 Subcontracting. Service Provider may freely subcontract its duties and obligations under this Agreement. In the event that Service Provider subcontracts any of its duties and obligations, Service Provider agrees that: (i) the third party contractor shall execute an agreement regarding confidentiality consistent with the terms of this Agreement to the extent that such third party contractor has access to Confidential information of Customer and an agreement relating to any other obligations of such contractor as required to comply with Data Privacy and Security Laws, the Data Privacy and Security Policy and FERPA, and (ii) any such permitted subcontracting shall not release Service Provider from any of its obligations under this Agreement.

So just how long is this agreement and how binding?

8. Term and Termination.

8.1 Term. This Agreement will be effective for a term ending on December 31, 2014 (“Initial Term”). The parties may mutually agree to extend the term of this Agreement with such amendments to this Agreement as are appropriate and mutually agreed to for making available the SLI Service after the Initial Term.

This contract is in place until at least 12/31/14, but unless inBloom violated some of the contractual provisions it takes 90 days to cancel this contract, but only with written notice.

8.2 Termination.

(a) Each party will have the right to terminate this Agreement upon thirty (30) days’ prior written notice if the other party is in material breach of this Agreement and the breaching party fails to remedy such breach within thirty (30) days after notice from the other party; provided, however: (i) if the failure stated in the notice cannot be corrected within the applicable period, the non-defaulting party will not unreasonably withhold its consent to an extension of such time if corrective action is instituted by the defaulting party within the applicable period and diligently pursued until the default is corrected; and (ii) such extension shall not exceed ninety (90) days after the initial notice.

(b) Each party will have the right to terminate this Agreement for any reason upon ninety (90) days’ prior written notice.

And not just any notice. All written notices must be as follows. John White asserted he sent numerous letters to inBloom, but did not turn any over in response to multiple FOIA requests expressly asking for this letter or any other official communique.

14.6 Notice. All notices required or permitted under this Agreement will be in writing and sent by certified mail, return receipt requested, or by reputable overnight courier, or by hand delivery. The notice address for Service Provider is Iwan Streichenberger, Manager, 3451 Flabersham Road NW, Atlanta, GA 30305; and the notice address for Customer is John C. White, State Superintendent, Louisiana Department of Education, P.O. Box 94064, Baton Rouge, LA 70802. Any notice sent in the manner set forth above shall be deemed sufficiently given for all purposes hereunder (i) in the case of certified mail, on the third business day after deposited in the U.S. mail, and (ii) in the case of overnight courier or hand delivery, upon delivery. Either party may change its notice address by giving written notice to the other party by the means specified in this Section.

I don’t think I mentioned this before, but this is all information from a separate Service Contract.  The actual MOU is merely an attachment, not unlike your appendix, and about as useful.


This Agreement includes: Attachment A (Terms & Conditions)

Attachment B (SLI Service)

Attachment C (Support Services)

Attachment D Reserved

Attachment E (Additional Terms applicable to SEAs)

Attachment F (MOU)

Attachment G (Super Administrator(s))

There was an MOU that was defined and signed by DOE, but it was sent as an attachment to this Service Contract. Within this service contract is a section that converts the MOU, such that it is, into nothing more than a poor toilet paper substitute.

14.8 Entire Agreement; Amendments; Memorandum of Understanding.

(a) This Agreement, together with the attachments hereto, constitutes the entire agreement between Service Provider and Customer with respect to the subject matter hereof. There are no restrictions, promises, warranties, covenants, or undertakings other than those expressly set forth herein and therein. Except as provided in Section 14.8(b), this Agreement supersedes all prior negotiations, agreements, and undertakings between the parties with respect to such matter. This Agreement, including the exhibits hereto, may be amended only by an instrument in writing executed by the parties or their permitted assignees. (b) If Customer is a School District, the MOU is attached for reference purposes only. If Customer is the State Educational Agency that is party to the MOU, Customer and Service Provider agree that: (i) notwithstanding Section B.6 of the MOU to the contrary, the term of the MOU shall survive execution of this Agreement and expire on December 31, 2014; and (ii) the terms of this Agreement, together with its other attachments, shall prevail over any conflicting terms contained in the MOU, including but not limited to MOU Paragraphs B.2.c (Privacy and Security), B.3.d (Test Data), B.3.e (Notice), B.3.f (SLI Implementation), B.6 (Term), and B.7 (Confidentiality and Publicity), and MOU Exhibit C (Data Privacy and Security Plan).

I have provided a copy of this agreement in full, as well as the toilet paper substitute, at the bottom of this post. There is more here you need to be aware of that alarmed me when I saw it and feel I would be remiss if I did not point this out in this post. However before I get there, let’s examine some more of John White’s claims. When John White made the claim he had requested that inBloom “destroy” our data, he merely exercised the following section of the agreement. He did not terminate the agreement as he has tried to imply, and any assertion to the contrary is completely disingenuous, and actually contractually impossible – such is the agreement he signed us onto.

10.4 No License; Destruction of Customer’s Confidential Information.

(a) Nothing in this Section shall be construed as a grant or assignment of any right or license in the Disclosing Party’s Confidential Information. The Disclosing Party’s Confidential Information shall at all times remain the property of the Disclosing Party. (b) At any time Customer reasonably requests, and in any event when Customer determines that the Confidential Information of Customer is no longer needed to obtain SLI Service, or upon the termination or expiration of this Agreement, Service Provider shall promptly destroy the Customer’s Confidential Information in Service Provider’s possession; provided that (i) if Customer is a School District, Customer may request or approve that Confidential Information of Customer not be destroyed and be made available to Customer’s State Educational Agency for its use in performing their functions for evaluating and overseeing compliance in federal and state-supported educational programs in accordance with Section 444(b)(3)&(5) of FERPA and State Data Privacy and Security Laws, and (ii) at Customer’s request, Customer shall be provided up to thirty (30) business days, according to Customer’s request, to export Confidential Information of Customer prior to its destruction.

(c) Notwithstanding anything contained in this Section 10.4 to the contrary, during Alpha Release, Service Provider may delete Customer Data without notice.

At April’s BESE meeting, John White attempted to characterize his relationship with inBloom and other similar providers was a partnership, a collaboration, and not subject to the needs of an MOU. This was notwithstanding the fact that he had already signed an MOU as well as actual Contractual Service Agreement with his partner. It took him almost 6 months to finally produce this document and the Service Contract and based on even the most cursory review of the contract you can easily see why he was trying so hard to conceal this relationship. However I found this next passage particularly funny. (By funny, I mean in that infuriating way when you find your children sitting in the middle of a pile of a broken “something” playing with the broken pieces, all the while claiming someone else broke it or they simply “found” it that way.)

14.7 Independent Contractor. Service Provider is acting as an independent contractor in its capacity under this Agreement. Nothing contained in this Agreement or in the relationship of the Customer and Service Provider shall be deemed to constitute a partnership, joint venture, or any other relationship between the Customer and Service Provider except as is limited by the terms of this Agreement.

Keep in mind John White was claiming this was merely a partnership, months after he signed this contract and after dozens and dozens of e-mails and other internal correspondence – up to and including the submission of all of our student data to inBloom. So either White is ridiculously forgetful, (We’re talking “50 First Dates” with Drew Barrymore and Adam Sandler forgetful) and should not be signing contracts and instead living in an assisted living facility, or he is shamelessly lying in the most egregious ways possible, on camera and in print, to BESE, his theoretical bosses, and all of us.

But now that that is out of the way, take a look at this.


Additional Terms Applicable to SEAs

A State Educational Agency that participates by accessing the SLI Service in accordance with this Agreement and discloses Personally Identifiable Information derived from student records to the SLI to assist it in performing evaluation and compliance activities related to federal- and state-supported education programs is subject to the following additional terms:

1. The State Educational Agency hereby designates the Service Provider (and its contractors that perform services to carry out this purpose) as its authorized representative to assist it in carrying out evaluation and compliance activities related to federal- and state-supported education programs.

2. The State Educational Agency will disclose Personally Identifiable Information to the SLI Service from source systems maintained by the Louisiana Department of Education and its authorized representatives including (i) student demographic, enrollment, program service, and assessment data; and (ii) educator assignment, certification, performance, and other related data. The State Educational Agency will only disclose SEA Data: (i) when the SEA is the authoritative source of data needed for applications that Schools, Districts, or Parents have elected to utilize; (ii) when utilization of SEA Data will avoid or limit redundant data entry or verification on behalf of School District Customers; or (iii) when necessary to support an evaluation or compliance activity by an authorized representative of the State Educational Agency related to federal- and state-supported education programs.

3. The State Educational Agency intends for the SLI Service to serve as a technology platform to support its overall evaluation and compliance activities. SEA Data maintained within the SLI Service may be utilized to support state evaluation or compliance activities to the fullest extent permitted by state and federal law.

Despite John White’s contentions to the contrary that only basic student demographic data was to be stored, this contract makes it quite clear we were sending enrollment, program, assessment info, teacher info including certifications and “other related data” which disturbed me when I located what some of this other data was. The other interesting section here is that John White appears to be relying on inBloom to start submitting all federally required data, and to produce all necessary state reports. This was intended to be the final privatization piece of the LDE IT puzzle, but we have no idea what the cost for all that would be. I have no doubt one way to defray some of those costs would have been to allow this student and teacher data to be used for marketing purposes. This “cost recapture” strategy has actually been mentioned by inBloom as a way to reduce costs for services. However once we have signed on with inBloom for all our state and federal reporting, any guesses as to which direction those costs will go?

Hold onto your checkbooks folks, it’s gonna’ be an expensive ride, White’s signed us up for.  And by the looks of this next section, it looks like we’ll be riding naked.

3.0 Data Domains. The Company intends the following with respect to data domains and is working with its vendors to incorporate these features and functions into the SLI consistent with the terms of the vendor agreements:

a. The SLI Model defines a total of 250 types or entities. The domain types contain over 400 granular data elements and the flexibility to add more as needs evolve. However, these are captured in 39 high-level “Domain Types:”

The MOU did reveal something more “informational” as the Service Contract described it. This company also intends to capture information on parents and teachers. We’ve already seen how teachers were treated when high-stakes testing was introduced. If their students did not improve, they were held accountable and subject to sanctions and termination. Some states like Tennessee have already started punishing parents by taking them off foodstamp rolls, and many states, including Louisiana, fine or jail parents when their children are truant. While I am not suggesting truancy is a good thing, or something to be encouraged, I can easily see a scenario after the Reformers realize making teacher scapegoats for all the ills of our society has failed, their next logical target to focus their ire and blame on will be parents. This database, and databases like it, will be how that new lynch movement starts. Because many of these folks refuse to factor in the effects of poverty and disabilities, any guesses who these punishments will disproportionately fall upon?

Tell BESE and John White to shut this down. John White promised to send me copies of the letters he theoretically sent to inBloom cancelling this agreement Tuesday the 18th, as well as confirmation as to whether or not he honored my opt-out request for my children. It is now the 22nd and I still have not received a response. Perhaps some of you could remind him for me?

Service Contract with inBloom/SLC/SLI: SLI SaaS

MOU: SLI MOU (2)  I wonder what happened to MOU 1?  I wonder what that one looked like. . .



BESE Contact and video info courtesy of Geauxteacher:

James.garvey@la.gov, Kira.orange-jones@la.gov, Lottie.beebe@la.gov, Walter.lee@la.gov, jay.guillot@la.gov, chas.roemer@la.gov, holly.boffy@la.gov, Carolyn.hill2@la.gov, Connie.bradford@la.gov, Judith.miranti@la.gov, Stephen.waguespack@la.gov

Go for it. You can find more info on BESE and meetings and view the video archives of meetings at the Louisiana Dept of Ed website.  Little difficult to negotiate after the TFA child wonders redesigned it.  http://bese.louisiana.gov/

inBloom, Ed-Fi, Cloud Computing, China, Nazi-Germany and the new Eugenicists

inBloom, Ed-Fi, Cloud Computing, China, Nazi-Germany and the new Eugenicists

Believe it or not, these concepts and words are all related. inBloom and Ed-Fi are two vendors that use cloud computer to store massive quantities of student data (the Louisiana is currently doing business with.) The information these vendors plan on storing will be used to classify, sort and allocate children by their skills and early proficiencies, much as they do in Communist China. It’s no coincidence that many education reformers point to China as an example of education success and something to emulated, not shunned despite what many Chinese themselves thinkEugenicists advocated the conscious elimination of “inferior” human being from the gene pool and promotion of the superior specimens. Eugenics is generally considered a discredited and bankrupt philosophy and social movement, pioneered by a cousin of Charles Darwin – seeking to apply his relative’s research in what he considered a productive manner, but which most of us would consider abhorrent and unconscionable, except when dressed up in a pretty package or advocated as a social need such as is occurring in China. Perhaps one of the most infamous eugenics campaigns was undertaken by Adolph Hitler. Hitler undertook perhaps the largest eugenics campaign in the history of mankind. Hitler had plans and delusions of creating master Aryan “super-race”

Those humans were targeted who were identified as “life unworthy of life” (German: Lebensunwertes Leben), including but not limited to the criminal, degenerate, dissident, feeble-minded, homosexual, idle, insane, and the weak, for elimination from the chain of heredity. More than 400,000 people were sterilized against their will, while 70,000 were killed under Action T4, a “euthanasia” program.

Hitler also actively engaged in genocides, tracking down and exterminating millions of Jews, Gypsies, Russians, Poles and Ukrainians or anyone else who disagreed with him. However eugenics campaigns were not limited to countries like Nazi Germany.  The inspiration for Germany’s heinous program actually started here and was sponsored by a philanthropic organization, just as the Education Reform movement is sponsored today.

After the eugenics movement was well established in the United States, it was spread to Germany. California eugenicists began producing literature promoting eugenics and sterilization and sending it overseas to German scientists and medical professionals. By 1933, California had subjected more people to forceful sterilization than all other U.S. states combined. The forced sterilization program engineered by the Nazis was partly inspired by California’s.

The Rockefeller Foundation helped develop and fund various German eugenics programs, including the one that Josef Mengele [perhaps the closest thing to Satan in human form ever to walk the earth] worked in before he went to Auschwitz.

Upon returning from Germany in 1934, where more than 5,000 people per month were being forcibly sterilized, the California eugenics leader C. M. Goethe bragged to a colleague:

“You will be interested to know that your work has played a powerful part in shaping the opinions of the group of intellectuals who are behind Hitler in this epoch-making program. Everywhere I sensed that their opinions have been tremendously stimulated by American thought . . . I want you, my dear friend, to carry this thought with you for the rest of your life, that you have really jolted into action a great government of 60 million people.”

Eugenics researcher Harry H. Laughlin often bragged that his Model Eugenic Sterilization laws had been implemented in the 1935 Nuremberg racial hygiene laws. In 1936, Laughlin was invited to an award ceremony at Heidelberg University in Germany (scheduled on the anniversary of Hitler’s 1934 purge of Jews from the Heidelberg faculty), to receive an honorary doctorate for his work on the “science of racial cleansing”. Due to financial limitations, Laughlin was unable to attend the ceremony and had to pick it up from the Rockefeller Institute. Afterwards, he proudly shared the award with his colleagues, remarking that he felt that it symbolized the “common understanding of German and American scientists of the nature of eugenics.”

Even today, China is one of the few countries with both an explicit and implicit eugenics policy. The explicit “One Child” policy has exceptions that can be purchased or granted based on political connections or, individuals can ignore the policy if they have the wherewithal to pay the fines. The implicit policy involves testing children for sex (male children are more desirable leading to numerous female baby abortions) or aborting children for deficiencies and in many cases forced abortions.  Is it any coincidence China is often cited as prime example of what our education policies and programs should look like?  China classifies students as either college bound or menial labor bound from an early age using assessment data that determines which path is most suitable for a child.  This path ultimately determine how far in society a child will be able to progress, how often they will be allowed to procreate, how much education they will be allowed to receive.  This is the “Reformer” vision of the future of US education.

Current US law has outlawed the use of genetic testing for placement of employees, pricing of insurance, or admissions to primary schools or colleges. However test scores, and background checks have long been used and upheld as a way to discriminate against employees and enrollees. High test scores and grades can even be used to give discounts on auto-insurance and prior to the implementation of the Patient Protection and Affordable Care Act of 2009 (more commonly known as Obamacare), insurers could discriminate and price products based on pre-existing conditions, age, gender, etc. Life insurance products are currently priced based on general health, blood pressure, medical history, whether a person is or has ever been a smoker, gender, age, etc.  For the time being, instead of using children’s actual DNA, which would be costly to store, evaluate and classify, the government is seeking to collect student’s educational DNA.  This ed-DNA will be used to start classifying students based on what computers and researchers believe are children’s potential.  It will be linked to income tax returns to see how much money children make, criminal databases to see how often they tangle with the law, doctor’s records to examine how often they avail themselves of health services and what types of diseases and conditions they develop.  With the recent decision of the Supreme Court that ruled DNA information is not patentable, expect bazillions of fly-by-night genetics testing providers to spring up offering discount rates on gene testing and storage.  This will initially be a boon for patients, but also for future government eugenics programs, and embryonic screening of children for desirable traits and exclusion and abortion of children with less desirable ones. (For an interesting window into the possible future of this type of genetic screening and profiling of children based mathematical projections and expectations I’d recommend watching the movie Gattaca.  We’re not as far removed from this future as you might think and this inBloom database LDOE is pushing is a necessary first step towards this future.)

Today instead of the Rockefeller Foundation funding eugenics programs with have the Bill and Melinda Gates foundation funding inBloom, a database that can be used to capture information on potential test subjects. We have Pearson conducting field tests on millions of children without their parents’ permission or knowledge. We have Michael and Susan Dell running a rival database called Ed-Fi that operates identically now, to the way inBloom is trying to operate in the future. We have the Walton family, heirs to the Wal-Mart fortunes, funding a pared down pauper’s education to the masses, so they are easier to control and convert into future Wal-Mart employees and customers. The Koch brothers have influence over PBS (the Public Broadcasting System) which in theory is a media watchdog that only theoretically keeps watch over our liberties and infringement upon the same. All other media sources are beholden and censored by corporate and government interests, save independent bloggers who are now under siege by these government and corporate interests seeking to silence us so you only get a single “sponsored” narrative.

Gun control opponents fight tooth and nail against the regulation of firearms sales, and electronic documentation of gun ownership, for fear of what the government can do with such a list and such information. Unbeknownst to them, the State (their states and the United States) are sponsoring a much more insidious data collection that will start with their children and follow them throughout their life. A federal database, called EDEN, is the first step toward knowing everything about you, forever. Currently EDEN does not collect personally identifiable information, but The US Department of Education is pushing national database collections SDLCs like inBloom and Ed-Fi because they will be able to quietly change a few policies and suck in all their information these providers collect. FERPA, the Familiy Educational Right Privacy Act, specifically exempts federal agencies from having to comply with it. Federal agencies that can request information at any time without parental notification or consent: 

 to authorized representatives of the Comptroller General of the United States, the Attorney General of the United States, the U.S. Secretary of Education, and State and local educational authorities for audit or evaluation of Federal or State supported education programs, or for the enforcement of or compliance with Federal legal requirements that relate to those programs;

The Federal government will be able to tie this information into the all the other databases they use to keep tabs on you at all times. As recent leaks about PRISM by Edward Snowden reveal, the NSA (National Security Administration) gathers everything on you that search engines like Google possess, anything you post on Facebook, anything you do with your cellphone and anything you save on your cellphone. Google actually physically drives their Google-mobiles through everyone’s neighborhood photographing your actual houses, sucking up your local network names, your cars’ license plates, and any signal they can. This information gets included in Google maps, but also gets tied to a profile of you. From census information you are required to report every 10 years, the government gets more. Google was recently fined for their privacy invasion tactics to the tune of just 7 million dollars, or less than 1/3rd of a day’s profits. (My guess is this is because the Federal Government wants this data, perhaps even requested Google compile this data, but needed to issue a token enforcement in response to the public outcry.)

While I think we were all impressed with how quickly the Boston bombers were identified and brought to justice, on some level most of you probably had a slightly queasy feeling. The amount of technology brought to bear, the speed with which that data was analyzed and actual pictures isolated and released, the subsequent identification of these bombers through a convenience store camera, the infrared heat signal tracking . . . it was all a bit spooky to me. Not long after there was the strange lethal shooting of the unarmed interview subject related to this case by the FBI, in the presence of 6 FBI agents, including what may be once in the back of the head.

So in addition to the criminal types and unscrupulous corporations that will have access to your children’s data as I covered here, you will have to worry about the Federal government getting a hold of your data and using for whatever suits their fancy. But let’s get to the meat of this initial matter, the handing over of student data to external data storage providers using Cloud Computing.

Here are some of the key things to keep in mind when your DOE comes knocking with a proposal to use a cloud storage provider like inBloom or Ed-fi for handling all your data storage and dissemination needs.

  • Most IT pros do not trust cloud services with sensitive data. (There’s a reason banks don’t conduct financial transactions using cloud computing and the military doesn’t store top secret weapons designs on something called CloudNuke.)

    Some 86% of those polled by Lieberman Software said they do not trust the cloud for their organization’s more sensitive data, and 88% said that they believe that there is a chance that the data their organization keeps in the cloud could be lost, corrupted or accessed by unauthorized individuals.

  • Clouds consolidate data, making it easier for criminals and governments to access this data, especially secretly. Vendors have a vested interest it concealing whether your data has been compromised, and as recent and historical events have shown, even the US government spies on its own citizens and allied nations.
  • Clouds make your data a bigger, tastier target, in much the same way shopping malls attract patrons, gold rushes attract miners, and dung attracts flies.
  • Storing data on inBloom and Ed-Fi Clouds adds an addition level of risk. These vendors are not suggesting they will replace your internal data systems, they are “in addition to” your existing systems. Sharing student data on Clouds is like passing out your spare house key to everyone on the block, including ones you don’t know well or at all, instead of just a single well known neighbor – in case of an emergency.
  • Storage of student data is expected to cost 5 dollars per student, but could be more. With 700,000 current students in Louisiana that comes to 3.5 million dollars per year. If this figure includes all students that total surges to 15 million dollars per year, or roughly the cost of this year’s entire Voucher private school expansion that was recently ruled unconstitutional to fund from the public school MFP formula by Louisiana’s Supreme Court.
  • LDOE has not proposed any specific use for this data, or this 15 million dollar annual expenditure. Wouldn’t this money be better spent on students, pre-k education programs, teaching supplies, professional development, anything else?
  • FERPA was weakened by USED to allow vendors to use data for non-educational purposes. Just as your iPhone terms and conditions change almost daily, so could the terms and conditions under which these vendors operate. They claim they will not share this data initially, but they also indicate they will provide discounts to states that provide date to third party vendors from whom inBloom will “recapture costs.”

    “As a non-profit organization, inBloom is exploring cost recovery partnerships with select vendors, which are contracted by states and districts, for the services that it provides. These recovered costs will ultimately be passed on to participating districts through lower annual fees.”

    (This is fancy schmancy talk for selling your data but instead of money changing hands they will give “discounts” in much the same way sleazy car salesmen and fly-by-night furniture sellers mark up their prices before offering 30-50% discounts on everything in their store!)

But don’t take my word this.  Ask LDOE and BESE at tomorrow’s BESE meeting (June 18th), about what they feel it is necessary to spend upwards of 15 million dollars to endanger your children’s futures and allow the federal government, hackers and pedophiles easy access to your children’s private information and future.  They will tell you to make things easier for school districts to work with 3rd party vendors, they will tell you to take advantage of teacher dashboards not teachers unaffiliated with this administration are asking for, they will tell you this is to take a step into the future.


But I ask you, is this a future you want for yourself or your children and grandchildren?


Where we are nothing more than what our DNA and data says we are?