Safety And Privacy

Children’s Online Privacy Protection Act (COPPA)
One of the important realities of taking advantage of the wealth of online learning tools available to us and to our students is the Children’s Online Privacy Protection Act (COPPA). This law applies to websites and online services (including mobile apps) and governs the collection and use of personal information from children under 13. When we work with a 3rd party site, we must operate within the constraints of the law.

In many cases, online services comply with the law by explicitly granting school districts the ability to create and manage accounts on behalf of students under age 13; however, many companies do not. The FTC recommends that all websites and online services – particularly those directed to children – post privacy policies online so visitors can easily learn about the operator’s information practices. As a district we work to utilize only sites that follow the COPPA requirements 100%, providing privacy policies that support our protection of online information.

FTC COPPA FAQ https://www.ftc.gov/tips-advice/business-center/guidance/complying-coppa-frequently-asked-questions-0

Student Online Personal Protection Act (SOPPA)
Effective July 1, 2021, school districts will be required by the Student Online Personal Protection Act (SOPPA) to provide additional guarantees that student data is protected when collected by educational technology companies, and that data is used for beneficial purposes only (105 ILCS 85). 

School districts throughout the State of Illinois contract with different educational technology vendors for beneficial K-12 purposes such as providing personalized learning and innovative educational technologies, and increasing efficiency in school operations. Under Illinois’ Student Online Personal Protection Act, or SOPPA (105 ILCS 85/), educational technology vendors and other entities that operate Internet websites, online services, online applications, or mobile applications that are designed, marketed, and primarily used for K-12 school purposes are referred to in SOPPA as operators. SOPPA is intended to ensure that student data collected by operators is protected, and it requires those vendors, as well as school districts and the Ill. State Board of Education, to take a number of actions to protect online student data. Depending upon the particular educational technology being used, our District may need to collect different types of student data, which is then shared with educational technology vendors through their online sites, services, and/or applications. Under SOPPA, educational technology vendors are prohibited from selling or renting a student’s information or from engaging in targeted advertising using a student’s information. Such vendors may only disclose student data for K-12 school purposes and other limited purposes permitted under the law.

Child Internet Protection Act (CIPA)
The school is required by CIPA to have technology measures and policies in place that protect students from harmful materials including those that are obscene and pornographic. This means that student email is filtered. Mail containing harmful content from inappropriate sites will be blocked.
The district uses a content filter (Palo Pato and Bark) which is a cloud based solution that acts as a shield for users on the network.  These server monitor/protection between the Internet and users by blocking access from potentially objectionable or offensive material.  Similar to most content filters, they maintains a list of sites it believes are objectionable and classifies them under different profiles, which often pertain to our students’ grade level/building. 
CIPA - http://fcc.gov/cgb/consumerfacts/cipa.html


Family Educational Rights and Privacy Act (FERPA)
FERPA protects the privacy of student education records and gives parents rights to review student records. Under FERPA, schools may disclose directory information (name, phone, address, grade level, etc...) but parents may request that the school not disclose this information by contacting the main office and changing a permission request form.

The school will not publish confidential education records (grades, student ID #, etc.) for public viewing on the Internet.
The school may publish student work and photos for public viewing but will not publish student last names or other personally identifiable information.
Parents may request that photos, names and general directory information about their children not be published.  For more information on how to do this, contact the main office at info@eps73.net.

Parents have the right at any time to investigate the contents of their child’s email and Apps for Education files.
FERPA - http://www2.ed.gov/policy/gen/guid/fpco/ferpa

Suspicion of Data Breach
Any individual who suspects that a theft, breach or exposure of ESD73 data has occurred should immediately provide a description of what occurred via email to Tech@eps73.net or by calling 847-673-1141 during normal school hours.  This email address and phone number is monitored by the District Technology Department. 
The responding member of the team will escalate as appropriate to management and administration within the district and begin the process to investigate and confirm if a theft, breach or exposure has occurred. If a theft, breach or exposure has occurred, the responsible members will follow the appropriate procedure in place.