House Committee on Education and Labor
U.S. House of Representatives

Rep. Howard P. “Buck” McKeon
Ranking Member

Fiscally responsible reforms for students, workers and retirees.


February 23, 2010

Letter from Rep. John Kline to Education Secretary Arne Duncan re: Student Privacy

The Honorable Arne Duncan
U.S. Department of Education
400 Maryland Ave., S.W.
Washington, D.C. 20202 

Dear Secretary Duncan: 

As part of what you described as a “cradle to career agenda,” the Department of Education is aggressively moving to expand data systems that collect information on our nation’s students. I am concerned by recent reports that indicate the Department’s hasty pursuit of this goal could compromise student privacy rights. I seek your immediate reassurance that the Department will work within the letter and spirit of federal law by making student privacy the paramount priority in any effort to expand student data collection.

As part of Race to the Top, the Department announced that grant awards will be based, in part, on the willingness of states to expand state-wide longitudinal data systems that include a broad swath of student information. In its announcement, the Department mentioned that you are “particularly interested in applications in which States propose working together to adapt one State’s longitudinal data system so that it may be used, in whole or in part, by one or more States, rather than having each State build or continue building such systems independently.”  

In addition to using states’ willingness to create such an interoperable student database as a criterion for federal funding, the Department is reportedly playing a direct coordinating role in the development of such a multi-jurisdictional database. According to the Council of Chief State School Officers and the State Higher Education Executive Officers, the Department of Education will facilitate the development of model common data standards for a core set of student variables to increase comparability, interoperability, and portability of information among student data systems. 

The Department’s effort to shepherd states toward the creation of a de facto national student database raises serious legal and prudential questions. Congress has never authorized the Department of Education to facilitate the creation of a national student database. To the contrary, Congress explicitly prohibited the “development of a nationwide database of personally identifiable information” under the Elementary and Secondary Education Act (20 U.S.C. §7911) and barred the “development, implementation, or maintenance of a Federal database of personally identifiable information…including a unit record system, an education bar code system, or any other system that tracks individual students over time” under the Higher Education Opportunity Act (20 U.S.C § 1015c) 

A recent study by Fordham Law School’s Center on Law and Information Policy concludes that the Department’s effort to promote interoperability between state student data systems “appears as a backdoor means to create a national database of children’s information without express authority under NCLB to do so.” The study’s authors note, “[T]he lack of a privacy policy debate is a major concern. One would expect the federal government’s role in the interoperable standards to be minimal since NCLB did not authorize a national aggregation of data and interoperability functions to make aggregation and sharing easier.” The Fordham report also raises serious questions about the prudence of pushing states to expand student data systems at a time when existing data systems are highly vulnerable to invasions of student privacy and “do not appear to comply with the privacy requirements of the Family Educational Rights and Privacy Act.”  

Further clouding the Department’s commitment to student privacy, Inside Higher Ed reported earlier this month that the Department’s chief privacy officer, Paul Gammill, was recently fired by Assistant Secretary Carmel Martin after he argued that “the administration was throwing its weight (and money) behind building statewide data systems as an end-around the Congressional ban on a federal system.” Gammill also reportedly warned Department officials that “the requirement that states link their postsecondary data systems to those of state work force agencies violates the federal privacy law as it is currently written.”  

In light of these very serious concerns regarding the impact of the Department’s activities on student privacy protections, I respectfully request that your written responses and all corresponding documents to the enclosed inquiries be sent to my office no later than March 22, 2010. As important as effective research is to successful education reform, student privacy protections must not be forced to take a backseat. The Department of Education may not go it alone in reshaping the balance between protecting student privacy and facilitating education research. Congress must have the final word on such sensitive policy decisions. If you have any questions, please contact Mandy Schaumburg or Kirk Boyle on my staff at (202) 225-4527. Thank you for your prompt attention to this request. 



                                                                        John Kline
                                                                        Senior Republican Member



cc: The Honorable George Miller, Chairman

Enclosure: Information and Documents Requested

Information and Documents Requested 

1)      Please provide a detailed description of all Department of Education activities in coordinating the development of model data standards for K-12 and postsecondary education from January 21, 2009 to the present date, including, but not limited to, collaboration with the Council of Chief State School Officers and the State Higher Education Executive Officers and activities of the National Center for Education Statistics and the Institute of Education Sciences. 

2)      Please describe in detail the Department of Education’s application and enforcement of the Hansen Memorandum’s requirement that disclosures of student information to an “authorized agent” of a State Education Agency under the Family Educational Rights and Privacy Act be limited to agents “under the direct control of that authority, e.g., an employee or a contractor of the authority” from January 21, 2009 to the present date. (See Memorandum of William D. Hansen, Deputy Sec’y of Educ. to the Chief State Sch. Officials (Jan. 30, 2003). 

3)      Please describe in detail the type of student information the Department of Education encourages states to collect, the particular purpose(s) for which the Department encourages the collection of each such data type, the purpose(s) for which the Department seeks to facilitate linking student data systems across state lines, and how such actions comply with the privacy protections in the Family Educational Rights and Privacy Act (20 U.S.C. § 1232g), the Elementary and Secondary Education Act (20 U.S.C. §7911), and the Higher Education Opportunity Act (20 U.S.C § 1015c) 

4)      Please provide any and all Department of Education documents, correspondence, emails, meeting minutes, notes or presentations from January 21, 2009 to the present date, including, but not limited to, communications with any one or more persons that are not employees of the Executive Branch of the United States, concerning any of the following:

a. the development of model data standards for K-12 and postsecondary education; and

b. any proposed additions, changes, or modifications to any regulations or guidance related to or interpreting the Family Education Rights and Privacy Act, including, but not limited to, modifications to permit State Education Agencies to link state education data systems to state workforce agencies.

(Click here for a PDF copy of the letter)