Moving at the Speed of Creativity by Wesley Fryer

Technology in the Schools: Policy, Privacy and Practical Issues for Teachers, IT and Others

My notes from Celynda L. Brasher (an attorney) on “Technology in the Schools: Policy, Privacy and Practical Issues for Teachers, IT and Others” at METC 2007


Did teach 7th and 8th grade students at one time!
– went around and let everyone introduce themselves

Today: the practical legal problems with trying to administer all the positions that the audience is involved with

Overview of today’s session
– appropriate policies
– knowledge of the law
– common sense
– current and developing issues

Often today kids are more than a few steps ahead of educational policies about behavior

First, you need a solid and appropriate AUP
– best people to revise that: the people most familiar with the uses and abuses that the district’s equipment is subject to
– the AUP in 1991 when I left the classroom didn’t even address email use
– within last 4 years, blogs have become an issue
– make sure your AUP addresses whether people can and should do things

Need a policy that applies to students as well as employees
– also consider who else has access and use of your systems, even if they are not
– parent volunteers who many have access to computers
– also members of the board of education
– many districts have special email and access for board members: there are cases where that privilege has been abused, can also be abused by custodians, others
– everyone who has access should sign AUP
– also applies to those who may use computers for evening classes, community events, etc.
– anyone who has permission to use district
– makes it much easier to address abuses

Do staff and students have to sign an AUP every year?
– from a lawyer’s standpoint, the answer is absolutely yes
– because the AUP changes
– it now addresses blogs (or should)
– yes the signature should be on it
– when doing a student discipline hearing, best thing is to see both parent and student signatures

One district Celynda works with gives tests to students over their AUP
– AUP should explicitly indicated that the district has the right to monitor systems
– there is no guarantee for privacy
– need to absolutely serve notice of monitoring
– one of the ways school districts determine inappropriate relationships between students and employees is to monitor communications between students and others
– not big brother watching all the time, it is a mechanism that prevents litigation over whether or not you had the right to monitor communications

Another example: school employee selling

1st Amendment is biggest governing law
– governs what we can do in some cases, esp in public schools
– in private sector, the 1st amendment does not apply at all
– if you are a private school you have a lot more leeway
– not the same kind of 1st Amendment freedom as on the street: student speech can be limited to”establish good order and discipline” within the school
– employee free speech is much more limited today than it was 4 months ago
– in Ceballos speech, if a person is expressing themselves in the context of their job, and they have been told not to, then the employer can limit that
– if the communication has to be with curriculum, district can limit employee

So students don’t have a 1st amendment right to say anything they want on email or use district equipment for whatever they want
– if someone is using equipment to harass anyone else under our custody and control, we have the right to monitor that use, tell them they have lost privileges, and

Student have privacy rights
– example: HIV status of a student emailed to another person, that is an invasion of that person’s privacy (not dafammatory, but viol

Student records protected under state and federal law
– FERPA: Family Educational Rights and Privacy Act governs most student privacy issues
– only the district can decide what is “district info” (usually name and address, sometimes height and weight)
– can be honor rolls
– what can NEVER be revealed: individual grades, disability status, discipline: always private
– 504 students also have extra rights
– HIPPA does not govern student health records, but FERPA does
– beware to not be careless and “reply to all” when you should reply to one

There was a case where Microsoft was coming against a school district for a licensure issue
– Microsoft lawyer did this in the past, and accidentally revealed a confidential source who was a past disgruntled employee
– beware of the REPLY ALL button!
– before email: teachers would routinely (in some cases) leave confidential student information on their desk
– none of these records should EVER be just left around in paper or electronic form

Personnel records
– very sensitive, guard very carefully
– protected under ADA section 4 and Missouri Open Records Act

– new federal rules of civil procedures are YIKES
– school districts get subpoenas for many different reasons
– many school districts don’t understand that subpoenas are MANDATORY
— you have to provide EVERYTHING that is requested, unless your school attorney has the rare opinion and position to quash a subpoenas
— often a building secretary is is the “custodian of records” may think the subpoena means “all the papers”
— that also means ALL THE RECORDS you have, if it is for electronic records you are required to turn all those over
— this is increasingly difficult for a federal case
— people often disregard these because they are too much trouble: sometimes parents know there have been a lot of email communciation and realize the school hasn’t

– if things are subpoenaed, you have to turn it over
– snide comments about kids are totally out of place, esp for email

Story: district doing it’s own special education
– emails about IEP and mother’s desire to come and meet
– someone emailed about a mother being mentally off, hope she gets hit by a truck, etc and more
– the person who reads the date and time and sets the appointment forwards the entire email to the parent, who then gets incensed

I don’t have to make anything up, b/c everything I’m talking about has happened and will happen again
– story of a student charged with making a terrorist threat (but I’d already heard of 2 more of these the same day)

on-site misuse of district equipment: easy to establish authority

If they use remote access to use your equipment, that authority is also easy to establish

offsite use of non-district systems and equipment that has a nexus to the school: much harder
– issue: how big is the connection to school
– how big is the effect / impact of the use

MySpace, YouTube: hate speech
– parents are often up at school asking officials to do something about activities that happen offcampus
– can the school provide consequences for offcampus behavior? My response is: why would you want to? Don’t be involved in what you don’t want to be involved in.

Common sense
– if you are not involved in it, and you shouldn’t be involved in it, don’t be
– otherwise you are going to be the arbiter of all conflicts going on anywhere in the community
– if you don’t involve yourself in a different issue but in others, people can allege gender, ethnic, or age discrimination
– be aware of the CHAIN OF CUSTODY issues: Who took possession of something, the dates/times and locations
— if the district decides to investigate the conduct of a person with respect to their use of a computer, there are rules about your password
— don’t give up your password
— whatever you are investigating for terrorist threats, drug sales, etc – don’t do anything with the data that might cause some to charge that you tampered with the data

Had a big chain of custody issue with law enforcement with hard drive
– law enforcement agency didn’t have a chain of custody record, they hadn’t documented it at all
– to the extent that you can create a chain of custody record for equipment you’re asked to investigate can really help

Working with folks who have a lot less knowledge than you do
– I plead for patience with this group
– don’t hesitate to advise that group: with a form, policy, investigative technique or something else that they are attempting
– give the good advice that you’ve spent years developing

You may be asked to help teachers develop classroom-based sites for instruction
– teachers need to be aware: when they develop websites that permit students to communicate out to the world, there are lots of things to be aware of
– students shouldn’t communicate personal info, access to specific websites should be limited
– ideas put on those sites should not become a fertile ground for predators

Had a case on a blog where a child/student wrote that they had been raped by a teacher
– district investigated in every respect
– turned out that it wasn’t true
– the student had done it in an exercise of free-wheeling imagination
– people can write things in blogs (and do) that are cries for help, like about abuse

Need to address misuse of district equipment by district sabotage (employee sabotage)
– people can do scary things
– logic bombs, data diddling, piggy backing, trojan horses
– need to be not only concerned about data hacking from the outside, but also

Haven’t had a logic bomb bring down an entire network with the district she represents, but have had former employees hack into a district network, access and share

Myspace, Facebook, Xanga: all the different systems
– they can be fun for kids, but kids generally don’t understand the danger of what they are staying
– kids often document trouble they have already been in
– districts need to be CARFUL about using those sites as the basis for discipline
– info on that site may or may not have been put online by the student owning the site (this leads to proof problems, has caused problems in the past when friends have access to the website’s userid and password)

In a case of a true terroristic threat you can get the websites to cooperate with you and find where postings came from, but they won’t do that typically for ordinary discipline or personnel issues
– for crimes, they will cooperate
– when an administrator is trying to discipline based on content posted to social networking sites, beware because originating proof can be hard to get

When you are providing
– is it a criticism of school officials versus threats, discrimination, and harrassment?
– does the posting represent a continuing substantial disruption versus isolated, temporary disruption
– the degree to which disruption is caused by actual content versus the act of bringing the content to the school’s attention

If the student doesn’t post it at school, doesn’t say anything about it at school, then the proximate cause of the disruption is NOT the content on someone’s website
– it can be the student who pointed this out in the library, made a big deal

Can’t have cameras in a locker room
– you’d think that is a no-brainer, but people do set these up
– problem with using cameras in the classroom is you end up with lots of info about student disabilities
– public areas, school-owned technology, student-owned technology possessed or used on school property or at school activities are fine to monitor

Cameras in the classrooms are generally not good ideas, but there are cases when there is 1 child acting out in dangerous ways, and the camera has been used as a deterrent to misbehavior
– cameras can really inhibit the instructional process if it is there all the time
– if you need it for safety, by all means have it
– like an IEP meeting that is recorded: at that point the exercise becomes all about creating a permanent record rather than discussing and doing what is best for the student

High value rooms like computer labs: no problem with putting cameras in there


Can take a phone that has been used to do known misbehavior: taking a picture up a student’s dress, etc but you cannot go through all cell phone pictures with the hope that you’ll find something

If you take a picture with your camera phone of a student selling illegal drugs, that is fine but your phone then becomes evidence and there has to be some way to sort that out
– you are putting yourself in the position of having the student’s criminal attorney inspect, record and make a record of your phone
– so if you don’t want someone inspecting your phone, if you are an eyewitness, I would not sacrifice my personal privacy by making a record of something with

the effect of the new and amended Federal Rules of Civil Procedure:
– Dec of 2006 these rules went into effect
– if you as a district or individual are involved in litigation or you anticipate litigation may ensue, you are required to preserve ALL evidence including electronic evidence that could pertain to that case
– these are the ENRON rules, the direct result
– this means if you have a regular data destruction cycle, then that means you have to STOP your data destruction process immediately when that request for due process happens at a building level
– this applies to EVERYONE, not just public schools

When you send emails you shouldn’t send, the person who is going to nark on you is the person you send it to
– this happens because of the discovery process that happens in legal
– worse trouble can happen for people who commit purjury

organizations have to keep information until litigation is finished, usually is 2.5 years but one case I’m working now is going on for over 4 years
– this is a litigation hold
– only have to keep this information if you have “reasonable anticipation of litigation”

When the appropriate person in the district (not yet defined by the law) has a “reasonable anticipation of litigation” then the district has to put a “litigation hold” on the destruction of relevant information

Law also says attorney with knowledge about the case has to send reminder to organizations every 6 months

story in New York about a harsh judge who punished good faith effort by a school district to bring new info to a judge’s attention after the discovery process was over (Zoobilaki? case)

Organizations should have different rules for destruction of records, student records and 504 records have to be preserved indefinitely
– email can be handled differently, some organizations will destroy every 2 weeks

District employees can archive emails on their own
– for a student claim, the request for a “litigation hold” must cascade throughout the district to all teachers of that student, or who has a level of interaction with the student

“Keyring flash drives are a lawyers nightmare”

School districts as entities and boards have some protection from liability that businesses don’t
– a superintendent or principal who fails to communicate the requirement for a “litigation hold” may have individual liability

Supoenas apply to many types of communication, not just emails

If you take records home, that does not mean they can’t be supoenaed

Remember: “A precaution a day keeps the lawyers away!”

Handout includes great examples

District lost except case 7 on page 4 (Layschock v Hermitage School District)
– difference was that in that case, the student caused a substantial disruption of the school (brought the entire school computer system down for 5 days)
– I’m not saying you can’t ever discipline, but be careful to insure a substantial disruption has occurred

Technorati Tags: , , , ,

If you enjoyed this post and found it useful, subscribe to Wes’ free newsletter. Check out Wes’ video tutorial library, “Playing with Media.” Information about more ways to learn with Dr. Wesley Fryer are available on

On this day..