Senate Counsel, Research
and Fiscal Analysis
Minnesota Senate Bldg.
95 University Avenue W. Suite 3300
St. Paul, MN 55155
(651) 296-4791
Tom Bottern
Director
   Senate   
State of Minnesota
 
 
 
 
 
S.F. No. 1961 - Student Online Privacy (First Engrossment)
 
Author: Senator Jim Abeler
 
Prepared By: Kathleen Pontius, Senate Counsel (651/296-4394)
Ann Marie Butler, Senate Counsel (651/296-5301)
 
Date: March 28, 2018



 

Section 1. Student online privacy. Provides a cross-reference in the Data Practices Act to the new provisions in section 2.

Section 2. Student Online Privacy.

Subdivision 1. Definitions. Defines “covered information” as personally identifiable information or material, or information that is linked to personally identifiable information or material, in any media or format that is not publicly available. The identifiable information may be:

  1. created by or provided by a student or student’s parent or guardian in the course of the use of the operator’s site, service, or application for school purposes;

  2. created by or provided to an operator by an employee or agent of the school or school district; or

  3. gathered by an operator through the operation of its site, service, or application for school purposes and personally identifies the student.

Defines “interactive computer service” as the meaning given in United States Code, title 47, section 230.

Defines “operator” as the operator of an Internet Web site, online service, online application, or mobile application with actual knowledge that the site, service, or application is used for school purposes and was designed and marketed for school purposes.

Defines “school purposes” as purposes that are directed by or that customarily take place at the direction of a school, teacher, or school district, or aid in the administration of school activities.

Defines “student” as a student in prekindergarten through grade 12.

Defines “targeted advertising” as presenting advertisements to a student where the advertisement is selected based on information obtained or inferred over time from that student’s online behavior, usage of applications, or covered information.

Subdivision 2. Prohibited activities. Prohibits an operator from doing the following:

  1. engaging in targeted advertising on the operator’s site, service, or application or any other site if the targeting of the advertising is based on any information that the operator acquired because of the use of that operator’s site, service, or application for school purposes;

  2. using information created or gathered by the operator’s site, service, or application to amass a profile about a student except in furtherance of school purposes;

  3. sell or rent a student’s information, including covered information;

  4. except as provided in subdivision 4, disclose covered information unless the disclosure is:

    1. in furtherance of the school purpose of the site, service, or application if the recipient of the covered information disclosed under this item does not further disclose the information;

    2. to ensure legal and regulatory compliance or protect against liability;

    3. to response to or participate in the judicial process;

    4. to protect the safety or integrity of users of the site or other or the security of the site, service, or application;

    5. for school, educational, or employment purposes requested by the student or student’s parent or guardian;

    6. to a national assessment provider if the provider secures the express written consent of the student, parent, or guardian given in response to clear and conspicuous notice; or

    7. to a third party, if the operator contractually prohibits the third party from using any covered information for any purpose other than providing the contracted service to or on behalf of the operator and requires the third party to implement and maintain reasonable security procedures and practices.

This subdivision does not prohibit the operator’s use of information for maintaining, developing, supporting, improving, or diagnosing the operator’s site, service, or application.

Subdivision 3. Security procedures and practices. Requires an operator to:

  1. implement reasonable security procedures and practices designed to protect the covered information from unauthorized access, destruction, use, modification, or disclosure; and

  2. delete a student’s covered information if the school or school district requests deletion of covered information under the control of the school district, unless a student, parent, or guardian consents to the maintenance of the covered information.

Subdivision 4. Permissible disclosures. Allows an operator to use or disclose covered information under the following circumstances:

  1. if other provisions of federal or state law require the operator to disclose the information and the operator complies with the requirements in protecting and disclosing that information;

  2. for legitimate research purposes as required by state or federal law and subject to restrictions under the law or as allowed by state or federal law and under the direction of a school, school district, or the Department of Education if covered information is not used for advertising or to amass a profile on the student for purposes other than school purposes; or

  3. to a state or local educational agency for school purposes as permitted by state or federal law.

Subdivision 5. Use of information by operator. This section does not prohibit an operator from doing the following;

  1. using covered information to improve educational products if that information is not associated with an identified student;

  2. using covered information that is not associated with an identified student to demonstrate the effectiveness of the operator’s products or services;

  3. sharing covered information that is not associated with an identified student for the development and improvement of educational sites, services, or applications;

  4. using recommendation engines to recommend to a student either of the following;

    1. additional content relating to an educational, other learning, or employment opportunity purpose within an online site, service, or application if the recommendation is not determined by payment or other consideration from a third party; or

    2. additional services relating to an educational, other learning, or employment opportunity purpose within an online site, service, or application if the recommendation is not determined by payment or other consideration from a third party; or

  5. responding to a student’s request for information or for feedback without the information or purpose being determined by payment or other consideration from a third party.

Subdivision 6. Certain activities not affected. The section does not:

  1. limit the authority of a law enforcement agency to obtain any content or information from an operator as authorized by law or court order;

  2. limit the ability of an operator to use student data for adaptive learning or customized student learning purposes;

  3. apply to general audience Web sites, online services, online applications, or mobile applications even if the login credentials may be used to access those general audience sites, services, or applications;

  4. limit service providers from providing Internet connectivity to schools or students and their families;

  5. prohibit an operator of an Internet Web site, online service, online application, or mobile application from marketing educational products directly to parents if the marketing did not result from the use of covered information obtained by the operator through the services covered under this section;

  6. impose a duty upon a provider of an electronic store, gateway, marketplace, or other means of purchasing or downloading software or applications to review or enforce compliance with this section;

  7. impose a duty upon a provider of an interactive computer services to review or enforce compliance with this section by third-party content providers; or

  8. prohibit students from downloading, exporting, transferring, saving, or maintaining their own student data or documents.

AMB/syl

 
Check on the status of this bill
 
Back to Senate Counsel and Research Bill Summaries page
 

 
This page is maintained by the Office of Senate Counsel, Research, and Fiscal Analysis for the Minnesota Senate.
 
Last review or update: 03/28/2018
 
If you see any errors on this page, please e-mail us at webmaster@senate.mn