COPPA and Verifiable Parental Consent

If you’ve spent anytime talking about an iPad deployment, AppleIDs, social media – particularly Facebook, how you can use Evernote (or many other web-based services) with students under the age of 13 you’ve more than likely been confused by COPPA. The Children’s Online Privacy Protect Act is what prohibits student under the age of 13 from using certain online tools and applications and has been a topic I have spent a lot of time on this year.

It started this past summer when I was talking to a friend (@cuevash) at the Laptop Institute about Evernote. and he asked me how we were handling COPPA with our under 13 students and I didn’t have a good answer for him.  It wasn’t something I had considered or, like most, really understood.

This prompted a series of discussions between Reshan Richards (@reshanrichards) and I about what services we were using at our school and which were COPPA complaint, which weren’t and which couldn’t we really make sense of.

Later, while attending the NEIT conference an Mohonk I heard Danah Boyd (@zephoria) talk more on the topic and how COPPA was being interpreted by families and the culture of lying it was engendering.  The discussions continued with more people trying to figure out how to deal with COPPA and still do the things they wanted with their students.

I had the good pleasure of talking personally with Curt Lie­neck (@clieneck) and the with him, Arvind Grover (@arvind), Alex Ragone (@alexragone) and Vin­nie Vrontny (@vvrotny) on EdTechTalk to really try to get a handle on how we were all looking at the issues and problems with the Act.

What we uncovered was that the Act allows parents to provide written consent for their children to use these tools and that the school could upon notify the families that we were using these tools and collecting verifiable parental consent we could register students with these services.

We also spent time working with certain vendors, Evernote in particular, to help come up with language and the process steps to allow students to use these service – THANKS EVERNOTE!

What my school decided was to include with out Admission contracts a letter that must be signed and returned to the school which acts as notification and the verifiable parental consent needed.  We also created a web page the includes information about all of the tool in question including links to their privacy policies and terms of service.

I was even told by an Apple educational representative at a recent conference that this will cover the creation of AppleIDs for students, though according to him Apple legal is working on a COPPA compliant version of the AppleID.

What follows is a copy of the document we include in our contracts.  I offer it as a guide foe you to use with your school, but highly recommend that you have your school administration and attorney(ies) look it over.  I would really like to ask all of you reading this or thinking of using this form to share you thoughts, struggles, ideas and comment here so that we can all learn from one another. THANKS!

 

Dear Parents,

In order for [INSERT SCHOOL NAME] to continue to be able to provide your student with the most effective web-based tools and applications for learning, we need to abide by federal regulations that require a parental signature as outlined below.

[INSERT SCHOOL NAME] utilizes several computer software applications and web-based services, operated not by [INSERT SCHOOL NAME], but by third parties.  These include [LIST SOME EXAMPLES OF SERVICES], and similar educational programs. A complete list of the programs with the privacy policy for each can be found at  [INSERT URL].

In order for our students to use these programs and services, certain personal identifying information, generally the student’s name and email address, must be provided to the web site operator.  Under federal law, these websites must provide parental notification and obtain parental consent before collecting personal information from children under the age of 13.

The law permits schools such as [INSERT SCHOOL NAME] to consent to the collection of personal information on behalf of all of its students, thereby eliminating the need for individual parental consent given directly to the web site operator.

This form will constitute consent for [INSERT SCHOOL NAME] to provide personal identifying information for your child consisting of first name, last name, email address and username to the following web-operators:  [INSERT NAMES OF CURRENT SERVICES] and to the operators of any additional web-based educational programs and services which MKA may add during the upcoming academic year.

Please be advised that without receipt of this signed form, your enrollment package will not be considered complete as [INSERT SCHOOL NAME] will be unable to provide your student (s) with the resources, teaching and curriculum offered by our 1:1 Learning Program.

Student Name:

[STUDENT ID OR OTHER IDENTIFIER]:

Parent/Guardian Name (PLEASE PRINT):

Parent/Guardian Signature:

Date:

 

 

 

 

 

 

About William Stites

Currently the Director of Technology for Montclair Kimberley Academy, occasional consultant, serial volunteer for ATIS, husband, and father to two crazy kids who make me smile everyday.
This entry was posted in Administration & Management, COPPA, EdTech, Teaching & Learning and tagged , , , , . Bookmark the permalink.

16 Responses to COPPA and Verifiable Parental Consent

  1. Richard Kassissieh says:

    Thanks for sharing the language , Bill.

  2. Dmo says:

    Thanks Bill you just saved me a ton of time. I appreciate the share.
    I plan to roll this out via an online form to our parents. We’ve recently adopted an online forms module from inResonance that is great.
    -Demetri

    • Happy to help.  I’d be curious how you obtain parental signatures in an online form.

      • Demetri Orlando says:

        The online form just has standard language “by typing my name in the box below, I indicate my acceptance of the terms above…” and because we provide parents a unique log-in to the system I believe it stands up as verifiable consent.

  3. lloftus says:

    Great wording and a really useful template. Interesting to tie this consent to the enrollment package. Any push-back?

  4. Hey Bill, 

    This may be a elementary question (no pun intended), but I was wondering at what age can children have email addresses? Does the school provide them?  I’m actually a developer working on a platform for kids and we are struggling with how we would register kids under 13.

    Thanks for the advice and nice article!

    stephen

    • Many school assign students email address through their internal systems.  At which point it can be at any age.  The issue with COPPA is with outside service where they are asking for specific information about the students and then what their policies are for using that information. 

      Make sense?

  5. Huge thanks for sharing this resource!  Very helpful way to work around COPPA.

  6. Tom Smith says:

    Hi Bill,
    Thanks for this post. It provides some good thinking and resources as we deal with this issue at our school.

  7. Siobhan Ryan says:

    Is it okay to use this letter as starting point for parental permission?

    • Yes. It is what we (MKA) have used with our families in our Admissions contracts and is something I believe other schools have used as well.

  8. Ted Parker says:

    Totally agree this is a step we need to make. Also totally worried about what happens if/when parent(s) deny consent. Can we really put the brakes on using these tools? Same worry about parents’ concerns with screen time required for academic work. Suspect our schools have to get out ahead of those concerns by initiating these very conversations ourselves.

  9. riptonvineyards says:

    Just reading this post, now, as I find myself in a new position in a district that has not addressed this yet with our youngest learners. Is there anything different you’d suggest now than when you published this post? Thanks in advance and Thanks for this post.

Comments are closed.