College Student’s Privacy at Risk
In October 2011, the personal financial information of thousands of college students was exposed on the U.S. Department of Education’s (DED) loan website. The exposed information included Social Security numbers, loan repayment histories and bank-routing numbers. For a brief time, only 7 minutes, anyone on that website could access this personal information. Although it was only 7 minutes and it only affected students who had borrowed money from the Department of Education, it shows the risk that many college students face.
In October 2011, the personal financial information of thousands of college students was exposed on the U.S. Department of Education’s (DED) loan website. The exposed information included Social Security numbers, loan repayment histories and bank-routing numbers. For a brief time, only 7 minutes, anyone on that website could access this personal information. Although it was only 7 minutes and it only affected students who had borrowed money from the Department of Education, it shows the risk that many college students face.
This exposure shines the light on additional efforts by the DED to gather data on college students. Recent changes to the Family Educational Rights and Privacy Act (FERPA) regulations will give the department additional powers to gather and use student information to track their performance over time.
These new regulations expand the sharing of student individual information. FERPA permits the access of student individual information, with out consent to “authorized representatives” of state or federal education programs. The expansion in the definition of what constitutes a third party is among the important issues to this extra danger of info exposure.
The unfortunate aspect of these new definitions is that the DED doesn’t have control over all of the “authorized representatives”, thus there is an even greater risk that data gathered on college students could be exposed to theft or even more severe, be stolen and used for criminal gain. Simple precautions like hardware authentication can help.
A 2009 study by Fordham Law School’s Center on Law and Info Policy discovered that “privacy protections for the longitudinal databases had been lacking within the majority of states.” The study characterized the privacy protections as “weak.” And in a current post within the Huffington Post it was reported that school districts are collecting student Social Security numbers and not activating sufficient security measures which in turn is top to an improve of incidents of kid identity theft.
The Department of Education’s mishandling of individual student financial information in this newest information breach proves that the public ought to be wary of how the Department will make use of this kind of information within the future and discover out how it safeguards the information that it obtains on students.
Oliver David contributes articles for Lok-it.net and other blogs on topics like usb flash drive reviews.