Skip to main content

Possible Changes to COPPA: Preparing for a New Student Privacy Landscape

The newly proposed changes to the Children’s Online Privacy Protection Act (COPPA) by the Federal Trade Commission seek to codify some best practices to keep student data safe.

The proposed rules may seem daunting for some, but for others, they’ve been doing it for years. We know because they are members of the 1EdTech community. 

Ours is a community that brings both educators and suppliers together to find solutions to privacy and security challenges. We know that, more often than not, when it comes to data privacy, those challenges can range from schools and districts needing to know what questions to ask and suppliers not always realizing what concerns to address. 

So, we combined these two groups to create 1EdTech’s Data Privacy Certification program. The certification follows a rubric created by our members that addresses many of the issues the new COPPA rules address, including targeted ads and mishandling of data, so our districts know who has access to student data and why. It also allows our supplier members to consider what data they actually need and can showcase their commitment to student data privacy.

One thing that can get confusing is that data privacy and cybersecurity are not the same. These regulations cover who has legal access to the information about our kids, not how that information is being secured. That is a different topic for a different day, but of course, an important one. 

That’s also why data privacy regulations are so important. The more people or organizations that have access to data, the more vulnerable it can be, so you need to know who has access to it and why.

Let’s break down some of the biggest changes that will need to be addressed. 

Preparing Your School or District Data Custodian

One of the biggest changes will be giving schools and districts the authority to give third parties access to student data in some circumstances. It’s a big responsibility and one we know districts take seriously. Still, it is unlikely any new positions will be created to fill the role, meaning someone on the district’s already stretched staff will take on that responsibility—someone who may or may not know what to look for. 

For years, 1EdTech and other non-profit organizations have helped districts navigate these challenges and questions. Not only through our rubrics, which can help answer some of the basic questions before educators take the time to dig even deeper, but we can also help train staff on what to look for and what to consider when taking those deeper dives. 

“One thing we recommend is to limit your tools and apps to five or fewer per subject for a district,” said Kevin Lewis, 1EdTech’s Data Privacy Officer. “That gives your teachers the flexibility to find the tools that best serve their learners while ensuring the tools in your classrooms meet your district’s privacy and security standards.”

1EdTech also offers the TrustEd Apps™ Certified Leader (TACL) program to help educators who need to dig deeper into how to find trusted tools that fit a district or school’s individual needs. The program is designed to build knowledge and skills to empower educators to advocate for open, trusted, and effective edtech solutions and design a scalable and responsive digital learning ecosystem that protects data privacy. One pathway to building capacity as a Data Custodian is participating in the upcoming TACL Data Privacy and Accessibility Module being offered on February 29 and March 14

“The TACL module allowed me to go more in-depth into what is required on the backend of approving and vetting tools,” said Justin Keith, Information Security Administrator for Effingham County School District. “Even if you do this every day, there are technical questions you need to ask to ensure you’re making the right decisions for students. The program also helped me to explain the process to my less technical colleagues so they could better understand what we’re doing and why.” 

One of the most important aspects of building cultural and structural foundations for Student Data Privacy is creating the conditions for effective collaboration. Being a member of a community outside of your own district can also prove invaluable to staying on top of any changes that always occur in education technology. 

“1EdTech membership provides the opportunity to network with other members who might see things differently because they have different options or different experiences because of where they are in the US. That has been a very useful aspect for me,” said Leigh Anne Scherer, Director of Technology and Information Services for North Clackamas School District.

More Responsibility on Suppliers

Another change the proposed rules make is to crack down on what data suppliers have access to and how they can use it. 

No one wants to put student data at risk, but in our experience, new or smaller companies sometimes don’t even know they’re doing it. Sometimes, they just have a great idea of how to help educate kids, and they don’t think about a privacy policy because it’s just not on their radar. 

That’s why asking the right questions and knowing what questions educators need answers to are so important. 1EdTech works with suppliers every day to make sure they’re taking those concerns into consideration. More often than not, they are happy to make changes to their privacy policies and work in partnership with educators to take any needed precautions. 

Some data is needed to make tools work for students. It helps personalize learning and send information back to teachers, taking some of the work off of their already full plates. 

The key is understanding the differences, knowing how and why the data is being used, and working in collaboration with edtech suppliers to find solutions that benefit our students. 

One thing suppliers can do to show their commitment to student data privacy is to earn the Data Privacy Certification, which is then shared with the broader edtech community. 

The 1EdTech community is continuing to expand on creating best practices that help power learners' potential beyond data privacy. New self-assessment rubrics on Security Practices, Accessibility, and Generative AI Data will soon be available in the TrustEd Apps Management Suite (TAMS) to help educators make the best decisions for their learners. 

The 1EdTech community is here to support and collaborate with educators and suppliers as they prepare for changes to come so that we can all help power learner potential.

About the Author

Monica Watts

Monica Watts is 1EdTech’s Senior Director of Learning Innovation, providing a voice for K-12 institutions and bringing together technology providers to achieve digital equity and interoperability at scale. Before starting at 1EdTech, Monica had several education roles, including teaching Spanish in High School in Florida and conducting Information Literacy courses as an Academic Librarian in the Engineering and Textiles Library at NCSU. After earning her Master's in Library and Information Science, Monica went to work for the North Carolina State University Library in their Fellows Program. Monica then went to work as VP of Sales for an EdTech supplier. Monica is passionate about helping school districts integrate technology successfully. She graduated from Florida State University and received a Master's in Library and Information Science from the University of South Florida.


Published on 2024-01-17

PUBLISHED ON 2024-01-17

Photo of User
Monica Watts
Senior Director of Learning Innovation
Help us improve the accessibility of this site by emailing recommendations to