Following the No Child Left Behind mandate to improve school quality, there has been a growing trend among state departments of education to establish statewide longitudinal databases of personally identifiable information for all K-12 children within a state in order to track progress and change over time. This trend is accompanied by a movement to create uniform data collection systems so that each state’s student data systems are interoperable with one another. This Study examines the privacy concerns implicated by these trends.

The Study reports on the results of a survey of all fifty states and finds that state educational databases across the country ignore key privacy protections for the nation's K-12 children. The Study finds that large amounts of personally identifiable data and sensitive personal information about children are stored by the state departments of education in electronic warehouses or for the states by third party vendors. These data warehouses typically lack adequate privacy protections, such as clear access and use restrictions and data retention policies, are often not compliant with the Family Educational Rights and Privacy Act, and leave K-12 children unprotected from data misuse, improper data release, and data breaches. The Study provides recommendations for best practices and legislative reform to address these privacy problems.