Would Prohibit, Among Other Things, School Districts from Retaining Students’ Social Media Data
Assemblyman Mike Gatto has introduced legislation to lessen the chances that government collection of “Big Data” jeopardizes the privacy of citizens. The broad mandate, AB 1442, would strengthen the notice requirements before the government gathers personal data and would require the prompt destruction of personal data when it is collected by a government entity.
“Protection from government intrusion into our personal lives has been a tenet of American liberty since the founding of our republic,” said Gatto. “Whether it is the NSA, a city, or a school district, people have the right to know when, and for how long, the government can gather and keep their personal data before destroying it.”
One aspect of the measure requires that parents be notified when school districts gather information about their children and that any such information be destroyed within one year of the student turning 18 years of age or leaving the district. This provision is in response to concerns expressed by students and parents in the Glendale Unified School District, when it was discovered that the district had hired a company to monitor students’ social-media accounts. Such monitoring raises concerns that pictures and text posted by still young and impressionable students could be stored by private companies, only to be released (or threatened to be released) decades later by a hacker or an unscrupulous employee (perhaps while a former student is engaged in a job search or grad-school application).
“I support Glendale Unified School District’s commitment to preventing cyber-bullying, drug abuse, and other threats to the safety and security of its students,” said Gatto. “But parents and students alike should be given reasonable warning and assurances that information will be properly destroyed after its need has passed.”
The now-outdated Information Practices Act of 1977 set basic rules for California’s maintenance of personal information, to guarantee that agencies protect citizens’ information and their privacy to the greatest extent possible. The Act requires government agencies to keep personal information that is “relevant and necessary to accomplish a purpose of the agency required or authorized by the California Constitution or statute or mandated by the federal government.” AB 1442 adds local agencies to the list of governmental entities governed by the Act, and sets strict rules for data destruction after it has served its necessary and relevant purpose.
“During an era of omnipresent intrusion in our lives and increasingly frequent data breaches, all levels of government must take steps to safeguard our personal information,” said Assemblyman Gatto.